Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/CQOd88iVQiYhCO-xql951viXPbk.roa
File: CQOd88iVQiYhCO-xql951viXPbk.roa (raw, json)
Hash identifier: 3bWR56SWRtkntfJx09AzHtWbPu1mkHYGZH9JjEgf+6k=
Subject key identifier: 09:03:9D:F3:C8:95:42:26:21:08:EF:B1:AA:5F:79:D6:F8:97:3D:B9
Certificate issuer: /CN=d4375814344df0bf6d017733acdc488f002631b2
Certificate serial: 0193ADF2FB4110A50ABF70A2D22C74EFDD4E
Authority key identifier: D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/CQOd88iVQiYhCO-xql951viXPbk.roa
Signing time: Tue 10 Dec 2024 00:23:22 +0000
ROA not before: Tue 10 Dec 2024 00:23:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 46.8.116.0/24 maxlen: 24
46.8.200.0/24 maxlen: 24
46.8.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ad:f2:fb:41:10:a5:0a:bf:70:a2:d2:2c:74:ef:dd:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4375814344df0bf6d017733acdc488f002631b2
Validity
Not Before: Dec 10 00:23:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09039df3c89542262108efb1aa5f79d6f8973db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8b:07:22:24:df:1a:f2:d1:09:d3:a8:02:f4:
f0:ff:b6:24:f7:03:0e:05:e2:fd:8b:2e:2d:47:cc:
6d:05:d4:2b:1b:52:79:8c:e0:a0:41:13:5e:7f:e1:
b8:8b:2d:48:2d:de:cf:40:73:45:65:2b:a5:a6:a0:
bc:70:5b:55:ce:a2:90:fe:60:f9:b4:80:14:67:59:
93:c4:93:8b:64:1f:10:27:0b:e2:7d:43:a4:97:3b:
6d:57:f4:07:98:f8:4d:68:87:72:62:76:b3:8a:07:
60:7c:85:0b:3e:24:16:b7:2c:ac:4d:c2:ea:35:8f:
5d:be:f6:ef:7c:6a:ca:d2:cd:40:f5:f4:a5:06:42:
7b:57:35:3a:c9:57:a0:a6:83:09:8b:9a:10:2c:99:
8d:60:89:e2:62:af:ae:76:23:db:58:9b:c0:ae:ce:
ba:0c:07:a6:b8:d4:8d:e1:a6:25:0d:e8:ee:62:25:
f3:31:e2:be:69:9e:d0:6f:b1:cf:3d:f9:2f:46:c7:
0c:17:0a:13:51:d6:6c:55:a0:e3:3e:af:41:a7:fe:
51:fb:be:ea:4b:dc:c3:fa:08:40:c6:c8:1a:f8:1a:
3e:12:13:ba:75:2e:58:a8:4b:73:05:a5:1f:62:41:
36:b4:c0:54:fc:fa:dc:e1:42:c3:2e:3d:f5:3a:c0:
30:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:03:9D:F3:C8:95:42:26:21:08:EF:B1:AA:5F:79:D6:F8:97:3D:B9
X509v3 Authority Key Identifier:
keyid:D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/CQOd88iVQiYhCO-xql951viXPbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/1DdYFDRN8L9tAXczrNxIjwAmMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.116.0/24
46.8.200.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:49:9d:c5:c0:79:fc:c5:4b:66:02:b9:33:07:31:e1:12:e1:
03:c5:84:10:41:dd:09:77:55:02:02:41:4b:3b:36:d8:96:d3:
ec:eb:d1:78:cc:7f:b3:42:d4:bc:56:25:8c:f4:6f:8e:60:ce:
36:13:ca:14:f2:5f:46:bd:77:2e:41:33:7b:2e:e0:71:ad:fd:
01:bc:f8:c3:11:fd:09:35:58:13:d5:8e:b5:00:b8:69:ab:c9:
78:d0:07:0e:c1:87:ae:36:83:13:a6:09:e4:65:92:ce:d0:b2:
ae:24:d5:fb:08:45:76:5b:0d:eb:85:0e:17:d2:1b:57:b2:7f:
b6:2f:c6:96:a3:6f:6c:a5:71:67:49:8c:db:dc:ec:85:d8:a5:
6b:18:a6:e9:8a:57:d8:c2:49:3a:50:7f:71:80:3e:b0:c6:67:
96:8f:51:55:25:77:d5:98:1b:82:b4:42:6c:36:d1:4b:65:2f:
1d:3f:9a:3a:c3:cf:13:f4:de:55:28:61:6f:b2:db:d8:53:84:
a6:c8:db:98:e3:63:68:34:0c:38:98:18:45:c4:fb:25:40:a1:
8d:41:a9:bd:54:73:79:73:79:92:fe:f1:40:6d:ad:54:cf:bb:
30:45:25:2d:ce:af:dc:e5:0f:da:84:ed:27:fe:36:aa:7f:2d:
85:b6:b1:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOt8vtBEKUKv3Ci0ix0791OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Mzc1ODE0MzQ0ZGYwYmY2ZDAxNzczM2FjZGM0ODhmMDAy
NjMxYjIwHhcNMjQxMjEwMDAyMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTAzOWRmM2M4OTU0MjI2MjEwOGVmYjFhYTVmNzlkNmY4OTczZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIsHIiTfGvLRCdOoAvTw/7Yk9wMO
BeL9iy4tR8xtBdQrG1J5jOCgQRNef+G4iy1ILd7PQHNFZSulpqC8cFtVzqKQ/mD5
tIAUZ1mTxJOLZB8QJwvifUOklzttV/QHmPhNaIdyYnazigdgfIULPiQWtyysTcLq
NY9dvvbvfGrK0s1A9fSlBkJ7VzU6yVegpoMJi5oQLJmNYIniYq+udiPbWJvArs66
DAemuNSN4aYlDejuYiXzMeK+aZ7Qb7HPPfkvRscMFwoTUdZsVaDjPq9Bp/5R+77q
S9zD+ghAxsga+Bo+EhO6dS5YqEtzBaUfYkE2tMBU/Prc4ULDLj31OsAw2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAkDnfPIlUImIQjvsapfedb4lz25MB8GA1UdIwQY
MBaAFNQ3WBQ0TfC/bQF3M6zcSI8AJjGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2Yt
MzY3MWQ2N2ViOWY4LzEvQ1FPZDg4aVZRaVloQ08teHFsOTUxdmlYUGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2YtMzY3MWQ2N2ViOWY4
LzEvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALgh0AwQB
LgjIMA0GCSqGSIb3DQEBCwUAA4IBAQBrSZ3FwHn8xUtmArkzBzHhEuEDxYQQQd0J
d1UCAkFLOzbYltPs69F4zH+zQtS8ViWM9G+OYM42E8oU8l9GvXcuQTN7LuBxrf0B
vPjDEf0JNVgT1Y61ALhpq8l40AcOwYeuNoMTpgnkZZLO0LKuJNX7CEV2Ww3rhQ4X
0htXsn+2L8aWo29spXFnSYzb3OyF2KVrGKbpilfYwkk6UH9xgD6wxmeWj1FVJXfV
mBuCtEJsNtFLZS8dP5o6w88T9N5VKGFvstvYU4SmyNuY42NoNAw4mBhFxPslQKGN
Qam9VHN5c3mS/vFAba1Uz7swRSUtzq/c5Q/ahO0n/jaqfy2FtrGx
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:57 2025 by rpki-client