Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6d7c1c-8ebd-4246-83f9-5f3cc318f180/1/3jL0CS0zeIIOG6OfGUVowEGwEd8.roa
File: 3jL0CS0zeIIOG6OfGUVowEGwEd8.roa (raw, json)
Hash identifier: R/d9KWBtQAe3IHn+TDnw2JV5HWvvhbtgtlnciDrVW60=
Subject key identifier: DE:32:F4:09:2D:33:78:82:0E:1B:A3:9F:19:45:68:C0:41:B0:11:DF
Certificate issuer: /CN=0c048b5f815235c393fea761e07eb8b8bbf87fd3
Certificate serial: 018CC5DC1BCF19BDBB59508B1E3A4DDB4D5E
Authority key identifier: 0C:04:8B:5F:81:52:35:C3:93:FE:A7:61:E0:7E:B8:B8:BB:F8:7F:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DASLX4FSNcOT_qdh4H64uLv4f9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/6d7c1c-8ebd-4246-83f9-5f3cc318f180/1/3jL0CS0zeIIOG6OfGUVowEGwEd8.roa
Signing time: Mon 01 Jan 2024 16:29:45 +0000
ROA not before: Mon 01 Jan 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56588
IP address blocks: 46.226.136.0/21 maxlen: 21
2a00:6a00::/29 maxlen: 29
2a00:6a07::/32 maxlen: 32
2a00:6a00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 26 Nov 2024 09:55:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:1b:cf:19:bd:bb:59:50:8b:1e:3a:4d:db:4d:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c048b5f815235c393fea761e07eb8b8bbf87fd3
Validity
Not Before: Jan 1 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de32f4092d3378820e1ba39f194568c041b011df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:70:e9:ad:0f:3d:07:fd:fb:5e:d1:45:09:0f:
00:86:88:0f:6d:e8:65:3e:9c:ac:11:7f:f7:22:1e:
47:51:af:16:03:b6:a1:72:ae:6d:cb:a1:d6:10:42:
5c:99:1b:53:1d:4a:05:d0:e8:d1:d8:a8:3e:60:76:
a5:4e:02:6c:c9:64:61:5a:61:00:70:38:c1:ca:ba:
d9:cc:b2:bd:81:82:e5:42:9b:63:a4:e9:40:b2:44:
37:5c:de:94:b4:47:21:fb:44:42:30:9f:f2:4a:de:
56:d6:b6:c6:a7:d0:62:33:a2:73:46:c6:a1:50:b1:
61:5f:f0:d8:cc:8c:b6:15:be:98:49:08:72:97:71:
47:dc:d0:26:f7:64:d9:c7:54:79:55:59:92:74:17:
46:50:35:39:2b:0d:12:32:89:28:e6:c5:9f:aa:75:
3e:e4:92:bd:c4:47:49:fe:e5:83:8c:26:e3:df:bc:
94:eb:39:07:f8:49:63:98:bb:60:08:5d:34:33:e3:
f9:fc:a5:e9:59:ae:12:d7:40:70:30:72:5e:93:3c:
85:f5:8c:bc:0c:a7:50:2d:3a:c4:eb:47:94:80:24:
ae:0a:32:f3:cb:40:b1:de:9b:ec:ea:70:bb:6c:27:
9e:0e:b4:3c:72:3a:70:52:c9:9c:f0:0e:af:30:e2:
39:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:32:F4:09:2D:33:78:82:0E:1B:A3:9F:19:45:68:C0:41:B0:11:DF
X509v3 Authority Key Identifier:
keyid:0C:04:8B:5F:81:52:35:C3:93:FE:A7:61:E0:7E:B8:B8:BB:F8:7F:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DASLX4FSNcOT_qdh4H64uLv4f9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6d7c1c-8ebd-4246-83f9-5f3cc318f180/1/3jL0CS0zeIIOG6OfGUVowEGwEd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6d7c1c-8ebd-4246-83f9-5f3cc318f180/1/DASLX4FSNcOT_qdh4H64uLv4f9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.136.0/21
IPv6:
2a00:6a00::/29
Signature Algorithm: sha256WithRSAEncryption
98:c0:6e:93:ab:58:15:1e:3e:e5:af:c1:25:ed:36:b7:1f:1a:
84:b1:18:da:68:8e:e2:9a:40:d8:7a:a0:d6:af:2d:86:6b:bb:
42:11:c1:25:3a:f7:3d:94:d9:af:80:58:14:4b:a5:c5:c5:01:
92:c7:47:36:8d:c6:85:c8:a4:d9:e7:3c:f6:5c:ad:11:88:d4:
99:6f:0c:2e:cc:2b:03:5c:53:7b:ed:7e:72:cf:bd:37:24:8f:
a5:3f:66:c6:08:48:05:b0:0b:fd:73:a7:48:f9:66:6a:ab:94:
4c:ff:90:71:0d:2a:6e:53:0d:8d:e2:3a:3b:b0:df:de:c3:c3:
e3:06:17:7f:08:c8:ab:9a:a7:54:94:60:97:f9:5f:8b:a9:25:
20:e1:8b:73:dc:59:fe:ed:0d:cb:77:b1:ee:1c:ab:64:50:bc:
59:72:cf:24:69:d3:60:41:66:ff:8b:96:ed:b4:4e:5f:17:b4:
c2:58:da:3a:fb:6f:52:01:5f:ee:51:e5:ac:a0:91:a9:7d:5f:
da:aa:14:1c:ff:53:d7:18:b9:20:7a:d6:21:c9:f3:eb:0e:c6:
02:d9:77:13:05:80:65:eb:fe:d2:16:cb:44:75:32:b9:f8:21:
31:d6:44:d1:01:59:39:ac:74:ef:ff:b8:0c:ea:60:76:77:45:
39:6b:27:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3BvPGb27WVCLHjpN201eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMDQ4YjVmODE1MjM1YzM5M2ZlYTc2MWUwN2ViOGI4YmJm
ODdmZDMwHhcNMjQwMTAxMTYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTMyZjQwOTJkMzM3ODgyMGUxYmEzOWYxOTQ1NjhjMDQxYjAxMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknDprQ89B/37XtFFCQ8AhogPbehl
PpysEX/3Ih5HUa8WA7ahcq5ty6HWEEJcmRtTHUoF0OjR2Kg+YHalTgJsyWRhWmEA
cDjByrrZzLK9gYLlQptjpOlAskQ3XN6UtEch+0RCMJ/ySt5W1rbGp9BiM6JzRsah
ULFhX/DYzIy2Fb6YSQhyl3FH3NAm92TZx1R5VVmSdBdGUDU5Kw0SMoko5sWfqnU+
5JK9xEdJ/uWDjCbj37yU6zkH+EljmLtgCF00M+P5/KXpWa4S10BwMHJekzyF9Yy8
DKdQLTrE60eUgCSuCjLzy0Cx3pvs6nC7bCeeDrQ8cjpwUsmc8A6vMOI5lQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN4y9AktM3iCDhujnxlFaMBBsBHfMB8GA1UdIwQY
MBaAFAwEi1+BUjXDk/6nYeB+uLi7+H/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREFTTFg0RlNOY09UX3FkaDRINjR1THY0ZjlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZDdjMWMtOGViZC00MjQ2LTgzZjkt
NWYzY2MzMThmMTgwLzEvM2pMMENTMHplSUlPRzZPZkdVVm93RUd3RWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My82ZDdjMWMtOGViZC00MjQ2LTgzZjktNWYzY2MzMThmMTgw
LzEvREFTTFg0RlNOY09UX3FkaDRINjR1THY0ZjlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLuKIMA0E
AgACMAcDBQMqAGoAMA0GCSqGSIb3DQEBCwUAA4IBAQCYwG6Tq1gVHj7lr8El7Ta3
HxqEsRjaaI7imkDYeqDWry2Ga7tCEcElOvc9lNmvgFgUS6XFxQGSx0c2jcaFyKTZ
5zz2XK0RiNSZbwwuzCsDXFN77X5yz703JI+lP2bGCEgFsAv9c6dI+WZqq5RM/5Bx
DSpuUw2N4jo7sN/ew8PjBhd/CMirmqdUlGCX+V+LqSUg4Ytz3Fn+7Q3Ld7HuHKtk
ULxZcs8kadNgQWb/i5bttE5fF7TCWNo6+29SAV/uUeWsoJGpfV/aqhQc/1PXGLkg
etYhyfPrDsYC2XcTBYBl6/7SFstEdTK5+CEx1kTRAVk5rHTv/7gM6mB2d0U5ayf/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:17 2025 by rpki-client