Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/2851b6-2e65-4859-9c05-506bb6c679ce/1/bq9CqvnrnmLj-nXKhmfPIEjqEiI.roa
File: bq9CqvnrnmLj-nXKhmfPIEjqEiI.roa (raw, json)
Hash identifier: zEveyUVxjKvk59RxfTsEnCz9v++3bm7NlZK7a0s2pmo=
Subject key identifier: 6E:AF:42:AA:F9:EB:9E:62:E3:FA:75:CA:86:67:CF:20:48:EA:12:22
Certificate issuer: /CN=a2f6bc8f163af49c03d9ad69e716b42c5b96ee79
Certificate serial: 018CC349598B9D83DD0CCFEF216EA10E1F1F
Authority key identifier: A2:F6:BC:8F:16:3A:F4:9C:03:D9:AD:69:E7:16:B4:2C:5B:96:EE:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ova8jxY69JwD2a1p5xa0LFuW7nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/2851b6-2e65-4859-9c05-506bb6c679ce/1/bq9CqvnrnmLj-nXKhmfPIEjqEiI.roa
Signing time: Mon 01 Jan 2024 04:30:13 +0000
ROA not before: Mon 01 Jan 2024 04:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 46.19.169.0/24 maxlen: 24
46.19.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:49:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:59:8b:9d:83:dd:0c:cf:ef:21:6e:a1:0e:1f:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2f6bc8f163af49c03d9ad69e716b42c5b96ee79
Validity
Not Before: Jan 1 04:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6eaf42aaf9eb9e62e3fa75ca8667cf2048ea1222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:be:94:c0:c1:9d:f1:2b:1f:1c:87:9d:fb:cf:
ad:5a:15:b8:21:c6:c0:fe:01:c6:1e:f4:66:4e:e9:
4c:19:b5:28:a3:27:61:4f:e1:2d:8a:6f:be:19:69:
67:ee:b4:db:6d:5e:e1:e0:b4:2e:73:56:23:e4:c0:
87:11:0d:0f:30:68:a7:4f:e4:3e:c0:70:4a:b9:b9:
49:3f:94:65:a6:c0:6e:88:8d:7f:0a:7e:15:d0:0f:
82:1e:61:9d:d2:6a:f8:dc:b1:3e:1c:d1:2e:df:f5:
de:ff:0d:54:05:63:ad:0d:31:92:5f:e8:c1:65:ff:
03:ea:e2:ce:4a:18:7f:bb:5a:e8:84:96:cd:66:14:
2a:bf:5b:25:f4:2c:93:c0:0e:6a:4c:78:5e:4f:98:
8d:aa:d6:49:5e:27:ac:d7:79:9c:fd:bb:a4:48:8c:
67:a1:cc:09:d7:37:5c:72:b1:7c:58:fc:c1:68:1b:
aa:bf:96:a5:b3:aa:68:50:e5:95:29:f1:96:c7:38:
a6:87:5e:7f:16:30:4a:70:f0:86:0e:73:c5:50:ad:
d3:e0:13:0a:f8:af:24:c7:5a:79:a6:ac:ee:d7:fd:
9f:3d:81:f2:11:72:87:94:7a:4d:10:e9:75:a2:f5:
23:c7:a2:87:a4:59:10:db:cd:71:f3:1d:55:ca:28:
11:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:AF:42:AA:F9:EB:9E:62:E3:FA:75:CA:86:67:CF:20:48:EA:12:22
X509v3 Authority Key Identifier:
keyid:A2:F6:BC:8F:16:3A:F4:9C:03:D9:AD:69:E7:16:B4:2C:5B:96:EE:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ova8jxY69JwD2a1p5xa0LFuW7nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/2851b6-2e65-4859-9c05-506bb6c679ce/1/bq9CqvnrnmLj-nXKhmfPIEjqEiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/2851b6-2e65-4859-9c05-506bb6c679ce/1/ova8jxY69JwD2a1p5xa0LFuW7nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.168.0/23
Signature Algorithm: sha256WithRSAEncryption
39:f7:4b:8d:a0:c1:f9:94:6e:fa:13:95:ff:f2:29:92:1c:ba:
78:84:c1:d6:fc:fa:ea:00:f8:79:79:dc:7e:03:e5:5e:77:f2:
e5:d8:b9:f2:93:3b:c7:20:ff:d0:ea:25:63:1c:d0:86:34:5d:
3a:94:92:4d:17:67:45:77:78:28:d6:90:d4:b1:0e:ed:cb:c3:
99:13:92:f8:c5:40:bd:0b:8a:97:03:a1:8a:c8:75:2e:f2:b0:
4b:ac:69:9f:90:09:5b:86:da:d1:1d:62:ea:10:b0:b7:b3:9d:
ad:65:b5:2e:b3:ff:32:96:54:95:1c:22:2d:5e:99:93:ba:d5:
a6:33:31:d1:d6:d3:eb:84:fd:6b:36:f2:d8:8c:b0:ba:e9:97:
bb:d7:e2:1e:4c:9f:ff:a3:0d:30:d7:6e:cc:07:5f:fb:e0:b9:
9a:0d:bf:13:d4:91:22:bb:22:61:1b:76:d1:5c:63:22:b3:4c:
d6:eb:c4:28:31:df:00:9c:37:3f:a1:ce:0d:a2:94:00:0e:48:
20:c3:15:55:49:59:64:c0:03:2d:20:1a:7e:08:a9:2e:9b:be:
ae:ba:e3:ac:a5:c6:87:c4:ed:ed:e2:2d:f9:50:e4:cf:04:66:
ad:aa:9a:e9:fd:17:a8:e5:7e:ab:97:3f:81:91:dd:45:ed:58:
05:60:e0:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSVmLnYPdDM/vIW6hDh8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZjZiYzhmMTYzYWY0OWMwM2Q5YWQ2OWU3MTZiNDJjNWI5
NmVlNzkwHhcNMjQwMTAxMDQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWFmNDJhYWY5ZWI5ZTYyZTNmYTc1Y2E4NjY3Y2YyMDQ4ZWExMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0L6UwMGd8SsfHIed+8+tWhW4IcbA
/gHGHvRmTulMGbUooydhT+Etim++GWln7rTbbV7h4LQuc1Yj5MCHEQ0PMGinT+Q+
wHBKublJP5RlpsBuiI1/Cn4V0A+CHmGd0mr43LE+HNEu3/Xe/w1UBWOtDTGSX+jB
Zf8D6uLOShh/u1rohJbNZhQqv1sl9CyTwA5qTHheT5iNqtZJXies13mc/bukSIxn
ocwJ1zdccrF8WPzBaBuqv5als6poUOWVKfGWxzimh15/FjBKcPCGDnPFUK3T4BMK
+K8kx1p5pqzu1/2fPYHyEXKHlHpNEOl1ovUjx6KHpFkQ281x8x1VyigRVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG6vQqr5655i4/p1yoZnzyBI6hIiMB8GA1UdIwQY
MBaAFKL2vI8WOvScA9mtaecWtCxblu55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3ZhOGp4WTY5SndEMmExcDV4YTBMRnVXN25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yODUxYjYtMmU2NS00ODU5LTljMDUt
NTA2YmI2YzY3OWNlLzEvYnE5Q3F2bnJubUxqLW5YS2htZlBJRWpxRWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yODUxYjYtMmU2NS00ODU5LTljMDUtNTA2YmI2YzY3OWNl
LzEvb3ZhOGp4WTY5SndEMmExcDV4YTBMRnVXN25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLhOoMA0G
CSqGSIb3DQEBCwUAA4IBAQA590uNoMH5lG76E5X/8imSHLp4hMHW/PrqAPh5edx+
A+Ved/Ll2LnykzvHIP/Q6iVjHNCGNF06lJJNF2dFd3go1pDUsQ7ty8OZE5L4xUC9
C4qXA6GKyHUu8rBLrGmfkAlbhtrRHWLqELC3s52tZbUus/8yllSVHCItXpmTutWm
MzHR1tPrhP1rNvLYjLC66Ze71+IeTJ//ow0w127MB1/74LmaDb8T1JEiuyJhG3bR
XGMis0zW68QoMd8AnDc/oc4NopQADkggwxVVSVlkwAMtIBp+CKkum76uuuOspcaH
xO3t4i35UOTPBGatqprp/Reo5X6rlz+Bkd1F7VgFYOCH
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:50:26 2025 by rpki-client