Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c88a8f-7be0-4e40-9ce6-d252a574ae8d/1/Ra2p5TiZYbNgMqctwYMiOx2K36Q.roa
File: Ra2p5TiZYbNgMqctwYMiOx2K36Q.roa (raw, json)
Hash identifier: irGLHS3bG279bgLc6qB8WSncPV0WIpljPvCHoVihNDw=
Subject key identifier: 45:AD:A9:E5:38:99:61:B3:60:32:A7:2D:C1:83:22:3B:1D:8A:DF:A4
Certificate issuer: /CN=ec917c0afda449ecc0429c046df50fbc959b4eea
Certificate serial: 018CC34908DBE602DD11655CB43DD80134C9
Authority key identifier: EC:91:7C:0A:FD:A4:49:EC:C0:42:9C:04:6D:F5:0F:BC:95:9B:4E:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7JF8Cv2kSezAQpwEbfUPvJWbTuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/c88a8f-7be0-4e40-9ce6-d252a574ae8d/1/Ra2p5TiZYbNgMqctwYMiOx2K36Q.roa
Signing time: Mon 01 Jan 2024 04:29:52 +0000
ROA not before: Mon 01 Jan 2024 04:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48346
IP address blocks: 46.149.100.0/24 maxlen: 24
2a10:1c00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:08:db:e6:02:dd:11:65:5c:b4:3d:d8:01:34:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec917c0afda449ecc0429c046df50fbc959b4eea
Validity
Not Before: Jan 1 04:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45ada9e5389961b36032a72dc183223b1d8adfa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8c:97:90:4f:d5:b0:8d:7e:00:20:77:d6:f4:
43:42:35:dd:23:f8:84:93:80:a9:26:65:d8:bf:5b:
56:93:82:f7:6c:11:20:f9:5b:64:52:f9:1e:b9:86:
8d:5a:75:ae:6b:f2:48:ef:a1:da:ba:f1:1a:7c:07:
06:66:64:de:2b:fd:61:bf:c4:f7:84:b1:3d:c3:3f:
f3:33:4c:ff:65:49:91:44:28:df:16:07:aa:5c:34:
b8:29:cc:0a:04:de:78:ad:a5:10:09:fe:2e:4c:cc:
d4:c3:f0:af:3f:1e:ca:44:5d:59:19:c2:75:24:e8:
2c:ce:dd:d5:38:84:6c:ab:07:52:56:07:61:60:52:
4c:8c:b2:17:cf:e3:8f:0a:87:d7:41:14:dd:0f:58:
0a:f0:83:82:83:ad:f1:87:30:04:01:5c:4a:c1:5a:
f7:32:07:10:cc:b3:bd:f7:f0:3a:b2:8e:47:ff:39:
36:85:c0:18:88:63:a8:5b:54:4a:f3:cb:9e:59:5b:
71:29:e4:58:76:7c:2e:da:46:c2:2f:ee:77:fd:d2:
78:8a:dd:3f:16:f1:cf:87:8a:32:b0:28:8f:e3:a7:
f2:f9:89:88:fc:7b:4b:37:c5:c0:9b:a4:0e:f1:2a:
09:74:3e:63:b8:ac:fc:fd:8e:34:59:87:5d:0e:68:
e2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:AD:A9:E5:38:99:61:B3:60:32:A7:2D:C1:83:22:3B:1D:8A:DF:A4
X509v3 Authority Key Identifier:
keyid:EC:91:7C:0A:FD:A4:49:EC:C0:42:9C:04:6D:F5:0F:BC:95:9B:4E:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7JF8Cv2kSezAQpwEbfUPvJWbTuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c88a8f-7be0-4e40-9ce6-d252a574ae8d/1/Ra2p5TiZYbNgMqctwYMiOx2K36Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c88a8f-7be0-4e40-9ce6-d252a574ae8d/1/7JF8Cv2kSezAQpwEbfUPvJWbTuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.100.0/24
IPv6:
2a10:1c00::/29
Signature Algorithm: sha256WithRSAEncryption
1d:5d:db:28:1b:82:ab:b2:a9:34:74:a9:70:5e:6f:f0:ec:5e:
eb:99:ea:4f:f5:59:4a:6c:58:52:8b:a1:46:97:d0:41:86:69:
b4:32:e4:04:8c:1e:a1:5a:4b:f9:37:1e:0c:3f:6c:24:9e:88:
c4:f6:b0:0f:9d:7c:4e:2f:11:66:ba:91:88:3f:5d:11:2a:52:
5f:9c:af:4f:d1:eb:26:77:79:24:e8:90:31:c3:1f:47:76:68:
7e:ed:27:36:55:bb:8b:5d:97:e0:d5:81:61:f7:14:cf:dd:5e:
44:fe:93:d9:f9:66:ea:a9:93:6a:37:4d:c7:24:af:9b:7f:52:
7f:a4:83:7e:d6:8b:23:4a:2c:28:7e:5c:50:07:dd:ac:b6:a9:
70:ef:c4:a8:c5:c1:f0:8b:fd:92:71:d1:bf:7b:ff:74:3d:ee:
3f:cb:5e:13:97:b6:a8:dd:cc:b2:3b:6a:f8:65:26:7f:fd:aa:
80:04:dc:1c:86:76:56:a0:63:cb:5e:e8:91:e5:94:4c:6f:61:
a6:f1:3b:4b:4f:60:85:e2:c3:94:4a:33:55:1f:98:d7:a4:83:
e3:4b:97:22:af:61:a8:a3:d3:96:cf:bc:42:4d:1d:b1:e5:ac:
41:0c:f2:cd:1c:55:21:c5:bd:7f:3a:76:98:89:40:71:c1:be:
f1:3b:47:86
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSQjb5gLdEWVctD3YATTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjOTE3YzBhZmRhNDQ5ZWNjMDQyOWMwNDZkZjUwZmJjOTU5
YjRlZWEwHhcNMjQwMTAxMDQyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWFkYTllNTM4OTk2MWIzNjAzMmE3MmRjMTgzMjIzYjFkOGFkZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIyXkE/VsI1+ACB31vRDQjXdI/iE
k4CpJmXYv1tWk4L3bBEg+VtkUvkeuYaNWnWua/JI76HauvEafAcGZmTeK/1hv8T3
hLE9wz/zM0z/ZUmRRCjfFgeqXDS4KcwKBN54raUQCf4uTMzUw/CvPx7KRF1ZGcJ1
JOgszt3VOIRsqwdSVgdhYFJMjLIXz+OPCofXQRTdD1gK8IOCg63xhzAEAVxKwVr3
MgcQzLO99/A6so5H/zk2hcAYiGOoW1RK88ueWVtxKeRYdnwu2kbCL+53/dJ4it0/
FvHPh4oysCiP46fy+YmI/HtLN8XAm6QO8SoJdD5juKz8/Y40WYddDmjiywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEWtqeU4mWGzYDKnLcGDIjsdit+kMB8GA1UdIwQY
MBaAFOyRfAr9pEnswEKcBG31D7yVm07qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0pGOEN2MmtTZXpBUXB3RWJmVVB2SldiVHVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jODhhOGYtN2JlMC00ZTQwLTljZTYt
ZDI1MmE1NzRhZThkLzEvUmEycDVUaVpZYk5nTXFjdHdZTWlPeDJLMzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jODhhOGYtN2JlMC00ZTQwLTljZTYtZDI1MmE1NzRhZThk
LzEvN0pGOEN2MmtTZXpBUXB3RWJmVVB2SldiVHVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALpVkMA0E
AgACMAcDBQMqEBwAMA0GCSqGSIb3DQEBCwUAA4IBAQAdXdsoG4Krsqk0dKlwXm/w
7F7rmepP9VlKbFhSi6FGl9BBhmm0MuQEjB6hWkv5Nx4MP2wknojE9rAPnXxOLxFm
upGIP10RKlJfnK9P0esmd3kk6JAxwx9Hdmh+7Sc2VbuLXZfg1YFh9xTP3V5E/pPZ
+WbqqZNqN03HJK+bf1J/pIN+1osjSiwoflxQB92stqlw78SoxcHwi/2ScdG/e/90
Pe4/y14Tl7ao3cyyO2r4ZSZ//aqABNwchnZWoGPLXuiR5ZRMb2Gm8TtLT2CF4sOU
SjNVH5jXpIPjS5cir2Goo9OWz7xCTR2x5axBDPLNHFUhxb1/OnaYiUBxwb7xO0eG
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:13 2025 by rpki-client