Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/RqNdFo0Q6Dx3SC6ObRGFzkVQBi4.roa
File: RqNdFo0Q6Dx3SC6ObRGFzkVQBi4.roa (raw, json)
Hash identifier: OrI3ji3m8A6uA9gfybbbMlud3mHSX6x2yzZDFJ/KxNs=
Subject key identifier: 46:A3:5D:16:8D:10:E8:3C:77:48:2E:8E:6D:11:85:CE:45:50:06:2E
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 019424B277CFB044B1F1716EC965AC4855D8
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/RqNdFo0Q6Dx3SC6ObRGFzkVQBi4.roa
Signing time: Thu 02 Jan 2025 01:47:43 +0000
ROA not before: Thu 02 Jan 2025 01:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213005
IP address blocks: 46.253.138.0/24 maxlen: 24
188.93.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 10:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:77:cf:b0:44:b1:f1:71:6e:c9:65:ac:48:55:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Jan 2 01:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46a35d168d10e83c77482e8e6d1185ce4550062e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:89:0f:65:66:09:71:b7:06:5a:50:f1:b8:26:
63:11:d1:6e:bc:f4:d3:1d:ef:c8:3a:95:c9:f3:c8:
ea:a1:a9:da:cb:ab:10:a0:c0:c5:e1:be:80:1c:c9:
47:27:b7:47:bb:9c:9b:14:a9:43:01:d9:a0:00:2c:
12:fe:b5:a6:73:d5:08:da:03:72:00:3d:03:0d:7e:
41:81:8a:0c:76:82:8b:d5:9c:71:05:af:d3:d3:c0:
3f:7d:f5:73:6d:bd:38:10:59:84:48:b0:2d:bc:09:
a7:f7:84:75:3c:3d:a7:44:68:af:20:14:a4:90:10:
7c:20:e1:96:dd:51:55:26:07:14:4e:26:05:25:1d:
7a:b5:d2:82:e5:d0:fa:ab:39:e1:40:e3:25:57:22:
b7:cb:d5:7b:4c:74:ad:94:e4:63:bd:bd:4f:c8:26:
26:0a:d4:5b:e5:fd:79:80:7e:06:9b:34:0c:b9:fe:
34:00:17:f0:f0:d8:69:9a:e0:96:8c:89:aa:a0:95:
77:8c:9b:d2:08:e6:2f:1b:44:f5:4d:12:de:01:6c:
0a:0e:bd:fa:6e:6e:12:90:7f:d0:ae:28:1f:29:f4:
24:37:df:83:0c:1d:ff:e4:76:d4:c8:8e:36:c3:fe:
23:af:5c:cf:61:64:3b:25:a9:0c:35:2a:66:9c:fd:
43:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A3:5D:16:8D:10:E8:3C:77:48:2E:8E:6D:11:85:CE:45:50:06:2E
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/RqNdFo0Q6Dx3SC6ObRGFzkVQBi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.138.0/24
188.93.117.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:09:b6:a1:67:79:f4:e3:66:0a:d9:3e:f3:ea:fb:9c:11:72:
97:e0:06:b5:20:79:97:7f:ab:55:67:8c:e6:14:cc:2e:81:92:
16:9a:27:7c:7e:86:e9:7f:53:0a:f6:54:db:3d:d9:c1:11:76:
30:6f:4a:eb:9e:45:df:c3:52:b6:c1:77:78:e4:37:7b:1e:e5:
1b:3c:ed:67:46:ff:85:66:20:1b:87:06:91:36:64:60:f0:fd:
1b:0e:03:43:61:ac:7a:12:95:f1:55:ca:6f:74:5a:20:14:3d:
30:84:ca:dd:19:94:a0:15:a9:8a:90:7b:9e:a5:f8:96:62:43:
36:d4:0b:46:3c:63:14:64:d9:44:c7:c8:09:38:be:11:62:40:
f2:f8:18:c2:68:12:c3:2d:aa:d7:6b:f6:99:19:9e:25:0a:87:
35:8f:2b:a9:2b:5a:54:c6:14:2a:5f:9c:94:3a:fb:5b:74:2e:
47:07:8e:ef:cc:a1:52:fe:a3:64:b6:56:30:a2:71:45:e4:fd:
43:b6:85:8a:73:21:e0:e1:ea:38:c1:02:55:76:d9:63:a5:a6:
8d:7f:28:f1:67:45:7e:47:b0:ed:31:35:66:e9:53:08:7f:75:
b4:0d:f6:45:c5:bc:61:13:5b:11:4d:42:f5:58:74:99:c0:a6:
4c:96:f1:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQksnfPsESx8XFuyWWsSFXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjUwMTAyMDE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmEzNWQxNjhkMTBlODNjNzc0ODJlOGU2ZDExODVjZTQ1NTAwNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIkPZWYJcbcGWlDxuCZjEdFuvPTT
He/IOpXJ88jqoanay6sQoMDF4b6AHMlHJ7dHu5ybFKlDAdmgACwS/rWmc9UI2gNy
AD0DDX5BgYoMdoKL1ZxxBa/T08A/ffVzbb04EFmESLAtvAmn94R1PD2nRGivIBSk
kBB8IOGW3VFVJgcUTiYFJR16tdKC5dD6qznhQOMlVyK3y9V7THStlORjvb1PyCYm
CtRb5f15gH4GmzQMuf40ABfw8NhpmuCWjImqoJV3jJvSCOYvG0T1TRLeAWwKDr36
bm4SkH/QrigfKfQkN9+DDB3/5HbUyI42w/4jr1zPYWQ7JakMNSpmnP1DkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEajXRaNEOg8d0gujm0Rhc5FUAYuMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvUnFOZEZvMFE2RHgzU0M2T2JSR0Z6a1ZRQmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALv2KAwQA
vF11MA0GCSqGSIb3DQEBCwUAA4IBAQAKCbahZ3n042YK2T7z6vucEXKX4Aa1IHmX
f6tVZ4zmFMwugZIWmid8fobpf1MK9lTbPdnBEXYwb0rrnkXfw1K2wXd45Dd7HuUb
PO1nRv+FZiAbhwaRNmRg8P0bDgNDYax6EpXxVcpvdFogFD0whMrdGZSgFamKkHue
pfiWYkM21AtGPGMUZNlEx8gJOL4RYkDy+BjCaBLDLarXa/aZGZ4lCoc1jyupK1pU
xhQqX5yUOvtbdC5HB47vzKFS/qNktlYwonFF5P1DtoWKcyHg4eo4wQJVdtljpaaN
fyjxZ0V+R7DtMTVm6VMIf3W0DfZFxbxhE1sRTUL1WHSZwKZMlvHA
-----END CERTIFICATE-----
Generated at Wed Apr 23 13:12:53 2025 by rpki-client