Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/431df1-09f4-475c-a045-f5bb2843c89e/1/2XE1S5jPNshNL_VS5Kchyq2Dmzc.roa
File: 2XE1S5jPNshNL_VS5Kchyq2Dmzc.roa (raw, json)
Hash identifier: 7oDzcnyspznt471bYizuFC0lBGXEbr+kmoCFj7/DZ/c=
Subject key identifier: D9:71:35:4B:98:CF:36:C8:4D:2F:F5:52:E4:A7:21:CA:AD:83:9B:37
Certificate issuer: /CN=7e2cb3d0a641769c7801c481612015c2ccb3b655
Certificate serial: 018CC6B891FB14C16AF0725456BB4BFD7E3C
Authority key identifier: 7E:2C:B3:D0:A6:41:76:9C:78:01:C4:81:61:20:15:C2:CC:B3:B6:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiyz0KZBdpx4AcSBYSAVwsyztlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/431df1-09f4-475c-a045-f5bb2843c89e/1/2XE1S5jPNshNL_VS5Kchyq2Dmzc.roa
Signing time: Mon 01 Jan 2024 20:30:33 +0000
ROA not before: Mon 01 Jan 2024 20:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 46.255.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:91:fb:14:c1:6a:f0:72:54:56:bb:4b:fd:7e:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e2cb3d0a641769c7801c481612015c2ccb3b655
Validity
Not Before: Jan 1 20:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d971354b98cf36c84d2ff552e4a721caad839b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d6:40:6a:34:7d:83:d9:7d:97:c2:60:c1:7f:
a8:4b:e4:ab:d8:46:c3:4a:ad:bb:b7:6f:93:40:dd:
85:a1:26:74:31:a5:09:76:48:88:3a:be:c3:3a:b3:
da:d6:b9:59:0e:4d:36:73:28:2b:5a:ec:66:e1:43:
14:21:b3:44:7c:6e:30:88:3d:a6:60:1f:d1:a7:57:
f9:39:79:03:76:9e:63:f1:97:09:19:49:ef:c9:09:
d6:78:aa:c1:e3:17:02:87:72:49:04:7f:a0:b2:3d:
bd:ef:f6:73:42:97:db:2d:0a:25:5f:2d:c3:fd:59:
10:7f:a6:c2:92:a6:9f:ae:22:a6:c6:9d:4e:30:54:
22:ec:91:e2:cb:0b:cc:29:f3:f4:ed:b1:6f:e4:07:
2f:b0:a0:d4:0a:d2:81:d4:d2:38:50:b7:c8:53:30:
cf:9a:46:9b:ea:6a:0b:2b:51:bb:50:b3:f5:68:17:
ba:46:da:c7:ef:16:4a:32:06:0c:7e:17:f7:fe:d2:
2f:31:f0:ac:6f:d6:69:ff:80:a4:8c:cb:64:f3:dc:
c9:c5:8a:59:82:71:b4:03:4a:6e:2b:9b:18:84:4a:
95:77:76:c5:6b:c9:33:4c:22:9f:ce:de:ad:c0:0d:
98:51:6f:2b:a3:4a:58:bb:e7:34:77:47:08:bd:f9:
60:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:71:35:4B:98:CF:36:C8:4D:2F:F5:52:E4:A7:21:CA:AD:83:9B:37
X509v3 Authority Key Identifier:
keyid:7E:2C:B3:D0:A6:41:76:9C:78:01:C4:81:61:20:15:C2:CC:B3:B6:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiyz0KZBdpx4AcSBYSAVwsyztlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/431df1-09f4-475c-a045-f5bb2843c89e/1/2XE1S5jPNshNL_VS5Kchyq2Dmzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/431df1-09f4-475c-a045-f5bb2843c89e/1/fiyz0KZBdpx4AcSBYSAVwsyztlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.76.0/24
Signature Algorithm: sha256WithRSAEncryption
10:4a:2d:09:bc:9c:51:80:17:26:a3:56:35:93:5b:14:ab:96:
50:b5:a0:99:3e:b2:65:d1:2a:23:5e:08:d1:a2:08:79:7c:3e:
df:f3:a0:96:fc:3f:f4:94:64:2d:37:25:df:fa:ec:03:a1:2e:
66:69:44:dc:f7:60:ab:bd:6e:36:a9:eb:ed:cb:ee:9c:fb:ce:
f9:ba:c0:ff:35:22:d4:7e:9f:64:fc:53:d9:40:32:d7:5f:f5:
cb:9c:6b:d6:37:9c:93:48:5b:83:63:32:fa:df:e2:d6:e0:a4:
70:64:bd:c8:b4:4a:8c:de:47:ae:0c:15:03:8c:b3:f7:a6:8b:
68:93:90:b9:33:2e:7f:2a:3a:36:9e:73:b9:ff:9c:a4:92:da:
28:bf:e2:bb:6c:d4:ca:98:35:23:f5:7b:0b:e4:eb:73:54:af:
96:2f:44:33:23:cd:24:c6:7d:74:5c:f0:56:34:4e:b5:42:a4:
a7:f3:10:0d:46:7e:bc:20:4b:69:d3:c5:e2:1c:51:3b:bc:fc:
65:36:b7:58:bd:37:96:db:e0:ba:e0:f6:ed:22:d3:76:f4:77:
75:ad:3e:27:4f:2d:1a:ae:38:73:b6:2c:4c:a0:b2:63:a5:62:
f4:f5:f1:4f:1e:90:ab:c5:2b:a4:e6:6c:e3:da:6a:42:5c:2e:
ce:65:9a:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuJH7FMFq8HJUVrtL/X48MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMmNiM2QwYTY0MTc2OWM3ODAxYzQ4MTYxMjAxNWMyY2Ni
M2I2NTUwHhcNMjQwMTAxMjAzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTcxMzU0Yjk4Y2YzNmM4NGQyZmY1NTJlNGE3MjFjYWFkODM5YjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9ZAajR9g9l9l8JgwX+oS+Sr2EbD
Sq27t2+TQN2FoSZ0MaUJdkiIOr7DOrPa1rlZDk02cygrWuxm4UMUIbNEfG4wiD2m
YB/Rp1f5OXkDdp5j8ZcJGUnvyQnWeKrB4xcCh3JJBH+gsj297/ZzQpfbLQolXy3D
/VkQf6bCkqafriKmxp1OMFQi7JHiywvMKfP07bFv5AcvsKDUCtKB1NI4ULfIUzDP
mkab6moLK1G7ULP1aBe6RtrH7xZKMgYMfhf3/tIvMfCsb9Zp/4CkjMtk89zJxYpZ
gnG0A0puK5sYhEqVd3bFa8kzTCKfzt6twA2YUW8ro0pYu+c0d0cIvflg3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNlxNUuYzzbITS/1UuSnIcqtg5s3MB8GA1UdIwQY
MBaAFH4ss9CmQXaceAHEgWEgFcLMs7ZVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZml5ejBLWkJkcHg0QWNTQllTQVZ3c3l6dGxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80MzFkZjEtMDlmNC00NzVjLWEwNDUt
ZjViYjI4NDNjODllLzEvMlhFMVM1alBOc2hOTF9WUzVLY2h5cTJEbXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80MzFkZjEtMDlmNC00NzVjLWEwNDUtZjViYjI4NDNjODll
LzEvZml5ejBLWkJkcHg0QWNTQllTQVZ3c3l6dGxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALv9MMA0G
CSqGSIb3DQEBCwUAA4IBAQAQSi0JvJxRgBcmo1Y1k1sUq5ZQtaCZPrJl0SojXgjR
ogh5fD7f86CW/D/0lGQtNyXf+uwDoS5maUTc92CrvW42qevty+6c+875usD/NSLU
fp9k/FPZQDLXX/XLnGvWN5yTSFuDYzL63+LW4KRwZL3ItEqM3keuDBUDjLP3poto
k5C5My5/Kjo2nnO5/5ykktoov+K7bNTKmDUj9XsL5OtzVK+WL0QzI80kxn10XPBW
NE61QqSn8xANRn68IEtp08XiHFE7vPxlNrdYvTeW2+C64PbtItN29Hd1rT4nTy0a
rjhztixMoLJjpWL09fFPHpCrxSuk5mzj2mpCXC7OZZqR
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:38:31 2025 by rpki-client