Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/VxVb4J3bu8oOJ0VLy9-RvTvgJQQ.roa
File: VxVb4J3bu8oOJ0VLy9-RvTvgJQQ.roa (raw, json)
Hash identifier: HUYrdKlU8D10XrUOAwv+xK3k9UaCvV6zD11NLNX8puQ=
Subject key identifier: 57:15:5B:E0:9D:DB:BB:CA:0E:27:45:4B:CB:DF:91:BD:3B:E0:25:04
Certificate issuer: /CN=e822d845e153992a78e8f44523264d2614b17b9d
Certificate serial: 018DAD4031EFF1A14B781A665F0D5E0A90DD
Authority key identifier: E8:22:D8:45:E1:53:99:2A:78:E8:F4:45:23:26:4D:26:14:B1:7B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6CLYReFTmSp46PRFIyZNJhSxe50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/VxVb4J3bu8oOJ0VLy9-RvTvgJQQ.roa
Signing time: Thu 15 Feb 2024 14:51:21 +0000
ROA not before: Thu 15 Feb 2024 14:51:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12693
IP address blocks: 46.167.32.0/21 maxlen: 21
46.167.32.0/24 maxlen: 24
185.101.54.0/24 maxlen: 24
185.101.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ad:40:31:ef:f1:a1:4b:78:1a:66:5f:0d:5e:0a:90:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e822d845e153992a78e8f44523264d2614b17b9d
Validity
Not Before: Feb 15 14:51:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57155be09ddbbbca0e27454bcbdf91bd3be02504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a9:6a:56:61:2e:af:d0:ec:2d:ac:69:b2:1d:
f0:94:43:a1:3b:c9:ab:27:23:d0:f2:bf:80:18:bd:
f2:ab:df:db:28:2b:ee:f6:44:b5:2b:05:ea:f2:26:
95:92:b6:8a:b9:3a:db:f5:23:d3:d8:65:e8:55:ca:
1c:7d:72:c3:e6:2b:64:80:ae:6e:cf:1f:65:70:78:
fe:78:5c:6b:b2:85:33:7f:c5:78:6d:40:b5:d8:0c:
98:c2:b3:a5:d5:cc:39:bd:ac:31:86:bd:bd:de:3f:
9a:d7:ea:61:9f:bf:5b:5a:bf:82:52:f5:55:f2:e9:
1f:42:a6:5a:68:35:5e:37:c6:60:de:4c:b7:e6:e9:
93:56:a7:75:b8:e2:0e:1d:dc:5e:59:85:84:8e:b0:
42:f8:81:1b:f4:11:e1:b4:4c:53:4b:11:2b:5e:38:
11:fc:da:da:17:83:d1:9b:eb:5c:aa:a5:45:46:b3:
0d:23:83:a5:c9:3e:5d:8a:7a:91:49:21:62:d5:32:
34:18:4e:fa:af:31:0b:7e:96:02:4d:25:96:ca:f4:
71:a5:82:40:6b:b5:32:7f:66:7e:e4:13:8a:11:54:
02:01:f9:1f:c5:06:16:19:a5:a7:52:3b:b3:15:7f:
3c:c8:88:44:3c:86:0a:a4:71:a1:e6:56:b9:a1:42:
7f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:15:5B:E0:9D:DB:BB:CA:0E:27:45:4B:CB:DF:91:BD:3B:E0:25:04
X509v3 Authority Key Identifier:
keyid:E8:22:D8:45:E1:53:99:2A:78:E8:F4:45:23:26:4D:26:14:B1:7B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6CLYReFTmSp46PRFIyZNJhSxe50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/VxVb4J3bu8oOJ0VLy9-RvTvgJQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/6CLYReFTmSp46PRFIyZNJhSxe50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.167.32.0/21
185.101.54.0/23
Signature Algorithm: sha256WithRSAEncryption
53:e4:82:aa:b0:cc:93:21:6c:c3:0a:fe:88:f8:c0:c1:64:7f:
70:c5:ab:67:16:19:a2:5b:38:7a:f8:86:54:90:bc:33:42:a6:
35:08:fa:63:67:66:e7:05:2c:99:9a:cc:55:75:52:1f:38:0c:
a0:f4:de:c0:e2:48:5f:c2:ee:4d:52:7c:e8:f9:2f:4b:d5:e2:
aa:ef:ce:11:e6:b2:e9:d7:73:22:8f:de:2e:95:52:c0:53:27:
60:6b:b8:f8:4c:9f:2e:3e:f0:d7:2f:27:61:5b:7e:1b:bf:71:
ee:73:32:02:e5:3f:98:1b:b1:c3:df:89:29:70:96:7d:40:27:
7d:c3:43:11:68:35:48:32:4e:6f:ba:0e:52:5d:73:76:00:ed:
e5:22:90:d9:37:51:f8:fd:89:31:6e:86:d3:e1:d8:31:92:94:
76:01:8d:41:87:db:d5:78:43:6a:0e:82:77:d1:5f:64:11:c6:
f2:56:0e:2e:bb:2e:d2:dc:e1:a9:57:89:31:42:81:0e:4f:03:
e9:86:a5:2f:4d:56:a7:d6:30:81:62:cd:a2:8a:5b:2d:ef:b5:
7a:1f:a7:2a:dd:09:9d:33:6c:e9:27:88:94:84:80:46:8f:48:
01:a2:b8:b2:7f:94:46:53:8c:83:c4:75:49:ca:e2:09:59:2e:
04:3f:2f:8f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2tQDHv8aFLeBpmXw1eCpDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MjJkODQ1ZTE1Mzk5MmE3OGU4ZjQ0NTIzMjY0ZDI2MTRi
MTdiOWQwHhcNMjQwMjE1MTQ1MTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzE1NWJlMDlkZGJiYmNhMGUyNzQ1NGJjYmRmOTFiZDNiZTAyNTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlalqVmEur9DsLaxpsh3wlEOhO8mr
JyPQ8r+AGL3yq9/bKCvu9kS1KwXq8iaVkraKuTrb9SPT2GXoVcocfXLD5itkgK5u
zx9lcHj+eFxrsoUzf8V4bUC12AyYwrOl1cw5vawxhr293j+a1+phn79bWr+CUvVV
8ukfQqZaaDVeN8Zg3ky35umTVqd1uOIOHdxeWYWEjrBC+IEb9BHhtExTSxErXjgR
/NraF4PRm+tcqqVFRrMNI4OlyT5dinqRSSFi1TI0GE76rzELfpYCTSWWyvRxpYJA
a7Uyf2Z+5BOKEVQCAfkfxQYWGaWnUjuzFX88yIhEPIYKpHGh5la5oUJ/MQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFcVW+Cd27vKDidFS8vfkb074CUEMB8GA1UdIwQY
MBaAFOgi2EXhU5kqeOj0RSMmTSYUsXudMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkNMWVJlRlRtU3A0NlBSRkl5Wk5KaFN4ZTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC83ZjFhOGMtNDhlNC00ZDk3LWIwNDIt
MWQ0MjQ2ZDdmMTU1LzEvVnhWYjRKM2J1OG9PSjBWTHk5LVJ2VHZnSlFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC83ZjFhOGMtNDhlNC00ZDk3LWIwNDItMWQ0MjQ2ZDdmMTU1
LzEvNkNMWVJlRlRtU3A0NlBSRkl5Wk5KaFN4ZTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLqcgAwQB
uWU2MA0GCSqGSIb3DQEBCwUAA4IBAQBT5IKqsMyTIWzDCv6I+MDBZH9wxatnFhmi
Wzh6+IZUkLwzQqY1CPpjZ2bnBSyZmsxVdVIfOAyg9N7A4khfwu5NUnzo+S9L1eKq
784R5rLp13Mij94ulVLAUydga7j4TJ8uPvDXLydhW34bv3HuczIC5T+YG7HD34kp
cJZ9QCd9w0MRaDVIMk5vug5SXXN2AO3lIpDZN1H4/YkxbobT4dgxkpR2AY1Bh9vV
eENqDoJ30V9kEcbyVg4uuy7S3OGpV4kxQoEOTwPphqUvTVan1jCBYs2iilst77V6
H6cq3QmdM2zpJ4iUhIBGj0gBoriyf5RGU4yDxHVJyuIJWS4EPy+P
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:00 2025 by rpki-client