Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/026548-5012-4ad0-a5bb-82c0560595cd/1/NQMsoLqCI7dfX3ll2RJNob79DX4.roa
File: NQMsoLqCI7dfX3ll2RJNob79DX4.roa (raw, json)
Hash identifier: FQttXkF3sCGVt4QERc1nrnQmNDEPUTSdzoiLnFk3qog=
Subject key identifier: 35:03:2C:A0:BA:82:23:B7:5F:5F:79:65:D9:12:4D:A1:BE:FD:0D:7E
Certificate issuer: /CN=335e725cacf83c97f457a56762cf846d643117cd
Certificate serial: 018CC794161CE5A4EE25C8A5D625DFBEE32D
Authority key identifier: 33:5E:72:5C:AC:F8:3C:97:F4:57:A5:67:62:CF:84:6D:64:31:17:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M15yXKz4PJf0V6VnYs-EbWQxF80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/026548-5012-4ad0-a5bb-82c0560595cd/1/NQMsoLqCI7dfX3ll2RJNob79DX4.roa
Signing time: Tue 02 Jan 2024 00:30:20 +0000
ROA not before: Tue 02 Jan 2024 00:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 46.231.121.0/24 maxlen: 24
46.231.120.0/24 maxlen: 24
185.192.223.0/24 maxlen: 24
185.192.220.0/24 maxlen: 24
185.192.221.0/24 maxlen: 24
185.192.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:16:1c:e5:a4:ee:25:c8:a5:d6:25:df:be:e3:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=335e725cacf83c97f457a56762cf846d643117cd
Validity
Not Before: Jan 2 00:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35032ca0ba8223b75f5f7965d9124da1befd0d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c9:64:1f:e9:83:80:05:35:8f:40:30:12:fc:
9c:b3:55:c1:44:2c:3f:72:6c:c1:5f:2e:03:fe:40:
9a:49:b1:ef:33:37:71:79:6f:8d:04:05:3e:f6:8e:
b4:4a:cf:15:34:e9:d5:a4:18:af:1a:ae:8e:2c:ea:
65:0a:1b:0f:e6:0f:7e:84:64:d7:fb:53:33:0b:71:
8d:1c:de:94:02:cc:33:7d:c6:da:87:68:d9:ee:c1:
d8:5c:f9:f9:7c:75:c6:ad:2e:b3:80:fb:83:dd:cd:
0c:2e:f1:c4:e6:1c:39:43:26:7a:a3:24:25:5d:1f:
b0:91:0c:fd:8f:75:2e:48:17:fc:8e:ba:e7:63:df:
a6:5d:c4:5a:b0:00:83:64:de:aa:ea:27:aa:e5:22:
9b:e8:cf:2b:29:85:cd:f1:e4:7e:7f:72:4a:b1:51:
af:22:58:03:44:c9:9c:e8:de:48:93:06:03:e7:b5:
04:dc:62:a0:9a:3d:5b:1a:39:8f:1d:96:4e:a5:e2:
19:83:c5:1c:21:f0:97:2e:dc:a4:71:f2:16:a5:68:
4a:8f:08:23:ab:ec:32:be:0e:98:ed:88:c2:f5:6f:
a6:9b:92:eb:92:57:d4:19:3d:7c:40:0c:6f:15:4b:
4d:cd:56:7c:8e:1a:88:a3:2d:e7:22:b8:f7:1a:a2:
47:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:03:2C:A0:BA:82:23:B7:5F:5F:79:65:D9:12:4D:A1:BE:FD:0D:7E
X509v3 Authority Key Identifier:
keyid:33:5E:72:5C:AC:F8:3C:97:F4:57:A5:67:62:CF:84:6D:64:31:17:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M15yXKz4PJf0V6VnYs-EbWQxF80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/026548-5012-4ad0-a5bb-82c0560595cd/1/NQMsoLqCI7dfX3ll2RJNob79DX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/026548-5012-4ad0-a5bb-82c0560595cd/1/M15yXKz4PJf0V6VnYs-EbWQxF80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.231.120.0/23
185.192.220.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:15:4a:19:51:c7:7f:d9:f6:a3:b5:93:82:ae:23:58:e5:60:
65:64:02:f7:0f:9b:4a:b7:da:ba:30:f1:6b:10:3a:fd:66:b0:
74:ad:f8:15:d5:d5:21:e5:7b:b8:95:41:67:cd:88:91:ce:11:
41:e2:76:a9:22:89:82:18:1f:b9:da:19:31:ee:59:11:96:33:
31:79:49:c8:7e:a5:09:8e:58:b0:f3:09:e4:ef:a7:a3:c0:b9:
8c:79:2d:e8:3a:ee:29:04:aa:bf:80:7c:b8:8d:5a:52:c5:77:
91:1b:09:30:92:b7:9d:60:fd:fc:6b:b8:72:b7:1e:29:fd:5c:
70:04:48:77:7e:0b:0e:3a:3c:4b:2f:1a:ca:c4:cc:5f:d6:c9:
74:5f:d7:66:fc:5e:56:e3:d6:67:f3:a4:de:7e:79:2a:07:2e:
48:89:95:42:14:6b:e2:ee:a2:9d:fa:41:96:fe:a6:b2:81:95:
45:5b:b0:ce:9f:8d:49:9f:97:53:01:0e:76:12:e1:b1:5b:0f:
f6:02:82:ba:fb:d1:80:1e:69:08:b8:e5:91:49:1d:f0:1d:39:
5f:44:c8:c7:f3:e0:6c:cf:40:52:67:b6:13:02:ce:64:ce:b4:
f2:c8:55:f4:79:49:91:3e:1d:d5:b9:53:0b:2d:3f:9d:17:fa:
51:8a:bf:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlBYc5aTuJcil1iXfvuMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNWU3MjVjYWNmODNjOTdmNDU3YTU2NzYyY2Y4NDZkNjQz
MTE3Y2QwHhcNMjQwMTAyMDAzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTAzMmNhMGJhODIyM2I3NWY1Zjc5NjVkOTEyNGRhMWJlZmQwZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmclkH+mDgAU1j0AwEvycs1XBRCw/
cmzBXy4D/kCaSbHvMzdxeW+NBAU+9o60Ss8VNOnVpBivGq6OLOplChsP5g9+hGTX
+1MzC3GNHN6UAswzfcbah2jZ7sHYXPn5fHXGrS6zgPuD3c0MLvHE5hw5QyZ6oyQl
XR+wkQz9j3UuSBf8jrrnY9+mXcRasACDZN6q6ieq5SKb6M8rKYXN8eR+f3JKsVGv
IlgDRMmc6N5IkwYD57UE3GKgmj1bGjmPHZZOpeIZg8UcIfCXLtykcfIWpWhKjwgj
q+wyvg6Y7YjC9W+mm5LrklfUGT18QAxvFUtNzVZ8jhqIoy3nIrj3GqJHUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDUDLKC6giO3X195ZdkSTaG+/Q1+MB8GA1UdIwQY
MBaAFDNeclys+DyX9FelZ2LPhG1kMRfNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTE1eVhLejRQSmYwVjZWbllzLUViV1F4RjgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8wMjY1NDgtNTAxMi00YWQwLWE1YmIt
ODJjMDU2MDU5NWNkLzEvTlFNc29McUNJN2RmWDNsbDJSSk5vYjc5RFg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8wMjY1NDgtNTAxMi00YWQwLWE1YmItODJjMDU2MDU5NWNk
LzEvTTE1eVhLejRQSmYwVjZWbllzLUViV1F4RjgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLud4AwQC
ucDcMA0GCSqGSIb3DQEBCwUAA4IBAQAdFUoZUcd/2fajtZOCriNY5WBlZAL3D5tK
t9q6MPFrEDr9ZrB0rfgV1dUh5Xu4lUFnzYiRzhFB4napIomCGB+52hkx7lkRljMx
eUnIfqUJjliw8wnk76ejwLmMeS3oOu4pBKq/gHy4jVpSxXeRGwkwkredYP38a7hy
tx4p/VxwBEh3fgsOOjxLLxrKxMxf1sl0X9dm/F5W49Zn86TefnkqBy5IiZVCFGvi
7qKd+kGW/qaygZVFW7DOn41Jn5dTAQ52EuGxWw/2AoK6+9GAHmkIuOWRSR3wHTlf
RMjH8+Bsz0BSZ7YTAs5kzrTyyFX0eUmRPh3VuVMLLT+dF/pRir8u
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:47:31 2025 by rpki-client