Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/u9Y8DlzF-1eXoDqhm7yk23JMY80.roa
File: u9Y8DlzF-1eXoDqhm7yk23JMY80.roa (raw, json)
Hash identifier: lMCy5JxrxYvMWGK3TlzmNZPtgtpH2pejBh/cErJOQIM=
Subject key identifier: BB:D6:3C:0E:5C:C5:FB:57:97:A0:3A:A1:9B:BC:A4:DB:72:4C:63:CD
Certificate issuer: /CN=7fc956a52b73504a4f1ff34547199297a7f5de9d
Certificate serial: 018CC500DB14FCB55FB4479B7E832537AD76
Authority key identifier: 7F:C9:56:A5:2B:73:50:4A:4F:1F:F3:45:47:19:92:97:A7:F5:DE:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f8lWpStzUEpPH_NFRxmSl6f13p0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/u9Y8DlzF-1eXoDqhm7yk23JMY80.roa
Signing time: Mon 01 Jan 2024 12:30:16 +0000
ROA not before: Mon 01 Jan 2024 12:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203239
IP address blocks: 146.247.46.0/24 maxlen: 24
2a0d:1e00::/48 maxlen: 48
2a0d:1e00:46::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:db:14:fc:b5:5f:b4:47:9b:7e:83:25:37:ad:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fc956a52b73504a4f1ff34547199297a7f5de9d
Validity
Not Before: Jan 1 12:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbd63c0e5cc5fb5797a03aa19bbca4db724c63cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4a:ab:a9:ae:c9:70:3a:6a:1c:0f:76:83:d1:
f0:70:46:bc:46:58:cd:7a:44:c3:cf:2d:e4:54:f2:
f6:c4:a6:22:54:59:73:e1:2f:1b:dc:11:ee:e4:37:
e4:8f:00:d5:f5:9a:f4:e9:b6:5d:a3:15:4a:6a:66:
20:ab:d4:52:f1:a5:04:7b:70:1a:27:53:53:57:1f:
c4:73:cf:20:e0:4c:0c:5a:bd:e4:c3:a3:2e:dc:b5:
01:c8:db:63:27:b7:ba:13:d9:8d:30:66:f0:8e:a2:
01:52:ea:be:26:21:68:49:c1:e9:db:61:9a:6e:3e:
a9:f4:3d:fe:8c:c7:12:c6:5e:e2:f4:09:3c:18:ae:
6c:62:b9:27:77:ac:36:80:2c:5a:d0:6c:e4:24:dc:
a3:7f:8b:2f:cf:20:cf:95:71:ec:6b:c0:a0:05:f2:
f9:45:6f:be:7d:af:19:9f:9a:97:24:a5:8b:c5:4a:
27:6f:ff:13:40:73:60:46:12:2f:3f:79:c1:c9:fd:
10:b8:5c:f7:9e:0a:0b:98:ec:ee:70:47:3e:85:66:
41:e3:32:05:f6:03:52:c3:dd:ff:66:48:04:92:f6:
19:ed:01:ed:97:89:2e:4a:f6:4d:1b:56:3d:0b:26:
b7:88:36:c6:99:b4:8e:2d:e8:25:98:07:81:fb:5b:
ee:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D6:3C:0E:5C:C5:FB:57:97:A0:3A:A1:9B:BC:A4:DB:72:4C:63:CD
X509v3 Authority Key Identifier:
keyid:7F:C9:56:A5:2B:73:50:4A:4F:1F:F3:45:47:19:92:97:A7:F5:DE:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8lWpStzUEpPH_NFRxmSl6f13p0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/u9Y8DlzF-1eXoDqhm7yk23JMY80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/f8lWpStzUEpPH_NFRxmSl6f13p0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.46.0/24
IPv6:
2a0d:1e00::/48
2a0d:1e00:46::/48
Signature Algorithm: sha256WithRSAEncryption
26:25:18:d8:3e:a0:3c:f6:78:96:ad:9d:9b:8c:09:ce:d8:97:
a9:e6:17:27:c2:6e:2e:49:a5:64:49:87:1a:b0:91:08:5f:5b:
ce:1b:39:6f:cc:07:ee:02:8e:43:c2:fb:2f:8e:b1:8c:33:94:
cb:6d:06:af:8c:0d:f7:ab:76:6d:5a:eb:5c:ce:ac:b5:29:76:
e4:c9:19:f1:8e:c3:2e:e2:c1:33:c1:ec:4c:ef:f6:10:65:c0:
ff:93:69:a1:a8:93:0f:36:8d:ea:ba:be:7b:68:d3:fb:b2:dc:
20:c2:d1:cb:37:a9:92:1f:12:56:39:c3:52:7f:20:a2:94:c2:
ad:8c:9d:51:57:be:9a:4f:4e:10:95:5f:8f:1b:d3:f1:97:73:
8c:4a:65:1f:f7:a7:40:4d:2c:96:42:0b:c3:83:fd:0f:a5:81:
73:0e:66:5a:ef:3b:64:23:93:db:9a:77:e7:e2:bb:c5:0e:06:
b3:60:15:28:90:d6:cb:2e:1a:ac:a5:88:a8:e3:84:86:e8:65:
95:71:63:1d:30:b7:9d:7e:8a:e2:a4:c8:99:64:58:83:c7:64:
29:9d:c5:05:f6:26:a8:16:97:61:9f:4f:71:a1:3e:e1:a5:fa:
8f:4a:5e:f7:91:1d:41:ad:fe:6d:c6:b0:86:5b:2e:a1:da:9d:
ce:31:02:23
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzFANsU/LVftEebfoMlN612MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmYzk1NmE1MmI3MzUwNGE0ZjFmZjM0NTQ3MTk5Mjk3YTdm
NWRlOWQwHhcNMjQwMTAxMTIzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmQ2M2MwZTVjYzVmYjU3OTdhMDNhYTE5YmJjYTRkYjcyNGM2M2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEqrqa7JcDpqHA92g9HwcEa8RljN
ekTDzy3kVPL2xKYiVFlz4S8b3BHu5DfkjwDV9Zr06bZdoxVKamYgq9RS8aUEe3Aa
J1NTVx/Ec88g4EwMWr3kw6Mu3LUByNtjJ7e6E9mNMGbwjqIBUuq+JiFoScHp22Ga
bj6p9D3+jMcSxl7i9Ak8GK5sYrknd6w2gCxa0GzkJNyjf4svzyDPlXHsa8CgBfL5
RW++fa8Zn5qXJKWLxUonb/8TQHNgRhIvP3nByf0QuFz3ngoLmOzucEc+hWZB4zIF
9gNSw93/ZkgEkvYZ7QHtl4kuSvZNG1Y9Cya3iDbGmbSOLeglmAeB+1vuXQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLvWPA5cxftXl6A6oZu8pNtyTGPNMB8GA1UdIwQY
MBaAFH/JVqUrc1BKTx/zRUcZkpen9d6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjhsV3BTdHpVRXBQSF9ORlJ4bVNsNmYxM3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS83MWFiNjktNjk2NS00YjcwLTk2OGQt
YmI1N2E0ZWY3MTUzLzEvdTlZOERsekYtMWVYb0RxaG03eWsyM0pNWTgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS83MWFiNjktNjk2NS00YjcwLTk2OGQtYmI1N2E0ZWY3MTUz
LzEvZjhsV3BTdHpVRXBQSF9ORlJ4bVNsNmYxM3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAkvcuMBgE
AgACMBIDBwAqDR4AAAADBwAqDR4AAEYwDQYJKoZIhvcNAQELBQADggEBACYlGNg+
oDz2eJatnZuMCc7Yl6nmFyfCbi5JpWRJhxqwkQhfW84bOW/MB+4CjkPC+y+OsYwz
lMttBq+MDferdm1a61zOrLUpduTJGfGOwy7iwTPB7Ezv9hBlwP+TaaGokw82jeq6
vnto0/uy3CDC0cs3qZIfElY5w1J/IKKUwq2MnVFXvppPThCVX48b0/GXc4xKZR/3
p0BNLJZCC8OD/Q+lgXMOZlrvO2Qjk9uad+fiu8UOBrNgFSiQ1ssuGqyliKjjhIbo
ZZVxYx0wt51+iuKkyJlkWIPHZCmdxQX2JqgWl2GfT3GhPuGl+o9KXveRHUGt/m3G
sIZbLqHanc4xAiM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:57 2025 by rpki-client