Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/5NbLlMu7tw0sQZ1NCucP1t30YLY.roa
File: 5NbLlMu7tw0sQZ1NCucP1t30YLY.roa (raw, json)
Hash identifier: Qz4xuGzYdwdph/0XkJuWpbG96H8S7VScsYyqmxvdHKc=
Subject key identifier: E4:D6:CB:94:CB:BB:B7:0D:2C:41:9D:4D:0A:E7:0F:D6:DD:F4:60:B6
Certificate issuer: /CN=d4375814344df0bf6d017733acdc488f002631b2
Certificate serial: 018CC3B6D49054D6DDFE2B71F63A4AC4E372
Authority key identifier: D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/5NbLlMu7tw0sQZ1NCucP1t30YLY.roa
Signing time: Mon 01 Jan 2024 06:29:48 +0000
ROA not before: Mon 01 Jan 2024 06:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 46.8.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Mar 2024 03:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d4:90:54:d6:dd:fe:2b:71:f6:3a:4a:c4:e3:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4375814344df0bf6d017733acdc488f002631b2
Validity
Not Before: Jan 1 06:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4d6cb94cbbbb70d2c419d4d0ae70fd6ddf460b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:db:61:90:71:db:51:2b:4c:05:08:39:a9:36:
60:4b:b4:e4:47:95:24:49:47:58:70:2b:66:48:9d:
3c:ed:fc:8f:20:5d:89:f6:79:c4:f7:2b:8f:3e:03:
74:b3:87:1d:8e:b6:b5:ad:ed:3a:69:ad:89:b1:05:
e1:6c:33:03:93:6a:e5:17:21:0d:49:8c:68:95:e2:
6c:0a:6e:36:e7:59:d1:6e:e7:af:60:30:6b:81:a1:
1c:5c:13:88:86:69:08:77:5d:37:f8:40:ea:f5:f9:
c6:77:d9:53:96:e7:94:58:bf:bf:a2:79:bb:f2:bc:
eb:91:fe:92:6c:cb:d4:12:cc:bc:d6:f4:23:ce:25:
40:c3:fa:b3:78:73:42:bb:ff:94:c6:c6:84:54:50:
a5:b8:fc:25:bf:d0:df:60:0b:38:92:2e:0d:c4:3c:
5a:8c:96:41:89:e5:ea:f3:48:41:4f:69:a7:ff:32:
d8:84:67:08:e5:c3:46:54:43:4c:46:40:68:ab:0f:
26:98:13:c6:36:ae:02:6b:72:1a:c6:fb:5f:60:6a:
ea:ea:c6:2f:62:a8:b5:fc:c4:31:a5:cb:cc:0c:59:
74:11:93:b9:a3:90:85:3e:14:dd:06:0a:5a:7c:9d:
ff:05:fa:40:ec:dc:4d:1e:0d:bc:4f:a7:07:26:18:
b8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D6:CB:94:CB:BB:B7:0D:2C:41:9D:4D:0A:E7:0F:D6:DD:F4:60:B6
X509v3 Authority Key Identifier:
keyid:D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/5NbLlMu7tw0sQZ1NCucP1t30YLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/1DdYFDRN8L9tAXczrNxIjwAmMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.203.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:b9:f1:1f:9a:42:18:5d:f5:70:1b:57:82:c9:e7:1e:f9:75:
cc:59:cd:2c:10:68:ff:03:4d:27:a8:a5:ba:f2:91:ae:16:b1:
0f:e2:91:de:e9:80:bc:2b:f1:13:00:2f:43:f6:f0:ec:4e:ea:
d5:58:b4:cc:c0:3a:e8:37:4c:d5:c1:31:b7:55:e8:fd:30:31:
7b:d2:82:0e:f5:ad:28:95:fb:7c:e1:49:0e:96:bd:16:e0:01:
45:d6:9c:3e:83:34:1d:6c:ba:47:0e:ec:94:15:99:a7:69:4c:
d0:6b:1b:07:21:83:37:cb:36:d7:20:ef:e8:5c:2a:10:9b:ac:
73:ef:db:57:ef:27:24:7a:6e:d5:74:98:a1:4e:17:13:24:ea:
b2:a0:a4:ec:23:fd:b1:23:ac:13:f7:a4:52:29:62:9a:bf:ec:
40:55:2b:9f:77:57:9d:de:dc:0a:4c:88:b5:31:80:71:19:87:
11:e4:d0:1d:50:2c:d3:a9:67:bc:99:9d:b8:8a:a5:4f:8b:06:
99:9b:b5:19:7c:02:49:96:00:d3:f0:ba:d3:d6:84:5b:93:36:
80:4d:07:50:81:38:4f:bb:63:be:3e:a1:bd:51:0f:b3:5b:5e:
d6:92:ea:51:22:1a:ae:10:75:42:e3:d2:46:00:77:dd:34:65:
51:a2:85:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDttSQVNbd/itx9jpKxONyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Mzc1ODE0MzQ0ZGYwYmY2ZDAxNzczM2FjZGM0ODhmMDAy
NjMxYjIwHhcNMjQwMTAxMDYyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGQ2Y2I5NGNiYmJiNzBkMmM0MTlkNGQwYWU3MGZkNmRkZjQ2MGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdthkHHbUStMBQg5qTZgS7TkR5Uk
SUdYcCtmSJ087fyPIF2J9nnE9yuPPgN0s4cdjra1re06aa2JsQXhbDMDk2rlFyEN
SYxoleJsCm4251nRbuevYDBrgaEcXBOIhmkId103+EDq9fnGd9lTlueUWL+/onm7
8rzrkf6SbMvUEsy81vQjziVAw/qzeHNCu/+UxsaEVFCluPwlv9DfYAs4ki4NxDxa
jJZBieXq80hBT2mn/zLYhGcI5cNGVENMRkBoqw8mmBPGNq4Ca3IaxvtfYGrq6sYv
Yqi1/MQxpcvMDFl0EZO5o5CFPhTdBgpafJ3/BfpA7NxNHg28T6cHJhi40QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOTWy5TLu7cNLEGdTQrnD9bd9GC2MB8GA1UdIwQY
MBaAFNQ3WBQ0TfC/bQF3M6zcSI8AJjGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2Yt
MzY3MWQ2N2ViOWY4LzEvNU5iTGxNdTd0dzBzUVoxTkN1Y1AxdDMwWUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2YtMzY3MWQ2N2ViOWY4
LzEvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALgjLMA0G
CSqGSIb3DQEBCwUAA4IBAQBsufEfmkIYXfVwG1eCyece+XXMWc0sEGj/A00nqKW6
8pGuFrEP4pHe6YC8K/ETAC9D9vDsTurVWLTMwDroN0zVwTG3Vej9MDF70oIO9a0o
lft84UkOlr0W4AFF1pw+gzQdbLpHDuyUFZmnaUzQaxsHIYM3yzbXIO/oXCoQm6xz
79tX7yckem7VdJihThcTJOqyoKTsI/2xI6wT96RSKWKav+xAVSufd1ed3twKTIi1
MYBxGYcR5NAdUCzTqWe8mZ24iqVPiwaZm7UZfAJJlgDT8LrT1oRbkzaATQdQgThP
u2O+PqG9UQ+zW17WkupRIhquEHVC49JGAHfdNGVRooX7
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:36 2025 by rpki-client