Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/o0VlKf1sqzDqSMMewL04r-PRZUY.roa
File: o0VlKf1sqzDqSMMewL04r-PRZUY.roa (raw, json)
Hash identifier: sAymqNRBwt+0nIV1swSm2GVypGk6OdfXc6BLPJpWR+k=
Subject key identifier: A3:45:65:29:FD:6C:AB:30:EA:48:C3:1E:C0:BD:38:AF:E3:D1:65:46
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018EE1C1EE603367180B49CEA1A7A4D4F1F8
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/o0VlKf1sqzDqSMMewL04r-PRZUY.roa
Signing time: Mon 15 Apr 2024 12:36:06 +0000
ROA not before: Mon 15 Apr 2024 12:36:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.20.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Apr 2024 07:32:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:c1:ee:60:33:67:18:0b:49:ce:a1:a7:a4:d4:f1:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Apr 15 12:36:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3456529fd6cab30ea48c31ec0bd38afe3d16546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:56:9d:fe:42:e7:04:84:00:9b:c1:cf:d6:04:
32:bf:7e:ae:da:9c:fe:ba:74:7e:38:08:ed:b3:0b:
d8:a4:31:f3:d1:09:f8:5d:e2:46:19:1e:28:5c:ed:
31:37:4f:49:b4:ae:fc:2f:ef:76:ad:4f:7a:4c:ef:
60:4b:54:94:38:2b:79:4d:56:1d:c1:04:8f:5a:68:
70:78:5b:10:27:de:27:c1:a8:84:a9:58:d1:7d:66:
8f:4a:76:ad:94:9d:2b:94:12:ff:22:32:63:9f:da:
78:26:60:63:1b:61:72:ee:c8:fb:b1:35:98:96:a2:
55:d1:b9:ee:d0:6b:91:4d:66:d5:f6:e3:c9:93:a2:
d9:e1:ed:d9:16:e8:b5:d7:ef:61:c7:e4:ab:1f:15:
0c:e6:2f:3f:9c:a7:96:0c:e5:9c:e2:72:18:fd:0f:
ca:f3:f7:60:ad:17:e4:b2:d1:29:9c:64:62:28:98:
ce:45:7f:d7:8b:4e:4e:e2:7d:e1:61:43:8e:ba:5a:
7e:23:01:58:aa:c0:83:db:22:c4:e1:f7:6b:56:4d:
9c:8f:ab:ef:50:a4:15:75:80:aa:ce:c8:5a:98:65:
00:d5:34:57:fe:68:29:2c:68:19:f6:af:78:ab:6a:
4e:f7:19:3e:0d:ca:08:b4:1f:0d:32:2f:ff:2d:be:
31:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:45:65:29:FD:6C:AB:30:EA:48:C3:1E:C0:BD:38:AF:E3:D1:65:46
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/o0VlKf1sqzDqSMMewL04r-PRZUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.99.0/24
Signature Algorithm: sha256WithRSAEncryption
03:6c:03:ae:f4:cf:a9:7f:d5:14:47:a9:59:b3:4c:d5:4f:a7:
50:c8:14:bb:6f:40:7d:d7:80:14:29:ca:c9:fe:f2:03:87:2d:
c9:6d:bb:f5:9f:80:42:4b:8b:42:15:a3:c0:16:52:99:fa:11:
5f:40:44:03:f9:9e:1d:d5:5d:86:9b:53:e4:d6:72:dd:c9:77:
26:da:95:a0:62:f3:8c:ec:1c:f1:70:35:a5:2b:c7:3e:9f:d7:
3e:d1:1e:87:88:19:0f:11:f5:d2:d7:62:d7:2b:61:e8:9d:1e:
26:bd:ff:de:de:96:09:af:41:ba:46:0e:9d:64:80:54:76:02:
a4:73:21:83:d4:20:38:87:f1:2b:64:97:26:4d:c0:d0:42:2d:
0d:cc:b1:a0:3f:fd:f6:07:e7:24:a9:65:fd:d9:2e:0a:30:f6:
cf:d1:49:a2:34:83:95:26:76:ce:a0:c7:a0:60:65:76:3c:0e:
fa:96:27:6b:19:3c:48:6b:e3:de:e3:44:88:09:f9:dd:15:e7:
3f:86:d9:22:4e:b2:47:96:36:e1:47:6b:6a:2c:f4:19:e9:e2:
00:ec:b9:37:82:30:ae:bf:c1:5e:c1:20:bc:f2:e7:9a:b4:c2:
15:ce:59:78:b4:ee:95:b6:f2:d6:cb:76:14:29:c4:14:6b:bb:
80:e7:6d:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7hwe5gM2cYC0nOoaek1PH4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwNDE1MTIzNjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQ1NjUyOWZkNmNhYjMwZWE0OGMzMWVjMGJkMzhhZmUzZDE2NTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVad/kLnBIQAm8HP1gQyv36u2pz+
unR+OAjtswvYpDHz0Qn4XeJGGR4oXO0xN09JtK78L+92rU96TO9gS1SUOCt5TVYd
wQSPWmhweFsQJ94nwaiEqVjRfWaPSnatlJ0rlBL/IjJjn9p4JmBjG2Fy7sj7sTWY
lqJV0bnu0GuRTWbV9uPJk6LZ4e3ZFui11+9hx+SrHxUM5i8/nKeWDOWc4nIY/Q/K
8/dgrRfkstEpnGRiKJjORX/Xi05O4n3hYUOOulp+IwFYqsCD2yLE4fdrVk2cj6vv
UKQVdYCqzshamGUA1TRX/mgpLGgZ9q94q2pO9xk+DcoItB8NMi//Lb4xSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKNFZSn9bKsw6kjDHsC9OK/j0WVGMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvbzBWbEtmMXNxekRxU01NZXdMMDRyLVBSWlVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhRjMA0G
CSqGSIb3DQEBCwUAA4IBAQADbAOu9M+pf9UUR6lZs0zVT6dQyBS7b0B914AUKcrJ
/vIDhy3Jbbv1n4BCS4tCFaPAFlKZ+hFfQEQD+Z4d1V2Gm1Pk1nLdyXcm2pWgYvOM
7BzxcDWlK8c+n9c+0R6HiBkPEfXS12LXK2HonR4mvf/e3pYJr0G6Rg6dZIBUdgKk
cyGD1CA4h/ErZJcmTcDQQi0NzLGgP/32B+ckqWX92S4KMPbP0UmiNIOVJnbOoMeg
YGV2PA76lidrGTxIa+Pe40SICfndFec/htkiTrJHljbhR2tqLPQZ6eIA7Lk3gjCu
v8FewSC88ueatMIVzll4tO6VtvLWy3YUKcQUa7uA523M
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:23:11 2025 by rpki-client