Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/6d729e-e16b-41a9-9012-014c70977d49/1/I7L-RX8AfJfyyRlByagDjiuIGxo.roa
File: I7L-RX8AfJfyyRlByagDjiuIGxo.roa (raw, json)
Hash identifier: ohxO+HYxRvU+WqulTjWuS+qpMNCmglZvgUXJ89EhGFA=
Subject key identifier: 23:B2:FE:45:7F:00:7C:97:F2:C9:19:41:C9:A8:03:8E:2B:88:1B:1A
Certificate issuer: /CN=52a59bf043080306359f5a29491f545b07051c05
Certificate serial: 018CC64B78B684A9AD314C458B8AC1052263
Authority key identifier: 52:A5:9B:F0:43:08:03:06:35:9F:5A:29:49:1F:54:5B:07:05:1C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UqWb8EMIAwY1n1opSR9UWwcFHAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/6d729e-e16b-41a9-9012-014c70977d49/1/I7L-RX8AfJfyyRlByagDjiuIGxo.roa
Signing time: Mon 01 Jan 2024 18:31:24 +0000
ROA not before: Mon 01 Jan 2024 18:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28716
IP address blocks: 46.183.232.0/21 maxlen: 21
185.133.216.0/22 maxlen: 22
2a03:9c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 08 Nov 2024 13:38:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:78:b6:84:a9:ad:31:4c:45:8b:8a:c1:05:22:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52a59bf043080306359f5a29491f545b07051c05
Validity
Not Before: Jan 1 18:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23b2fe457f007c97f2c91941c9a8038e2b881b1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5e:b5:30:f1:16:20:20:bc:00:17:66:c5:89:
df:3a:89:6f:3b:04:1a:81:b4:1b:32:e7:a6:cb:a5:
1c:76:d9:0c:a3:4a:1e:27:3a:15:04:f7:78:da:ab:
3b:da:4e:33:0a:6a:c7:e3:aa:3d:55:97:b3:c8:db:
3f:4e:ff:c8:c1:00:a6:d4:e6:e4:c2:8d:9a:ae:77:
23:db:63:a1:b5:cf:cf:f4:28:55:d3:ff:50:2a:ac:
5e:77:8d:a9:d3:fd:f9:80:9c:2a:2c:c8:18:c0:87:
c3:2e:33:c5:55:4a:dd:33:26:82:ef:b5:08:e0:0b:
e5:42:0e:04:da:e5:68:5b:f6:89:a7:d8:22:ea:91:
ec:a1:e1:39:40:6e:64:a7:1c:00:10:27:59:3b:30:
ff:24:40:f8:be:bb:48:8b:7d:17:f6:00:81:cc:e0:
1c:40:87:ac:06:fb:f2:d9:f1:4f:bf:5e:99:69:d6:
9e:e1:3d:d2:49:76:3b:e3:4d:c7:a5:50:7f:86:ca:
fb:a7:34:1c:16:f4:d4:a2:c2:e4:e2:2a:62:ec:42:
c1:cb:1f:61:34:e8:4c:14:89:31:af:f9:b8:f2:90:
ee:62:e2:b2:e0:3e:b1:f9:76:56:6e:10:f7:fd:e9:
44:27:a4:cc:76:4c:c7:cb:45:fe:2a:6d:1c:0b:74:
27:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:B2:FE:45:7F:00:7C:97:F2:C9:19:41:C9:A8:03:8E:2B:88:1B:1A
X509v3 Authority Key Identifier:
keyid:52:A5:9B:F0:43:08:03:06:35:9F:5A:29:49:1F:54:5B:07:05:1C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqWb8EMIAwY1n1opSR9UWwcFHAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/6d729e-e16b-41a9-9012-014c70977d49/1/I7L-RX8AfJfyyRlByagDjiuIGxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/6d729e-e16b-41a9-9012-014c70977d49/1/UqWb8EMIAwY1n1opSR9UWwcFHAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.232.0/21
185.133.216.0/22
IPv6:
2a03:9c0::/32
Signature Algorithm: sha256WithRSAEncryption
8e:0e:76:3e:91:8e:10:8a:67:0b:de:36:ff:e3:63:95:9e:c8:
cd:69:c7:32:00:ce:c8:0a:1a:ad:ba:92:84:c6:04:b5:e7:19:
f6:10:e3:1a:94:9c:4d:8f:dd:26:5d:e9:f7:63:da:8c:f1:1b:
f6:2b:c2:0d:42:f1:65:c2:70:41:ec:3f:92:54:9d:a2:c0:80:
53:55:d6:cc:e2:65:6f:72:93:a3:d1:32:d1:91:f3:c7:68:a1:
1b:7d:72:e1:8a:31:be:7f:8e:0b:8d:83:08:bf:00:56:73:3f:
82:03:a4:f6:e7:14:1e:80:d7:59:f0:6a:71:be:4d:6e:b0:5a:
05:fe:a9:a1:fe:f1:5b:29:df:b1:a3:5b:60:89:ab:1d:6e:3a:
7d:a5:24:8d:17:ff:66:26:5d:90:b0:55:6c:ef:0e:7d:9e:46:
bc:9a:55:fe:8a:7f:5a:7c:a9:c7:7a:b5:45:34:d9:7d:40:8e:
a5:1b:3a:96:ee:00:4c:0a:b8:6e:c8:8f:78:df:d5:0b:c6:5b:
c8:f7:b5:d2:c6:53:6a:5f:ed:81:af:2a:6d:71:b5:a3:e0:ca:
a8:80:b2:13:0f:b1:80:8a:21:53:45:6f:18:05:d3:53:41:3f:
b0:ef:99:10:32:7e:74:f7:64:6e:94:30:24:1e:1a:04:10:db:
c0:5a:a8:4a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGS3i2hKmtMUxFi4rBBSJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYTU5YmYwNDMwODAzMDYzNTlmNWEyOTQ5MWY1NDViMDcw
NTFjMDUwHhcNMjQwMTAxMTgzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2IyZmU0NTdmMDA3Yzk3ZjJjOTE5NDFjOWE4MDM4ZTJiODgxYjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnF61MPEWICC8ABdmxYnfOolvOwQa
gbQbMuemy6UcdtkMo0oeJzoVBPd42qs72k4zCmrH46o9VZezyNs/Tv/IwQCm1Obk
wo2arncj22Ohtc/P9ChV0/9QKqxed42p0/35gJwqLMgYwIfDLjPFVUrdMyaC77UI
4AvlQg4E2uVoW/aJp9gi6pHsoeE5QG5kpxwAECdZOzD/JED4vrtIi30X9gCBzOAc
QIesBvvy2fFPv16Zadae4T3SSXY7403HpVB/hsr7pzQcFvTUosLk4ipi7ELByx9h
NOhMFIkxr/m48pDuYuKy4D6x+XZWbhD3/elEJ6TMdkzHy0X+Km0cC3QnGwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCOy/kV/AHyX8skZQcmoA44riBsaMB8GA1UdIwQY
MBaAFFKlm/BDCAMGNZ9aKUkfVFsHBRwFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXFXYjhFTUlBd1kxbjFvcFNSOVVXd2NGSEFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy82ZDcyOWUtZTE2Yi00MWE5LTkwMTIt
MDE0YzcwOTc3ZDQ5LzEvSTdMLVJYOEFmSmZ5eVJsQnlhZ0RqaXVJR3hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy82ZDcyOWUtZTE2Yi00MWE5LTkwMTItMDE0YzcwOTc3ZDQ5
LzEvVXFXYjhFTUlBd1kxbjFvcFNSOVVXd2NGSEFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLrfoAwQC
uYXYMA0EAgACMAcDBQAqAwnAMA0GCSqGSIb3DQEBCwUAA4IBAQCODnY+kY4QimcL
3jb/42OVnsjNaccyAM7IChqtupKExgS15xn2EOMalJxNj90mXen3Y9qM8Rv2K8IN
QvFlwnBB7D+SVJ2iwIBTVdbM4mVvcpOj0TLRkfPHaKEbfXLhijG+f44LjYMIvwBW
cz+CA6T25xQegNdZ8Gpxvk1usFoF/qmh/vFbKd+xo1tgiasdbjp9pSSNF/9mJl2Q
sFVs7w59nka8mlX+in9afKnHerVFNNl9QI6lGzqW7gBMCrhuyI9439ULxlvI97XS
xlNqX+2BryptcbWj4MqogLITD7GAiiFTRW8YBdNTQT+w75kQMn5092RulDAkHhoE
ENvAWqhK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:41 2025 by rpki-client