Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/149cf6-611d-4e03-a660-dce1127ab223/1/7YvWlEI3fG_6tIkLvcuJv3o01SY.roa
File: 7YvWlEI3fG_6tIkLvcuJv3o01SY.roa (raw, json)
Hash identifier: +EqQ2JJT90jy8C5ar8E5Q5unGgbRalMYij7MKJh7vbw=
Subject key identifier: ED:8B:D6:94:42:37:7C:6F:FA:B4:89:0B:BD:CB:89:BF:7A:34:D5:26
Certificate issuer: /CN=70cbeb388f5902c16160bbed0962cb622b2bb832
Certificate serial: 018CC6B80284DE6C74DD989DD94D326F5A52
Authority key identifier: 70:CB:EB:38:8F:59:02:C1:61:60:BB:ED:09:62:CB:62:2B:2B:B8:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvrOI9ZAsFhYLvtCWLLYisruDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/149cf6-611d-4e03-a660-dce1127ab223/1/7YvWlEI3fG_6tIkLvcuJv3o01SY.roa
Signing time: Mon 01 Jan 2024 20:29:57 +0000
ROA not before: Mon 01 Jan 2024 20:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 185.46.20.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:02:84:de:6c:74:dd:98:9d:d9:4d:32:6f:5a:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbeb388f5902c16160bbed0962cb622b2bb832
Validity
Not Before: Jan 1 20:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed8bd69442377c6ffab4890bbdcb89bf7a34d526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:59:f4:79:ff:8a:ba:c4:66:56:9b:ea:51:91:
f7:62:13:ee:a3:e6:98:fc:5f:bd:1b:e3:f3:aa:39:
1f:eb:ae:37:62:04:3c:e7:e5:c4:39:cc:2b:ba:51:
0b:7f:50:96:cf:5f:03:83:39:44:8b:81:14:94:e0:
26:47:6a:5a:38:1d:20:06:bf:d5:e1:3c:67:ae:fd:
1f:80:f6:7b:3c:ff:23:fd:fa:32:39:c3:13:dc:2f:
69:ee:e3:98:5d:97:7b:22:56:35:04:6e:57:63:67:
a2:12:77:86:8f:8a:df:2e:bb:c5:98:2e:16:8f:77:
8a:fb:60:c9:96:e5:b6:b8:0f:2d:79:92:94:09:6d:
f0:26:1d:04:2d:c1:90:2d:f0:7d:a3:88:1c:1f:0d:
d7:7c:6e:59:37:79:0e:0f:8f:e7:c0:44:86:a8:75:
f9:27:4c:f5:bb:93:3d:15:fb:fa:52:93:63:f1:95:
40:89:25:b1:90:c2:cc:5f:fc:10:30:8d:58:65:ab:
66:2e:dd:af:99:6d:e0:44:c4:a8:b5:d0:d5:b6:83:
a1:c9:1f:b4:54:65:e3:f4:b3:a4:48:99:2b:e1:00:
36:a1:b5:57:2c:ab:66:42:dc:5a:78:bf:df:23:a7:
58:85:c3:5b:a0:0c:72:af:06:e6:dc:f8:36:bb:07:
3a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:8B:D6:94:42:37:7C:6F:FA:B4:89:0B:BD:CB:89:BF:7A:34:D5:26
X509v3 Authority Key Identifier:
keyid:70:CB:EB:38:8F:59:02:C1:61:60:BB:ED:09:62:CB:62:2B:2B:B8:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvrOI9ZAsFhYLvtCWLLYisruDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/149cf6-611d-4e03-a660-dce1127ab223/1/7YvWlEI3fG_6tIkLvcuJv3o01SY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/149cf6-611d-4e03-a660-dce1127ab223/1/cMvrOI9ZAsFhYLvtCWLLYisruDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.20.0/22
Signature Algorithm: sha256WithRSAEncryption
55:8e:54:19:ac:39:2e:d7:3c:23:0e:6f:db:d4:f2:ab:b1:13:
3c:9c:be:9a:94:78:62:6e:89:2b:46:0c:ea:ce:d2:52:b1:71:
b6:82:6e:5a:d3:71:6a:c1:d5:84:25:b6:e1:e2:aa:20:fe:41:
a1:1d:10:2f:27:47:98:9f:f9:0e:5a:74:a0:33:ec:f1:8d:53:
38:da:e9:94:72:34:c1:05:fa:10:be:7a:5c:ca:39:76:88:ed:
32:3c:a4:19:e2:f4:26:1f:6a:bf:06:49:cc:f7:31:cf:76:2c:
16:3d:66:c2:49:22:d4:36:a3:f8:f5:a3:4f:fe:8d:c6:48:8b:
be:02:c2:9b:78:60:98:17:82:05:21:69:36:28:ad:88:1b:ed:
8d:2e:9b:38:29:0d:00:29:28:af:28:86:ce:60:77:32:ba:ad:
ff:e1:eb:c7:49:1f:1f:2b:f2:f3:7e:ce:56:dd:c9:a5:ad:a9:
56:3a:4d:52:29:53:9d:8a:e5:65:28:78:08:44:af:98:b6:99:
e4:fb:e7:17:eb:59:bd:3b:24:64:6f:9f:e1:e7:e2:22:96:41:
07:03:49:25:04:dd:3a:79:81:91:6f:73:f7:bb:b1:c7:04:00:
b9:66:51:3f:85:67:6d:04:f6:fd:87:79:92:85:b5:6b:8d:06:
e8:1f:08:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuAKE3mx03Zid2U0yb1pSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwY2JlYjM4OGY1OTAyYzE2MTYwYmJlZDA5NjJjYjYyMmIy
YmI4MzIwHhcNMjQwMTAxMjAyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDhiZDY5NDQyMzc3YzZmZmFiNDg5MGJiZGNiODliZjdhMzRkNTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1n0ef+KusRmVpvqUZH3YhPuo+aY
/F+9G+Pzqjkf6643YgQ85+XEOcwrulELf1CWz18DgzlEi4EUlOAmR2paOB0gBr/V
4Txnrv0fgPZ7PP8j/foyOcMT3C9p7uOYXZd7IlY1BG5XY2eiEneGj4rfLrvFmC4W
j3eK+2DJluW2uA8teZKUCW3wJh0ELcGQLfB9o4gcHw3XfG5ZN3kOD4/nwESGqHX5
J0z1u5M9Ffv6UpNj8ZVAiSWxkMLMX/wQMI1YZatmLt2vmW3gRMSotdDVtoOhyR+0
VGXj9LOkSJkr4QA2obVXLKtmQtxaeL/fI6dYhcNboAxyrwbm3Pg2uwc6uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO2L1pRCN3xv+rSJC73Lib96NNUmMB8GA1UdIwQY
MBaAFHDL6ziPWQLBYWC77Qliy2IrK7gyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY012ck9JOVpBc0ZoWUx2dENXTExZaXNydURJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xNDljZjYtNjExZC00ZTAzLWE2NjAt
ZGNlMTEyN2FiMjIzLzEvN1l2V2xFSTNmR182dElrTHZjdUp2M28wMVNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8xNDljZjYtNjExZC00ZTAzLWE2NjAtZGNlMTEyN2FiMjIz
LzEvY012ck9JOVpBc0ZoWUx2dENXTExZaXNydURJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuS4UMA0G
CSqGSIb3DQEBCwUAA4IBAQBVjlQZrDku1zwjDm/b1PKrsRM8nL6alHhibokrRgzq
ztJSsXG2gm5a03FqwdWEJbbh4qog/kGhHRAvJ0eYn/kOWnSgM+zxjVM42umUcjTB
BfoQvnpcyjl2iO0yPKQZ4vQmH2q/BknM9zHPdiwWPWbCSSLUNqP49aNP/o3GSIu+
AsKbeGCYF4IFIWk2KK2IG+2NLps4KQ0AKSivKIbOYHcyuq3/4evHSR8fK/Lzfs5W
3cmlralWOk1SKVOdiuVlKHgIRK+Ytpnk++cX61m9OyRkb5/h5+IilkEHA0klBN06
eYGRb3P3u7HHBAC5ZlE/hWdtBPb9h3mShbVrjQboHwhN
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:03:46 2025 by rpki-client