Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/THNBslYq_Wqs5A9lvZgBDnj60EA.roa
File: THNBslYq_Wqs5A9lvZgBDnj60EA.roa (raw, json)
Hash identifier: SVA2CmP/C1FaV01H2iLx4Uy7sm4v0K8pZvi/TheFSu8=
Subject key identifier: 4C:73:41:B2:56:2A:FD:6A:AC:E4:0F:65:BD:98:01:0E:78:FA:D0:40
Certificate issuer: /CN=707af45346f06b622a0ebbb4ff9ba33be6f42f1e
Certificate serial: 018CC3B6C98D2EA9A90289FF0012A5523A8E
Authority key identifier: 70:7A:F4:53:46:F0:6B:62:2A:0E:BB:B4:FF:9B:A3:3B:E6:F4:2F:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHr0U0bwa2IqDru0_5ujO-b0Lx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/THNBslYq_Wqs5A9lvZgBDnj60EA.roa
Signing time: Mon 01 Jan 2024 06:29:45 +0000
ROA not before: Mon 01 Jan 2024 06:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52115
IP address blocks: 46.252.224.0/20 maxlen: 20
185.168.140.0/24 maxlen: 24
2a0d:cf00::/29 maxlen: 29
2a05:e780::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:c9:8d:2e:a9:a9:02:89:ff:00:12:a5:52:3a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=707af45346f06b622a0ebbb4ff9ba33be6f42f1e
Validity
Not Before: Jan 1 06:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c7341b2562afd6aace40f65bd98010e78fad040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8d:96:83:e0:d1:67:b0:23:d9:bd:32:d6:18:
87:f4:c7:73:49:28:d7:40:7b:d9:2a:10:14:54:a6:
6a:55:db:04:21:b6:14:3f:a7:5f:ff:03:cc:1e:d4:
67:be:87:cb:e1:0a:de:47:ed:73:47:c5:43:d4:6d:
5c:eb:e6:96:ee:53:e1:63:59:44:e4:11:40:c4:d0:
b5:c6:0d:cb:10:c6:df:71:0f:26:6f:a3:fc:d0:1e:
9f:aa:eb:cc:9e:23:a9:35:6f:ce:6d:f2:c7:d0:bc:
a4:ef:c0:c6:82:1e:b3:20:81:fd:df:d8:86:0e:90:
d6:82:27:02:cb:ae:30:e0:8d:34:2f:39:3c:32:75:
8d:5c:5c:7c:6d:e8:95:d7:68:57:46:36:1b:22:a6:
df:7b:05:d6:47:bf:9b:93:10:75:1d:58:0d:98:ba:
70:d3:94:2f:52:92:a0:aa:97:7d:5a:e2:a6:86:db:
99:42:60:e9:4c:de:22:2f:73:2d:53:76:d6:86:fc:
1d:0a:3f:0b:48:c2:32:35:b8:6e:83:56:80:38:1a:
a8:4a:0f:c2:53:26:2f:99:bb:80:e2:a1:15:9a:0d:
96:05:02:d2:ed:a3:32:9d:a9:17:96:35:33:c5:af:
69:df:c1:27:2e:92:b5:b1:f7:3d:98:90:9e:58:84:
a5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:73:41:B2:56:2A:FD:6A:AC:E4:0F:65:BD:98:01:0E:78:FA:D0:40
X509v3 Authority Key Identifier:
keyid:70:7A:F4:53:46:F0:6B:62:2A:0E:BB:B4:FF:9B:A3:3B:E6:F4:2F:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHr0U0bwa2IqDru0_5ujO-b0Lx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/THNBslYq_Wqs5A9lvZgBDnj60EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/cHr0U0bwa2IqDru0_5ujO-b0Lx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.224.0/20
185.168.140.0/24
IPv6:
2a05:e780::/29
2a0d:cf00::/29
Signature Algorithm: sha256WithRSAEncryption
77:34:03:a3:5b:14:5c:61:66:7f:99:84:c1:5f:3e:ea:05:47:
7e:32:20:34:a5:62:df:d5:7f:09:3f:bc:77:46:e3:31:08:58:
52:22:e7:74:72:90:69:08:27:c1:86:8c:5b:82:60:f5:5e:ec:
1a:f5:d2:4b:29:96:07:3a:f8:82:db:dc:8d:8e:9f:19:10:6a:
02:5c:c2:8f:21:54:0f:e6:61:db:97:10:75:28:17:72:4b:3d:
32:88:25:73:b1:45:a6:22:fb:2d:96:60:70:f7:2b:c1:50:34:
92:51:ee:bf:d8:c0:d6:69:15:f9:2b:71:01:dd:83:b9:d4:d3:
df:e7:60:2f:a8:1e:79:a8:66:f4:b2:29:0f:cd:b7:7c:38:dc:
b0:d4:fb:d4:5b:b4:f0:a5:a7:46:90:b8:6a:aa:78:53:56:f6:
9e:21:a8:bd:9f:71:ea:2f:0d:11:7d:7a:46:5d:92:79:93:df:
60:12:21:8d:bc:31:27:ba:60:23:c8:17:ea:58:60:f6:5c:ba:
52:48:3d:79:41:e2:6e:17:46:95:d6:86:94:d5:a7:6d:3c:3f:
ea:32:c6:fe:5c:57:8f:27:41:5e:23:75:58:07:17:b0:a9:c4:
24:ff:fb:81:75:1d:a9:11:31:4c:17:1d:b9:68:f8:b8:1e:5e:
4a:5a:f2:78
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzDtsmNLqmpAon/ABKlUjqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwN2FmNDUzNDZmMDZiNjIyYTBlYmJiNGZmOWJhMzNiZTZm
NDJmMWUwHhcNMjQwMTAxMDYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzczNDFiMjU2MmFmZDZhYWNlNDBmNjViZDk4MDEwZTc4ZmFkMDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiY2Wg+DRZ7Aj2b0y1hiH9MdzSSjX
QHvZKhAUVKZqVdsEIbYUP6df/wPMHtRnvofL4QreR+1zR8VD1G1c6+aW7lPhY1lE
5BFAxNC1xg3LEMbfcQ8mb6P80B6fquvMniOpNW/ObfLH0Lyk78DGgh6zIIH939iG
DpDWgicCy64w4I00Lzk8MnWNXFx8beiV12hXRjYbIqbfewXWR7+bkxB1HVgNmLpw
05QvUpKgqpd9WuKmhtuZQmDpTN4iL3MtU3bWhvwdCj8LSMIyNbhug1aAOBqoSg/C
UyYvmbuA4qEVmg2WBQLS7aMynakXljUzxa9p38EnLpK1sfc9mJCeWISlRwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFExzQbJWKv1qrOQPZb2YAQ54+tBAMB8GA1UdIwQY
MBaAFHB69FNG8GtiKg67tP+bozvm9C8eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hyMFUwYndhMklxRHJ1MF81dWpPLWIwTHg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS83OTIwZDAtZjk1Ni00NDM5LTljZDIt
NGI3ODA4ZDk4NjY0LzEvVEhOQnNsWXFfV3FzNUE5bHZaZ0JEbmo2MEVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS83OTIwZDAtZjk1Ni00NDM5LTljZDItNGI3ODA4ZDk4NjY0
LzEvY0hyMFUwYndhMklxRHJ1MF81dWpPLWIwTHg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQELvzgAwQA
uaiMMBQEAgACMA4DBQMqBeeAAwUDKg3PADANBgkqhkiG9w0BAQsFAAOCAQEAdzQD
o1sUXGFmf5mEwV8+6gVHfjIgNKVi39V/CT+8d0bjMQhYUiLndHKQaQgnwYaMW4Jg
9V7sGvXSSymWBzr4gtvcjY6fGRBqAlzCjyFUD+Zh25cQdSgXcks9Moglc7FFpiL7
LZZgcPcrwVA0klHuv9jA1mkV+StxAd2DudTT3+dgL6geeahm9LIpD823fDjcsNT7
1Fu08KWnRpC4aqp4U1b2niGovZ9x6i8NEX16Rl2SeZPfYBIhjbwxJ7pgI8gX6lhg
9ly6Ukg9eUHibhdGldaGlNWnbTw/6jLG/lxXjydBXiN1WAcXsKnEJP/7gXUdqREx
TBcduWj4uB5eSlryeA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:12 2025 by rpki-client