Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/xXY3SrCxUjJI_8IQhXA3J4hCIwM.roa
File: xXY3SrCxUjJI_8IQhXA3J4hCIwM.roa (raw, json)
Hash identifier: altHGx8ArKT17YRwmRr61/hpREUWM3qI6zx9JzhIi6Y=
Subject key identifier: C5:76:37:4A:B0:B1:52:32:48:FF:C2:10:85:70:37:27:88:42:23:03
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01942747CA586597A3D82CCB89D426C761D4
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/xXY3SrCxUjJI_8IQhXA3J4hCIwM.roa
Signing time: Thu 02 Jan 2025 13:50:03 +0000
ROA not before: Thu 02 Jan 2025 13:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60144
IP address blocks: 46.8.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 07:49:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:ca:58:65:97:a3:d8:2c:cb:89:d4:26:c7:61:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 13:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c576374ab0b1523248ffc2108570372788422303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:51:32:e8:ad:fe:79:47:8d:cf:f7:9e:c4:b1:
96:92:1f:ea:40:f1:31:9e:97:e9:47:74:bc:60:3d:
a5:9e:c0:38:e5:94:1a:9b:16:06:2d:d3:4d:4c:9a:
15:95:82:ce:df:1a:09:e9:59:58:25:c1:bd:db:17:
d4:21:1d:9f:98:43:7b:67:59:ca:2a:2d:37:0c:96:
10:f1:be:93:43:28:58:ef:e0:1f:8d:82:15:1d:94:
91:11:f2:3f:40:8a:a4:e4:77:47:32:b8:84:b0:ae:
89:a1:97:f9:6e:f9:5e:d7:bc:b1:74:6c:3b:c9:10:
dd:cf:ae:88:65:a9:03:d9:4e:51:9d:fe:78:f9:7b:
ad:85:21:d5:5f:ec:76:1d:ee:70:3f:70:d6:72:5c:
38:13:7e:49:91:91:c3:c2:25:5b:23:ca:ad:0f:a7:
99:54:09:f5:15:0c:77:55:7c:19:ed:b9:1d:88:5a:
79:41:cc:1c:7b:58:e7:04:d5:0b:32:53:5e:a4:93:
35:5a:77:11:e1:56:8a:86:98:97:05:c9:b3:48:5b:
96:6e:86:8f:eb:e5:52:1d:91:2b:e5:e1:ab:53:57:
d0:e4:b6:ef:53:4b:42:c7:7c:db:59:c3:75:47:6d:
cc:e5:ae:b1:fb:80:5f:95:0a:7e:3f:e2:af:0d:16:
1b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:76:37:4A:B0:B1:52:32:48:FF:C2:10:85:70:37:27:88:42:23:03
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/xXY3SrCxUjJI_8IQhXA3J4hCIwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.190.0/24
Signature Algorithm: sha256WithRSAEncryption
27:8a:10:ac:93:0a:d5:f9:0d:22:1e:3a:3d:a9:a4:88:05:55:
50:0b:68:83:e3:aa:aa:4c:ae:85:f2:14:3e:de:86:9d:a6:4a:
64:e8:4b:90:99:ac:67:74:32:48:d2:ed:2f:30:cd:ef:cf:0c:
d5:d1:5c:03:76:63:26:64:98:ef:37:e3:74:c8:e0:72:e1:95:
c1:24:14:9d:c3:c3:09:31:9b:0a:f5:a6:11:64:20:a5:0e:e1:
bf:24:9f:8b:d6:85:16:eb:c1:16:77:ef:d7:05:9b:7e:5e:4e:
e2:59:b1:a2:35:2f:5a:2d:30:02:4d:08:20:ae:31:7f:5f:7f:
55:88:15:09:bc:96:ea:8a:6e:c4:f2:d1:39:dc:47:b7:ce:bc:
c8:a8:fd:28:7b:fb:89:a4:35:7b:07:3b:b2:e5:92:43:ea:9a:
46:0f:37:52:08:ea:7b:ba:90:81:2c:c6:ab:16:a2:09:f3:95:
65:80:3f:ca:70:d0:3d:f2:a0:1d:72:5f:78:e1:d8:be:0a:33:
ce:27:7a:86:aa:3a:9e:54:7b:c0:2b:ea:ad:b6:5a:bc:7f:e7:
0f:ad:63:9b:c7:8b:9f:1f:0d:d5:1a:a9:7e:64:96:51:3d:5e:
15:d7:ad:b9:9b:95:5e:7e:af:f0:d5:ae:1d:6a:22:d7:63:c8:
85:45:e5:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR8pYZZej2CzLidQmx2HUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwMTAyMTM1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTc2Mzc0YWIwYjE1MjMyNDhmZmMyMTA4NTcwMzcyNzg4NDIyMzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFEy6K3+eUeNz/eexLGWkh/qQPEx
npfpR3S8YD2lnsA45ZQamxYGLdNNTJoVlYLO3xoJ6VlYJcG92xfUIR2fmEN7Z1nK
Ki03DJYQ8b6TQyhY7+AfjYIVHZSREfI/QIqk5HdHMriEsK6JoZf5bvle17yxdGw7
yRDdz66IZakD2U5Rnf54+XuthSHVX+x2He5wP3DWclw4E35JkZHDwiVbI8qtD6eZ
VAn1FQx3VXwZ7bkdiFp5Qcwce1jnBNULMlNepJM1WncR4VaKhpiXBcmzSFuWboaP
6+VSHZEr5eGrU1fQ5LbvU0tCx3zbWcN1R23M5a6x+4BflQp+P+KvDRYbCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMV2N0qwsVIySP/CEIVwNyeIQiMDMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEveFhZM1NyQ3hVakpJXzhJUWhYQTNKNGhDSXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALgi+MA0G
CSqGSIb3DQEBCwUAA4IBAQAnihCskwrV+Q0iHjo9qaSIBVVQC2iD46qqTK6F8hQ+
3oadpkpk6EuQmaxndDJI0u0vMM3vzwzV0VwDdmMmZJjvN+N0yOBy4ZXBJBSdw8MJ
MZsK9aYRZCClDuG/JJ+L1oUW68EWd+/XBZt+Xk7iWbGiNS9aLTACTQggrjF/X39V
iBUJvJbqim7E8tE53Ee3zrzIqP0oe/uJpDV7Bzuy5ZJD6ppGDzdSCOp7upCBLMar
FqIJ85VlgD/KcNA98qAdcl944di+CjPOJ3qGqjqeVHvAK+qttlq8f+cPrWObx4uf
Hw3VGql+ZJZRPV4V1625m5Vefq/w1a4daiLXY8iFReWZ
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:27:18 2025 by rpki-client