Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/xwjsodCkm0ISJl_iXAnvyO05xDg.roa
File: xwjsodCkm0ISJl_iXAnvyO05xDg.roa (raw, json)
Hash identifier: L89tg4KrR1g03Ci5ZxBhqKG9bbszJpd7+iz4pqpor3Y=
Subject key identifier: C7:08:EC:A1:D0:A4:9B:42:12:26:5F:E2:5C:09:EF:C8:ED:39:C4:38
Certificate issuer: /CN=1fe02dbee62c98f01f20f4770d16a47f79abe32c
Certificate serial: 018CC801B0E7D8A07266590FF17F7E55A5B6
Authority key identifier: 1F:E0:2D:BE:E6:2C:98:F0:1F:20:F4:77:0D:16:A4:7F:79:AB:E3:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-AtvuYsmPAfIPR3DRakf3mr4yw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/xwjsodCkm0ISJl_iXAnvyO05xDg.roa
Signing time: Tue 02 Jan 2024 02:30:03 +0000
ROA not before: Tue 02 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41495
IP address blocks: 46.227.200.0/21 maxlen: 24
185.134.196.0/22 maxlen: 24
2a01:9e00::/29 maxlen: 32
2a01:9e00::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b0:e7:d8:a0:72:66:59:0f:f1:7f:7e:55:a5:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe02dbee62c98f01f20f4770d16a47f79abe32c
Validity
Not Before: Jan 2 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c708eca1d0a49b4212265fe25c09efc8ed39c438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ae:df:b8:e4:07:f2:f5:e8:55:3d:27:2e:0b:
d7:5b:13:41:85:ba:90:a0:40:04:be:f7:20:30:52:
9a:cc:e2:bb:26:53:01:1f:dd:9e:1b:3d:8a:47:62:
d3:18:4a:ce:66:80:09:41:ac:f5:74:5f:14:1f:70:
4a:a5:e6:3f:79:30:e6:0e:e9:6c:9a:ca:62:26:38:
2c:01:50:90:9a:35:05:e8:41:e7:cb:ad:ae:c3:36:
df:dc:39:78:b2:e1:77:51:6a:c2:79:67:3d:82:46:
c2:87:b8:55:a0:6e:a5:a6:2f:82:31:5e:29:db:bc:
bb:5f:75:09:03:31:03:1d:74:d0:28:67:06:10:33:
70:80:0c:45:39:9f:63:de:81:cd:4f:6e:6d:58:04:
a7:db:c2:d1:1d:03:a9:91:3f:08:41:14:3d:2a:79:
b7:ac:4d:71:4b:1a:0e:1f:83:60:36:ff:84:07:9d:
62:2f:b8:5f:eb:28:74:dd:07:55:ec:ff:05:2f:dc:
5b:89:a4:2e:22:f5:9e:70:bb:f2:95:87:13:bf:5b:
72:5f:e9:a3:6a:64:73:db:03:4f:b7:4e:89:47:66:
da:fd:48:e0:c2:b1:a9:e5:07:ef:e9:42:2f:dd:14:
00:51:42:21:0f:19:db:0d:86:cb:19:cf:d9:85:bd:
7a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:08:EC:A1:D0:A4:9B:42:12:26:5F:E2:5C:09:EF:C8:ED:39:C4:38
X509v3 Authority Key Identifier:
keyid:1F:E0:2D:BE:E6:2C:98:F0:1F:20:F4:77:0D:16:A4:7F:79:AB:E3:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-AtvuYsmPAfIPR3DRakf3mr4yw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/xwjsodCkm0ISJl_iXAnvyO05xDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/H-AtvuYsmPAfIPR3DRakf3mr4yw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.200.0/21
185.134.196.0/22
IPv6:
2a01:9e00::/29
Signature Algorithm: sha256WithRSAEncryption
05:e6:d2:2a:cd:7b:94:cd:1c:20:61:e8:78:8a:75:56:38:66:
e5:15:a0:62:5f:af:3b:df:a9:a6:49:0c:e4:00:74:b8:1e:8f:
cd:59:b2:d5:27:62:64:0e:8f:91:b6:35:aa:c2:45:56:ee:17:
a4:96:86:41:a9:2c:43:d5:ac:53:18:e5:f1:07:a7:b1:53:81:
23:a4:7d:50:d9:20:7a:f9:80:78:5b:1f:50:1d:02:56:b6:33:
df:af:cd:a4:ce:bb:69:5c:bf:de:b9:f5:21:64:92:7b:b2:a2:
73:40:ff:2a:7f:c7:1f:d9:68:c6:06:46:b4:e5:57:76:cb:13:
d3:56:99:d6:9b:a2:41:ea:57:47:77:da:36:65:cc:fd:85:50:
27:5a:70:d3:bd:f4:19:30:7a:77:bc:00:a8:bf:99:a9:33:b1:
06:3f:6b:d3:a2:07:32:ad:20:9c:ed:cb:45:a1:b2:4d:dd:f4:
dd:68:a4:04:fe:71:d8:50:58:67:2e:19:b3:cc:25:e3:c9:f8:
91:d5:97:40:2b:93:8b:7d:8b:80:3e:3d:00:95:af:e9:6c:ec:
d4:5d:5f:eb:21:90:31:7b:d9:8d:29:39:e1:4f:ad:97:8d:5c:
61:84:98:c7:be:80:b8:2b:d0:a6:a4:b6:c7:e6:87:15:65:65:
ae:ef:97:54
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAbDn2KByZlkP8X9+VaW2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTAyZGJlZTYyYzk4ZjAxZjIwZjQ3NzBkMTZhNDdmNzlh
YmUzMmMwHhcNMjQwMTAyMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzA4ZWNhMWQwYTQ5YjQyMTIyNjVmZTI1YzA5ZWZjOGVkMzljNDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq7fuOQH8vXoVT0nLgvXWxNBhbqQ
oEAEvvcgMFKazOK7JlMBH92eGz2KR2LTGErOZoAJQaz1dF8UH3BKpeY/eTDmDuls
mspiJjgsAVCQmjUF6EHny62uwzbf3Dl4suF3UWrCeWc9gkbCh7hVoG6lpi+CMV4p
27y7X3UJAzEDHXTQKGcGEDNwgAxFOZ9j3oHNT25tWASn28LRHQOpkT8IQRQ9Knm3
rE1xSxoOH4NgNv+EB51iL7hf6yh03QdV7P8FL9xbiaQuIvWecLvylYcTv1tyX+mj
amRz2wNPt06JR2ba/UjgwrGp5Qfv6UIv3RQAUUIhDxnbDYbLGc/Zhb16nQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMcI7KHQpJtCEiZf4lwJ78jtOcQ4MB8GA1UdIwQY
MBaAFB/gLb7mLJjwHyD0dw0WpH95q+MsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1BdHZ1WXNtUEFmSVBSM0RSYWtmM21yNHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9hMTJhMzAtZDYwZi00MDMyLTg4NjMt
MjEyNTNlYTlmM2E0LzEveHdqc29kQ2ttMElTSmxfaVhBbnZ5TzA1eERnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9hMTJhMzAtZDYwZi00MDMyLTg4NjMtMjEyNTNlYTlmM2E0
LzEvSC1BdHZ1WXNtUEFmSVBSM0RSYWtmM21yNHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLuPIAwQC
uYbEMA0EAgACMAcDBQMqAZ4AMA0GCSqGSIb3DQEBCwUAA4IBAQAF5tIqzXuUzRwg
Yeh4inVWOGblFaBiX68736mmSQzkAHS4Ho/NWbLVJ2JkDo+RtjWqwkVW7hekloZB
qSxD1axTGOXxB6exU4EjpH1Q2SB6+YB4Wx9QHQJWtjPfr82kzrtpXL/eufUhZJJ7
sqJzQP8qf8cf2WjGBka05Vd2yxPTVpnWm6JB6ldHd9o2Zcz9hVAnWnDTvfQZMHp3
vACov5mpM7EGP2vTogcyrSCc7ctFobJN3fTdaKQE/nHYUFhnLhmzzCXjyfiR1ZdA
K5OLfYuAPj0Ala/pbOzUXV/rIZAxe9mNKTnhT62XjVxhhJjHvoC4K9CmpLbH5ocV
ZWWu75dU
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:44:43 2025 by rpki-client