Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/8432ed-2c97-41d3-926a-6a4d04ba5898/1/B-VevEOfaxehRWXl1vj3ImIHqn0.roa
File: B-VevEOfaxehRWXl1vj3ImIHqn0.roa (raw, json)
Hash identifier: Ofe1YYirqemlsn1hn8PmWGsDYPkCXHyJNAtJqaHjlwg=
Subject key identifier: 07:E5:5E:BC:43:9F:6B:17:A1:45:65:E5:D6:F8:F7:22:62:07:AA:7D
Certificate issuer: /CN=e17b10fd607ad927006c62ce35691ebaa8f018b5
Certificate serial: 018CC3B734EE3221F8379233BB8E0EC0A6F5
Authority key identifier: E1:7B:10:FD:60:7A:D9:27:00:6C:62:CE:35:69:1E:BA:A8:F0:18:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4XsQ_WB62ScAbGLONWkeuqjwGLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/8432ed-2c97-41d3-926a-6a4d04ba5898/1/B-VevEOfaxehRWXl1vj3ImIHqn0.roa
Signing time: Mon 01 Jan 2024 06:30:12 +0000
ROA not before: Mon 01 Jan 2024 06:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51968
IP address blocks: 46.23.128.0/20 maxlen: 20
46.23.136.0/24 maxlen: 24
2a10:2880::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:34:ee:32:21:f8:37:92:33:bb:8e:0e:c0:a6:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e17b10fd607ad927006c62ce35691ebaa8f018b5
Validity
Not Before: Jan 1 06:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07e55ebc439f6b17a14565e5d6f8f7226207aa7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:fc:2c:80:71:0e:11:c4:ed:ca:0b:3e:0f:9e:
82:e8:09:19:cf:60:c9:e6:7a:dd:a9:12:a5:35:df:
8b:f0:63:ee:fa:54:3a:67:17:03:ba:c9:32:25:27:
db:89:a5:e3:2a:84:e5:72:65:fd:ae:1a:bd:56:7d:
49:75:e0:c1:c5:a9:54:28:44:d3:b8:74:e7:26:c7:
b6:5c:31:87:f1:02:b7:4e:aa:0f:10:e0:22:3d:1e:
57:8c:fa:83:5b:77:43:bb:15:13:ce:2e:93:28:67:
60:33:86:33:a1:c7:7f:82:87:44:ab:33:6c:3a:d4:
dd:91:be:02:7d:ca:df:dc:5d:42:9e:52:e1:d2:7e:
7b:bb:70:75:2b:5f:90:c6:a2:a2:ac:19:58:3f:43:
fd:ff:cc:dd:bd:6a:3e:0d:02:40:d6:15:e6:0e:cd:
9f:91:29:33:e6:72:18:d9:3e:8c:0d:2e:45:d2:4f:
6c:97:8d:c3:f4:b8:c4:6e:bd:ad:5f:4e:6d:00:55:
16:4c:99:ed:e2:00:7b:12:c7:f7:ac:49:d4:d5:2b:
b5:4a:ee:cb:80:94:23:d1:49:1a:2f:fb:61:41:f5:
76:c4:41:98:26:56:2b:58:79:85:ea:f1:c1:ea:b8:
04:2c:d6:bd:2f:77:29:37:1c:8b:f2:7d:cc:09:62:
91:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E5:5E:BC:43:9F:6B:17:A1:45:65:E5:D6:F8:F7:22:62:07:AA:7D
X509v3 Authority Key Identifier:
keyid:E1:7B:10:FD:60:7A:D9:27:00:6C:62:CE:35:69:1E:BA:A8:F0:18:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4XsQ_WB62ScAbGLONWkeuqjwGLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8432ed-2c97-41d3-926a-6a4d04ba5898/1/B-VevEOfaxehRWXl1vj3ImIHqn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8432ed-2c97-41d3-926a-6a4d04ba5898/1/4XsQ_WB62ScAbGLONWkeuqjwGLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.128.0/20
IPv6:
2a10:2880::/32
Signature Algorithm: sha256WithRSAEncryption
77:ed:1b:f8:c6:3f:83:ab:aa:5c:8a:3e:d3:23:f7:fd:b8:8e:
fd:50:00:6f:a6:2f:43:10:46:d4:16:1d:66:58:76:82:97:2e:
e6:30:ff:13:54:af:e6:0a:20:6d:ac:83:e7:ed:f2:54:9b:e4:
75:38:09:02:d4:93:82:14:50:b8:ac:be:40:32:fd:a3:18:ca:
0c:d5:eb:15:34:92:b6:58:cd:97:7e:34:1f:e4:0e:de:07:c0:
d3:b6:09:d1:b6:63:25:67:d4:d6:ab:28:52:1b:5d:59:7b:56:
b3:da:45:a9:62:a1:f7:a5:82:3a:a9:6c:f1:8e:f4:c6:30:80:
ba:b5:56:c8:55:46:f8:af:98:4d:dd:38:e7:65:b9:4b:96:cf:
05:4c:ac:13:37:4e:dc:27:4d:3e:c1:b9:be:39:be:ca:89:07:
ed:5f:19:31:f1:2b:37:c5:f3:33:bc:43:95:5e:70:94:8d:25:
2b:14:35:16:f7:62:13:55:59:29:fc:7f:2f:61:f9:9f:02:ba:
50:65:82:ce:b1:cb:db:31:b5:f6:19:dd:b0:ef:f2:88:23:8d:
bf:52:ce:4f:48:7f:b9:a1:f4:66:37:ff:6b:4e:d0:45:f2:a1:
b7:0a:81:8f:3f:12:cd:b5:26:2d:51:a2:12:e1:2a:e8:b9:d3:
74:ce:7d:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtzTuMiH4N5Izu44OwKb1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxN2IxMGZkNjA3YWQ5MjcwMDZjNjJjZTM1NjkxZWJhYThm
MDE4YjUwHhcNMjQwMTAxMDYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2U1NWViYzQzOWY2YjE3YTE0NTY1ZTVkNmY4ZjcyMjYyMDdhYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/wsgHEOEcTtygs+D56C6AkZz2DJ
5nrdqRKlNd+L8GPu+lQ6ZxcDuskyJSfbiaXjKoTlcmX9rhq9Vn1JdeDBxalUKETT
uHTnJse2XDGH8QK3TqoPEOAiPR5XjPqDW3dDuxUTzi6TKGdgM4Yzocd/godEqzNs
OtTdkb4Cfcrf3F1CnlLh0n57u3B1K1+QxqKirBlYP0P9/8zdvWo+DQJA1hXmDs2f
kSkz5nIY2T6MDS5F0k9sl43D9LjEbr2tX05tAFUWTJnt4gB7Esf3rEnU1Su1Su7L
gJQj0UkaL/thQfV2xEGYJlYrWHmF6vHB6rgELNa9L3cpNxyL8n3MCWKRkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAflXrxDn2sXoUVl5db49yJiB6p9MB8GA1UdIwQY
MBaAFOF7EP1getknAGxizjVpHrqo8Bi1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFhzUV9XQjYyU2NBYkdMT05Xa2V1cWp3R0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDMyZWQtMmM5Ny00MWQzLTkyNmEt
NmE0ZDA0YmE1ODk4LzEvQi1WZXZFT2ZheGVoUldYbDF2ajNJbUlIcW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDMyZWQtMmM5Ny00MWQzLTkyNmEtNmE0ZDA0YmE1ODk4
LzEvNFhzUV9XQjYyU2NBYkdMT05Xa2V1cWp3R0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQELheAMA0E
AgACMAcDBQAqECiAMA0GCSqGSIb3DQEBCwUAA4IBAQB37Rv4xj+Dq6pcij7TI/f9
uI79UABvpi9DEEbUFh1mWHaCly7mMP8TVK/mCiBtrIPn7fJUm+R1OAkC1JOCFFC4
rL5AMv2jGMoM1esVNJK2WM2XfjQf5A7eB8DTtgnRtmMlZ9TWqyhSG11Ze1az2kWp
YqH3pYI6qWzxjvTGMIC6tVbIVUb4r5hN3TjnZblLls8FTKwTN07cJ00+wbm+Ob7K
iQftXxkx8Ss3xfMzvEOVXnCUjSUrFDUW92ITVVkp/H8vYfmfArpQZYLOscvbMbX2
Gd2w7/KII42/Us5PSH+5ofRmN/9rTtBF8qG3CoGPPxLNtSYtUaIS4SroudN0zn16
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:47 2025 by rpki-client