Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/e795a2-1400-493e-8058-487da9354a65/1/ayFnHfAcgYA1IQ3DqeCtVAs4peI.roa
File: ayFnHfAcgYA1IQ3DqeCtVAs4peI.roa (raw, json)
Hash identifier: iVkeDgUm2GHTcocGoK7LHKMk0DF/ngoPXGELr1scBd8=
Subject key identifier: 6B:21:67:1D:F0:1C:81:80:35:21:0D:C3:A9:E0:AD:54:0B:38:A5:E2
Certificate issuer: /CN=c26c499246d812e52ecba7b7f55e26edaef5346e
Certificate serial: 018CC3B68125CC010F65DDE681C6299204F5
Authority key identifier: C2:6C:49:92:46:D8:12:E5:2E:CB:A7:B7:F5:5E:26:ED:AE:F5:34:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wmxJkkbYEuUuy6e39V4m7a71NG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/e795a2-1400-493e-8058-487da9354a65/1/ayFnHfAcgYA1IQ3DqeCtVAs4peI.roa
Signing time: Mon 01 Jan 2024 06:29:26 +0000
ROA not before: Mon 01 Jan 2024 06:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56404
IP address blocks: 46.175.165.0/24 maxlen: 24
46.175.161.0/24 maxlen: 24
46.175.162.0/24 maxlen: 24
46.175.163.0/24 maxlen: 24
46.175.166.0/24 maxlen: 24
46.175.164.0/24 maxlen: 24
46.175.160.0/24 maxlen: 24
46.175.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:81:25:cc:01:0f:65:dd:e6:81:c6:29:92:04:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c26c499246d812e52ecba7b7f55e26edaef5346e
Validity
Not Before: Jan 1 06:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b21671df01c818035210dc3a9e0ad540b38a5e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d2:09:20:02:cd:d0:79:40:01:7d:d7:d0:b1:
55:15:96:c2:5a:86:ae:03:e5:cb:06:2f:2f:a5:bc:
2f:f9:94:65:04:83:7a:2a:6f:cf:82:6f:42:5a:85:
c8:03:b4:e5:bf:1e:fc:e8:33:90:01:fc:70:40:94:
19:c9:91:78:8a:55:f9:a1:d9:39:3b:90:0e:6b:c7:
a1:05:dd:66:4f:b4:f4:7f:59:47:cd:50:f2:72:12:
a8:63:c7:80:ea:60:20:42:54:bd:62:e9:4b:67:2c:
8d:a2:61:08:b4:b9:9b:70:d8:99:99:59:89:18:92:
b1:6f:d6:4c:6f:31:c9:00:5e:c9:35:c5:19:e4:40:
2d:a2:1b:75:be:70:18:52:60:0d:c7:71:9f:50:6b:
5f:0a:1b:0b:bb:34:57:af:fe:d0:c6:93:3b:5d:d1:
1b:4b:68:fb:fd:20:19:e1:86:2b:ff:27:3b:a7:13:
61:de:22:10:d2:e0:f1:73:b5:f1:7d:a5:95:55:d9:
09:88:b7:f2:77:b8:0d:96:0b:99:c5:94:1f:5d:e7:
28:8a:fb:96:ac:33:13:80:06:e9:65:5e:b2:7d:b8:
05:96:c3:6d:3c:9f:dc:e3:9f:55:57:1f:2c:9b:cc:
63:5a:31:6f:80:7a:a1:d1:7a:8c:0b:51:e4:08:00:
5f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:21:67:1D:F0:1C:81:80:35:21:0D:C3:A9:E0:AD:54:0B:38:A5:E2
X509v3 Authority Key Identifier:
keyid:C2:6C:49:92:46:D8:12:E5:2E:CB:A7:B7:F5:5E:26:ED:AE:F5:34:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wmxJkkbYEuUuy6e39V4m7a71NG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/e795a2-1400-493e-8058-487da9354a65/1/ayFnHfAcgYA1IQ3DqeCtVAs4peI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/e795a2-1400-493e-8058-487da9354a65/1/wmxJkkbYEuUuy6e39V4m7a71NG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.160.0/21
Signature Algorithm: sha256WithRSAEncryption
11:1d:6e:c2:cf:9a:73:26:a3:e8:ec:a4:f1:66:3f:79:9d:23:
a1:08:f1:c6:01:58:9c:07:3d:c7:98:66:01:15:6d:31:10:2a:
ec:c5:2e:65:77:c3:99:5f:5c:af:85:61:67:b2:38:b3:54:6b:
d6:33:82:a3:da:86:91:76:30:3c:da:42:82:8d:2f:e2:74:9c:
b7:61:be:e8:f2:73:ff:3e:74:f4:ee:89:43:af:48:2f:ce:60:
bf:09:26:4d:10:6c:24:2a:66:b6:09:02:53:d0:f5:66:a9:6a:
7d:9d:bd:10:43:f8:53:b9:cb:92:dd:5a:78:56:9f:83:77:47:
54:18:15:1c:72:0a:24:60:5a:ec:ea:0a:ab:d9:38:b9:b7:f5:
3d:af:f5:e5:4a:ee:0f:27:b9:9e:30:bc:dc:2d:36:c7:da:54:
4a:8f:6a:3b:9f:e1:9a:63:e0:d1:c0:df:11:39:32:c0:9c:11:
8e:82:d8:8c:c5:b5:4b:2a:de:39:4f:ef:2f:1d:e1:e3:dd:bc:
d7:bc:23:f3:b0:69:e6:94:4c:df:20:02:0e:7a:ae:5b:51:51:
64:31:a2:e3:14:f4:bc:ab:00:2a:af:37:cc:ac:48:15:87:f9:
16:3c:39:5a:70:b9:49:24:a8:3a:3f:20:23:85:e0:52:0a:67:
2f:17:24:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtoElzAEPZd3mgcYpkgT1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNmM0OTkyNDZkODEyZTUyZWNiYTdiN2Y1NWUyNmVkYWVm
NTM0NmUwHhcNMjQwMTAxMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjIxNjcxZGYwMWM4MTgwMzUyMTBkYzNhOWUwYWQ1NDBiMzhhNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtIJIALN0HlAAX3X0LFVFZbCWoau
A+XLBi8vpbwv+ZRlBIN6Km/Pgm9CWoXIA7Tlvx786DOQAfxwQJQZyZF4ilX5odk5
O5AOa8ehBd1mT7T0f1lHzVDychKoY8eA6mAgQlS9YulLZyyNomEItLmbcNiZmVmJ
GJKxb9ZMbzHJAF7JNcUZ5EAtoht1vnAYUmANx3GfUGtfChsLuzRXr/7QxpM7XdEb
S2j7/SAZ4YYr/yc7pxNh3iIQ0uDxc7XxfaWVVdkJiLfyd7gNlguZxZQfXecoivuW
rDMTgAbpZV6yfbgFlsNtPJ/c459VVx8sm8xjWjFvgHqh0XqMC1HkCABfLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGshZx3wHIGANSENw6ngrVQLOKXiMB8GA1UdIwQY
MBaAFMJsSZJG2BLlLsunt/VeJu2u9TRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd214SmtrYllFdVV1eTZlMzlWNG03YTcxTkc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9lNzk1YTItMTQwMC00OTNlLTgwNTgt
NDg3ZGE5MzU0YTY1LzEvYXlGbkhmQWNnWUExSVEzRHFlQ3RWQXM0cGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9lNzk1YTItMTQwMC00OTNlLTgwNTgtNDg3ZGE5MzU0YTY1
LzEvd214SmtrYllFdVV1eTZlMzlWNG03YTcxTkc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLq+gMA0G
CSqGSIb3DQEBCwUAA4IBAQARHW7Cz5pzJqPo7KTxZj95nSOhCPHGAVicBz3HmGYB
FW0xECrsxS5ld8OZX1yvhWFnsjizVGvWM4Kj2oaRdjA82kKCjS/idJy3Yb7o8nP/
PnT07olDr0gvzmC/CSZNEGwkKma2CQJT0PVmqWp9nb0QQ/hTucuS3Vp4Vp+Dd0dU
GBUccgokYFrs6gqr2Ti5t/U9r/XlSu4PJ7meMLzcLTbH2lRKj2o7n+GaY+DRwN8R
OTLAnBGOgtiMxbVLKt45T+8vHeHj3bzXvCPzsGnmlEzfIAIOeq5bUVFkMaLjFPS8
qwAqrzfMrEgVh/kWPDlacLlJJKg6PyAjheBSCmcvFyTV
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:31 2025 by rpki-client