Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/w9sT9fWtLMef97RTu14H7nDsNsg.roa
File: w9sT9fWtLMef97RTu14H7nDsNsg.roa (raw, json)
Hash identifier: nVR7HSXNeXKjYaCldvpJQ/7UzqqdUdetWImjrxalp8c=
Subject key identifier: C3:DB:13:F5:F5:AD:2C:C7:9F:F7:B4:53:BB:5E:07:EE:70:EC:36:C8
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018CCE971A948D4839453FF0473483773235
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/w9sT9fWtLMef97RTu14H7nDsNsg.roa
Signing time: Wed 03 Jan 2024 09:10:58 +0000
ROA not before: Wed 03 Jan 2024 09:10:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42689
IP address blocks: 46.20.108.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
46.20.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 19:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:97:1a:94:8d:48:39:45:3f:f0:47:34:83:77:32:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jan 3 09:10:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3db13f5f5ad2cc79ff7b453bb5e07ee70ec36c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:24:28:d4:d8:95:2c:7e:b1:7d:c3:bf:05:0f:
c8:db:bf:b1:54:1c:0d:f5:2e:31:f8:ef:7c:3e:08:
3f:e6:d5:22:0e:ad:55:3e:bb:46:91:31:0b:ff:52:
24:75:2c:88:25:65:d2:7c:9f:ba:4b:b1:b2:69:e1:
9b:19:f8:b5:d8:fa:85:43:37:db:0e:31:be:ae:9d:
47:4e:16:15:c4:a9:80:25:7f:33:e7:6c:8b:71:ef:
81:e3:68:5c:80:dd:e8:67:02:6b:7d:b3:7f:89:d2:
8b:df:d5:30:4b:50:d1:c4:67:9e:43:cb:ca:be:e4:
c4:12:e7:42:b2:47:92:57:5d:b9:6a:8b:a1:cb:f4:
6b:38:d3:1e:54:f0:f9:ec:31:b3:28:cd:18:b9:6d:
70:a6:40:ff:e4:57:7a:6c:a4:9b:79:d5:0d:61:53:
0d:d4:41:68:c7:0b:5d:25:73:bb:5b:08:3e:d0:36:
2d:0f:97:71:20:41:59:8b:34:37:ea:af:94:9b:b1:
0c:8c:60:11:de:79:7e:f0:c3:91:c5:5c:49:87:52:
f2:25:d5:4e:64:7d:da:5c:0e:0e:2e:62:48:1b:dd:
0c:9c:5c:24:f5:bb:ac:ae:08:8d:a4:17:9c:0d:3c:
a4:09:ce:cb:03:04:ab:56:1d:78:65:a7:49:aa:d9:
66:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:DB:13:F5:F5:AD:2C:C7:9F:F7:B4:53:BB:5E:07:EE:70:EC:36:C8
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/w9sT9fWtLMef97RTu14H7nDsNsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.101.0/24
46.20.108.0/24
46.20.110.0/24
Signature Algorithm: sha256WithRSAEncryption
10:b8:eb:59:c5:4c:b9:ae:10:14:94:ee:d4:8c:69:f7:37:29:
d7:b2:6b:58:2f:90:6c:29:2c:9e:13:bc:98:4a:db:55:f9:98:
da:2c:a1:c6:61:ad:f0:07:f7:af:c5:e4:48:2c:42:fb:7f:3d:
b3:2e:1f:d4:3b:4d:22:87:15:32:3d:b1:39:38:08:2f:b3:8f:
07:e3:71:f3:a6:f0:49:bb:30:8d:f5:34:c7:5d:f3:de:12:bb:
f5:61:6e:f0:34:bd:f5:17:b8:b6:ac:56:4d:f9:7c:0b:31:10:
0c:e8:b4:df:b4:15:5a:e1:28:14:a7:a6:f9:ec:cb:a3:63:e1:
6d:1e:e4:60:f5:23:d8:1f:02:e5:1c:4a:bd:f6:6c:5d:71:3e:
0b:6d:1e:af:fb:a3:99:44:c2:36:60:95:2b:5d:5d:24:84:7a:
31:78:c9:f1:65:0c:74:48:68:fb:1c:1d:2e:ac:aa:86:bd:29:
e0:cf:e0:9b:ea:41:fe:46:bd:df:9e:13:cf:42:db:6e:3d:3d:
b3:99:60:64:71:67:a8:80:47:14:69:47:c0:87:2f:fa:fe:f4:
3a:97:42:a5:db:40:79:7e:40:d1:2f:c2:7a:b5:4b:cc:ba:95:
4d:4d:f4:ca:87:e6:f5:3f:70:02:d7:54:e1:65:a7:8e:79:20:
a1:fa:05:5f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzOlxqUjUg5RT/wRzSDdzI1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwMTAzMDkxMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2RiMTNmNWY1YWQyY2M3OWZmN2I0NTNiYjVlMDdlZTcwZWMzNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSQo1NiVLH6xfcO/BQ/I27+xVBwN
9S4x+O98Pgg/5tUiDq1VPrtGkTEL/1IkdSyIJWXSfJ+6S7GyaeGbGfi12PqFQzfb
DjG+rp1HThYVxKmAJX8z52yLce+B42hcgN3oZwJrfbN/idKL39UwS1DRxGeeQ8vK
vuTEEudCskeSV125aouhy/RrONMeVPD57DGzKM0YuW1wpkD/5Fd6bKSbedUNYVMN
1EFoxwtdJXO7Wwg+0DYtD5dxIEFZizQ36q+Um7EMjGAR3nl+8MORxVxJh1LyJdVO
ZH3aXA4OLmJIG90MnFwk9busrgiNpBecDTykCc7LAwSrVh14ZadJqtlm9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMPbE/X1rSzHn/e0U7teB+5w7DbIMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvdzlzVDlmV3RMTWVmOTdSVHUxNEg3bkRzTnNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALhRlAwQA
LhRsAwQALhRuMA0GCSqGSIb3DQEBCwUAA4IBAQAQuOtZxUy5rhAUlO7UjGn3NynX
smtYL5BsKSyeE7yYSttV+ZjaLKHGYa3wB/evxeRILEL7fz2zLh/UO00ihxUyPbE5
OAgvs48H43HzpvBJuzCN9TTHXfPeErv1YW7wNL31F7i2rFZN+XwLMRAM6LTftBVa
4SgUp6b57MujY+FtHuRg9SPYHwLlHEq99mxdcT4LbR6v+6OZRMI2YJUrXV0khHox
eMnxZQx0SGj7HB0urKqGvSngz+Cb6kH+Rr3fnhPPQttuPT2zmWBkcWeogEcUaUfA
hy/6/vQ6l0Kl20B5fkDRL8J6tUvMupVNTfTKh+b1P3AC11ThZaeOeSCh+gVf
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:17:50 2025 by rpki-client