Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/IQ4iAYjLyVNEBkwC1pb3wMCZ5Ak.roa
File: IQ4iAYjLyVNEBkwC1pb3wMCZ5Ak.roa (raw, json)
Hash identifier: h0D4MFB8l38+cYRO/4qtndu1lYY+7wewdzGfhDT6l2w=
Subject key identifier: 21:0E:22:01:88:CB:C9:53:44:06:4C:02:D6:96:F7:C0:C0:99:E4:09
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 018CC64B1E0D52F70DD6E46A7A73A63D7E8A
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/IQ4iAYjLyVNEBkwC1pb3wMCZ5Ak.roa
Signing time: Mon 01 Jan 2024 18:31:00 +0000
ROA not before: Mon 01 Jan 2024 18:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205220
IP address blocks: 46.32.184.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 22 Jan 2024 12:22:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:1e:0d:52:f7:0d:d6:e4:6a:7a:73:a6:3d:7e:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Jan 1 18:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=210e220188cbc95344064c02d696f7c0c099e409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8a:cd:4b:42:5e:8e:8a:58:b6:5d:fd:56:45:
27:70:40:1b:bf:f2:34:29:58:29:8f:98:fe:4c:a0:
2e:7e:33:47:f3:2a:f8:6c:50:ac:ab:fc:11:96:e7:
4c:3a:b0:8a:8c:98:7b:05:f1:50:05:7c:3b:85:9a:
4a:3d:18:02:ae:a1:b8:9a:d0:8a:8a:42:6e:bb:da:
5a:e1:b0:24:15:28:8a:25:f7:9f:3b:75:64:ad:67:
79:d8:38:eb:8d:a1:0e:09:c6:cc:e2:e0:1b:35:06:
f5:1c:0f:61:ca:a2:ac:6c:14:8e:26:6a:3b:8b:59:
71:4c:4f:ad:90:ee:0f:b6:63:0f:71:3b:95:97:da:
2c:5a:7b:77:3d:5e:b7:bc:c0:66:c9:44:af:a8:56:
5d:df:8b:64:80:4d:82:41:96:47:7f:aa:aa:3a:62:
5a:5a:25:9a:b3:88:61:2c:14:68:8b:46:4a:a6:8a:
ee:34:d8:36:e3:a1:ee:32:9a:a9:c6:95:30:44:f0:
f8:4a:34:85:2e:e0:48:19:be:51:2a:b8:a5:0a:85:
03:7c:d4:a2:c6:d3:5c:e5:f0:e0:f1:2c:6f:33:97:
33:cd:c4:91:14:d8:9b:6c:86:2e:2e:93:c1:4b:37:
20:9b:ec:96:14:89:ed:38:ef:3b:86:9a:1c:3c:fd:
90:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:0E:22:01:88:CB:C9:53:44:06:4C:02:D6:96:F7:C0:C0:99:E4:09
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/IQ4iAYjLyVNEBkwC1pb3wMCZ5Ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.184.0/22
Signature Algorithm: sha256WithRSAEncryption
11:b8:a6:f6:ca:b5:81:d6:6f:bd:2d:ca:2b:21:e2:c7:21:59:
d8:41:c1:3b:37:c8:44:d8:91:2a:ce:c9:12:56:24:95:66:cf:
6c:96:7e:c1:1f:dc:35:e3:ee:f2:ab:60:24:80:fa:81:79:f5:
aa:98:c3:25:ae:b2:3f:e3:4e:8e:51:79:c5:77:44:9c:9b:34:
54:e7:0e:f0:12:75:70:5c:91:5a:7e:1a:ad:da:4b:13:e1:99:
41:6c:36:f5:c5:73:18:13:f6:c3:2e:42:1f:ba:56:e5:97:3e:
a4:a1:88:eb:f9:b8:05:59:1e:f2:86:20:59:e4:a5:34:28:30:
ed:df:eb:59:09:f9:cd:72:6c:ce:f1:a3:4b:86:ad:b3:80:f1:
47:21:3b:e2:c6:39:95:99:e6:4f:16:f6:4a:a0:dd:07:c3:ad:
74:c0:a2:15:8c:a0:8d:b4:66:fa:40:a3:25:27:8a:39:a6:c7:
8f:d0:e3:17:55:a6:07:3a:99:e9:65:54:bf:30:2b:50:b7:0f:
ba:5b:e6:2d:43:e3:85:68:65:04:38:07:2d:bc:ef:b1:af:e8:
ad:fb:dd:d7:7f:37:60:cc:d1:e7:fd:f7:0a:35:41:9c:3c:5f:
29:6d:d6:f2:48:59:25:1e:6b:d6:e1:d3:c0:1c:3e:e1:ff:80:
84:62:69:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSx4NUvcN1uRqenOmPX6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2VlMWVjZWQxOWY4YTBhM2E2MzViZmFhMjY0MjkzZTM0
Mzc3OTUwHhcNMjQwMTAxMTgzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTBlMjIwMTg4Y2JjOTUzNDQwNjRjMDJkNjk2ZjdjMGMwOTllNDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4rNS0JejopYtl39VkUncEAbv/I0
KVgpj5j+TKAufjNH8yr4bFCsq/wRludMOrCKjJh7BfFQBXw7hZpKPRgCrqG4mtCK
ikJuu9pa4bAkFSiKJfefO3VkrWd52DjrjaEOCcbM4uAbNQb1HA9hyqKsbBSOJmo7
i1lxTE+tkO4PtmMPcTuVl9osWnt3PV63vMBmyUSvqFZd34tkgE2CQZZHf6qqOmJa
WiWas4hhLBRoi0ZKporuNNg246HuMpqpxpUwRPD4SjSFLuBIGb5RKrilCoUDfNSi
xtNc5fDg8SxvM5czzcSRFNibbIYuLpPBSzcgm+yWFIntOO87hpocPP2QewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCEOIgGIy8lTRAZMAtaW98DAmeQJMB8GA1UdIwQY
MBaAFON+4eztGfigo6Y1v6omQpPjQ3eVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMt
MzZlMzQ0YWJjOWQzLzEvSVE0aUFZakx5Vk5FQmt3QzFwYjN3TUNaNUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMtMzZlMzQ0YWJjOWQz
LzEvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLiC4MA0G
CSqGSIb3DQEBCwUAA4IBAQARuKb2yrWB1m+9LcorIeLHIVnYQcE7N8hE2JEqzskS
ViSVZs9sln7BH9w14+7yq2AkgPqBefWqmMMlrrI/406OUXnFd0ScmzRU5w7wEnVw
XJFafhqt2ksT4ZlBbDb1xXMYE/bDLkIfulbllz6koYjr+bgFWR7yhiBZ5KU0KDDt
3+tZCfnNcmzO8aNLhq2zgPFHITvixjmVmeZPFvZKoN0Hw610wKIVjKCNtGb6QKMl
J4o5pseP0OMXVaYHOpnpZVS/MCtQtw+6W+YtQ+OFaGUEOActvO+xr+it+93Xfzdg
zNHn/fcKNUGcPF8pbdbySFklHmvW4dPAHD7h/4CEYmlV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:59 2025 by rpki-client