Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/14064IMtnS8RIRlDCShepc8OEdg.roa
File: 14064IMtnS8RIRlDCShepc8OEdg.roa (raw, json)
Hash identifier: j2p84Eu+EhLGaaLnVsEeN6XB2lE+hTXyJIveZ+PxvRw=
Subject key identifier: D7:8D:3A:E0:83:2D:9D:2F:11:21:19:43:09:28:5E:A5:CF:0E:11:D8
Certificate issuer: /CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Certificate serial: 018F4C757A4E088AD16A5CB2B958D74F25E2
Authority key identifier: 5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/14064IMtnS8RIRlDCShepc8OEdg.roa
Signing time: Mon 06 May 2024 05:51:58 +0000
ROA not before: Mon 06 May 2024 05:51:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15704
IP address blocks: 46.6.16.0/21 maxlen: 21
46.6.24.0/21 maxlen: 21
46.6.32.0/21 maxlen: 21
46.6.40.0/21 maxlen: 21
46.6.48.0/21 maxlen: 21
46.6.56.0/21 maxlen: 21
109.227.144.0/20 maxlen: 20
178.237.224.0/21 maxlen: 21
178.237.232.0/21 maxlen: 21
185.241.128.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 08 Jul 2024 06:50:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4c:75:7a:4e:08:8a:d1:6a:5c:b2:b9:58:d7:4f:25:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Validity
Not Before: May 6 05:51:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d78d3ae0832d9d2f1121194309285ea5cf0e11d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d0:0c:b6:ff:42:14:d2:53:50:19:df:e5:d4:
0f:62:e4:ac:e2:53:65:d8:ef:49:cc:5e:fd:ca:d7:
bb:e9:4a:a7:c8:a2:29:9b:3d:81:f1:f4:27:3b:a3:
94:18:70:02:e6:a1:a6:1e:df:5b:ca:79:21:31:b6:
af:dc:51:35:b3:66:df:29:65:6d:61:31:03:65:f2:
5e:20:10:75:ba:c6:40:47:3d:6a:c5:b6:4c:8a:69:
a7:f3:6b:c1:9c:23:2d:2f:9a:e1:eb:f7:16:95:b8:
27:56:15:62:7f:8d:15:84:2d:62:c3:82:d9:49:7b:
e6:0f:11:85:32:06:10:cf:e2:42:1e:28:a6:b1:91:
18:eb:ac:7b:50:f6:52:3c:50:81:74:08:36:62:87:
8c:da:66:8b:aa:e0:db:c9:68:1d:d8:dd:27:fa:9d:
02:f0:c4:68:e8:68:83:58:07:be:73:77:6e:40:19:
f1:96:db:be:b2:d8:61:96:e6:35:a0:f6:c9:37:f6:
26:43:47:dc:00:84:1c:4b:d7:3d:aa:a9:ab:a9:db:
63:35:ed:e8:f5:34:e9:41:6b:05:1d:4c:41:0f:7d:
f9:23:26:d7:82:18:f2:d9:9d:49:c2:8f:b2:0b:5a:
56:9b:95:e8:14:0d:86:2c:7c:af:6f:6a:93:8c:20:
e4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:8D:3A:E0:83:2D:9D:2F:11:21:19:43:09:28:5E:A5:CF:0E:11:D8
X509v3 Authority Key Identifier:
keyid:5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/14064IMtnS8RIRlDCShepc8OEdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.6.16.0-46.6.63.255
109.227.144.0/20
178.237.224.0/20
185.241.128.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:0d:d0:f6:0f:fa:65:ac:21:71:2f:f5:fd:4b:33:9e:29:a7:
25:66:8c:84:ad:71:45:b3:27:27:b5:b0:80:0f:85:78:a4:c4:
a4:88:1b:8f:e3:46:25:51:e3:d6:e0:65:51:b1:4a:81:a0:bc:
97:d3:6c:6f:0f:9b:91:cb:cc:89:90:a6:a2:91:7b:7f:1d:56:
24:16:4f:01:f8:a6:89:60:06:de:52:20:27:89:29:fc:f5:82:
c2:2d:f1:6a:17:eb:a3:0f:4a:0c:23:34:76:06:28:b4:b6:62:
12:d6:9c:d4:4d:30:ef:3e:83:4f:93:a9:9b:4d:cd:3d:48:7d:
32:a9:db:48:86:3b:ff:37:9c:b0:04:a4:87:90:dc:fd:64:49:
f4:6d:94:94:81:2f:0a:c3:73:8b:2d:f4:66:2a:3a:00:0a:cc:
d0:cf:1c:54:17:e3:fe:50:ae:0e:e1:65:3f:da:7f:05:1b:22:
be:b6:79:2c:9c:5d:65:9b:87:85:79:c7:24:12:3d:dd:28:21:
32:b0:54:67:83:0f:9b:52:16:25:a1:ff:af:f8:ce:5d:e1:b9:
e4:8d:13:42:24:7c:4e:f4:76:81:b4:68:95:fe:c5:78:c8:29:
d1:a9:ea:f2:31:9b:9d:10:ab:0a:69:7d:c5:90:f2:88:73:6b:
e6:ee:78:56
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY9MdXpOCIrRalyyuVjXTyXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOTM5YjBjZWQzOGQ3NWNjNjNlZDUwZDZlNWNlNzJiYmI1
YjRiMTAwHhcNMjQwNTA2MDU1MTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzhkM2FlMDgzMmQ5ZDJmMTEyMTE5NDMwOTI4NWVhNWNmMGUxMWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9AMtv9CFNJTUBnf5dQPYuSs4lNl
2O9JzF79yte76UqnyKIpmz2B8fQnO6OUGHAC5qGmHt9bynkhMbav3FE1s2bfKWVt
YTEDZfJeIBB1usZARz1qxbZMimmn82vBnCMtL5rh6/cWlbgnVhVif40VhC1iw4LZ
SXvmDxGFMgYQz+JCHiimsZEY66x7UPZSPFCBdAg2YoeM2maLquDbyWgd2N0n+p0C
8MRo6GiDWAe+c3duQBnxltu+sthhluY1oPbJN/YmQ0fcAIQcS9c9qqmrqdtjNe3o
9TTpQWsFHUxBD335IybXghjy2Z1Jwo+yC1pWm5XoFA2GLHyvb2qTjCDkhQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNeNOuCDLZ0vESEZQwkoXqXPDhHYMB8GA1UdIwQY
MBaAFFqTmwztONdcxj7VDW5c5yu7W0sQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgt
ZDYwYjNiNmNjYTZlLzEvMTQwNjRJTXRuUzhSSVJsRENTaGVwYzhPRWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgtZDYwYjNiNmNjYTZl
LzEvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAQuBhAD
BAYuBgADBARt45ADBASy7eADBAK58YAwDQYJKoZIhvcNAQELBQADggEBAH4N0PYP
+mWsIXEv9f1LM54ppyVmjIStcUWzJye1sIAPhXikxKSIG4/jRiVR49bgZVGxSoGg
vJfTbG8Pm5HLzImQpqKRe38dViQWTwH4polgBt5SICeJKfz1gsIt8WoX66MPSgwj
NHYGKLS2YhLWnNRNMO8+g0+TqZtNzT1IfTKp20iGO/83nLAEpIeQ3P1kSfRtlJSB
LwrDc4st9GYqOgAKzNDPHFQX4/5Qrg7hZT/afwUbIr62eSycXWWbh4V5xyQSPd0o
ITKwVGeDD5tSFiWh/6/4zl3hueSNE0IkfE70doG0aJX+xXjIKdGp6vIxm50Qqwpp
fcWQ8ohza+bueFY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:50 2025 by rpki-client