Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/Ns8sXdG-J1aDJKkGSNJO7t9i-uU.roa
File: Ns8sXdG-J1aDJKkGSNJO7t9i-uU.roa (raw, json)
Hash identifier: Pe//ZVJYngk/dxGYg/MmjbCl7LZ+F8IBGQzmyO68bi8=
Subject key identifier: 36:CF:2C:5D:D1:BE:27:56:83:24:A9:06:48:D2:4E:EE:DF:62:FA:E5
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 018D311F01219F96B2AF8C4F3FF51082C01C
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/Ns8sXdG-J1aDJKkGSNJO7t9i-uU.roa
Signing time: Mon 22 Jan 2024 12:22:11 +0000
ROA not before: Mon 22 Jan 2024 12:22:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42532
IP address blocks: 46.32.184.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:1f:01:21:9f:96:b2:af:8c:4f:3f:f5:10:82:c0:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Jan 22 12:22:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36cf2c5dd1be27568324a90648d24eeedf62fae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:81:76:9b:b7:86:a2:c9:3b:ef:90:c3:fb:88:
0f:72:db:93:8e:bf:9c:12:af:d9:44:be:62:c5:d7:
b6:71:8f:34:7b:3e:09:25:b8:e9:d4:5c:6f:e3:f8:
23:81:63:72:56:88:94:fd:ed:22:6b:11:50:22:20:
6e:9a:b6:8e:aa:f0:e4:d3:b2:63:f7:5a:67:d1:86:
77:39:3c:51:69:99:65:c6:d6:a2:54:86:82:d7:a1:
f8:13:9f:6c:cf:70:a5:12:8e:84:f5:64:dd:9b:e3:
5e:ad:f1:6c:b3:24:e4:86:46:ba:be:19:5a:a3:48:
ff:c4:36:61:d5:37:17:6f:5b:96:ca:49:62:a2:06:
69:c3:bf:5e:2b:bf:d4:4c:48:e6:2e:cb:4f:a1:c0:
d8:80:f1:82:26:be:6e:1c:57:15:30:77:c5:81:14:
e4:6f:a1:ab:35:f0:94:4d:db:79:99:90:7d:45:f1:
b2:c8:8a:6c:e2:2f:47:4e:da:20:16:b3:60:0a:ad:
55:65:ca:ab:5e:d5:47:89:80:c7:38:a0:27:f5:78:
6d:20:76:76:14:9c:7c:ed:c2:ad:be:65:57:ec:dd:
82:c0:5c:53:0c:e4:8b:0b:c9:48:d5:3d:f7:1c:65:
f4:ca:53:d7:48:d8:5f:69:44:67:be:b1:15:30:65:
09:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:CF:2C:5D:D1:BE:27:56:83:24:A9:06:48:D2:4E:EE:DF:62:FA:E5
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/Ns8sXdG-J1aDJKkGSNJO7t9i-uU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.184.0/22
Signature Algorithm: sha256WithRSAEncryption
38:39:e8:4d:d4:c8:a5:31:ab:f3:6b:bb:44:0d:47:3a:53:c2:
bb:ac:cf:49:8b:b4:bc:cd:20:ee:95:45:0c:eb:ac:7d:48:15:
b7:a1:db:62:d0:8e:04:76:61:bb:f0:f3:6f:6f:17:7b:94:4b:
b8:e6:12:64:fd:91:a2:59:1d:9f:5c:dc:66:60:1a:8e:a1:93:
bf:39:49:a8:22:e5:53:03:dc:f0:0a:48:0e:52:9b:e2:b6:7d:
95:b3:05:60:78:b6:57:67:7e:a8:b8:35:6c:7f:d1:76:25:ee:
60:68:69:4b:c5:54:cd:b9:5c:cd:3d:cb:d1:ed:7f:86:e5:3e:
2a:06:02:f4:8f:27:f3:9f:1d:e4:50:66:fc:b6:90:e4:e4:02:
95:42:32:93:cc:37:f1:91:76:be:3c:30:e0:37:43:46:30:4b:
00:38:8a:8e:90:50:dc:a9:4b:71:4c:6f:b7:6f:6e:89:a1:65:
b3:74:e5:c1:36:0d:09:e9:b1:de:33:46:0a:97:fb:01:c3:f8:
af:0f:43:f3:a8:32:de:8a:40:c6:7a:0c:e8:0c:ae:77:e3:87:
36:d1:42:5e:a7:62:e7:10:5a:90:35:30:97:7b:ca:50:68:ef:
21:18:78:4e:18:e0:f1:99:02:3c:ba:01:50:b6:70:8b:b5:ac:
48:18:f4:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0xHwEhn5ayr4xPP/UQgsAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2VlMWVjZWQxOWY4YTBhM2E2MzViZmFhMjY0MjkzZTM0
Mzc3OTUwHhcNMjQwMTIyMTIyMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmNmMmM1ZGQxYmUyNzU2ODMyNGE5MDY0OGQyNGVlZWRmNjJmYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIF2m7eGosk775DD+4gPctuTjr+c
Eq/ZRL5ixde2cY80ez4JJbjp1Fxv4/gjgWNyVoiU/e0iaxFQIiBumraOqvDk07Jj
91pn0YZ3OTxRaZllxtaiVIaC16H4E59sz3ClEo6E9WTdm+NerfFssyTkhka6vhla
o0j/xDZh1TcXb1uWykliogZpw79eK7/UTEjmLstPocDYgPGCJr5uHFcVMHfFgRTk
b6GrNfCUTdt5mZB9RfGyyIps4i9HTtogFrNgCq1VZcqrXtVHiYDHOKAn9XhtIHZ2
FJx87cKtvmVX7N2CwFxTDOSLC8lI1T33HGX0ylPXSNhfaURnvrEVMGUJuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbPLF3RvidWgySpBkjSTu7fYvrlMB8GA1UdIwQY
MBaAFON+4eztGfigo6Y1v6omQpPjQ3eVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMt
MzZlMzQ0YWJjOWQzLzEvTnM4c1hkRy1KMWFESktrR1NOSk83dDlpLXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMtMzZlMzQ0YWJjOWQz
LzEvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLiC4MA0G
CSqGSIb3DQEBCwUAA4IBAQA4OehN1MilMavza7tEDUc6U8K7rM9Ji7S8zSDulUUM
66x9SBW3odti0I4EdmG78PNvbxd7lEu45hJk/ZGiWR2fXNxmYBqOoZO/OUmoIuVT
A9zwCkgOUpvitn2VswVgeLZXZ36ouDVsf9F2Je5gaGlLxVTNuVzNPcvR7X+G5T4q
BgL0jyfznx3kUGb8tpDk5AKVQjKTzDfxkXa+PDDgN0NGMEsAOIqOkFDcqUtxTG+3
b26JoWWzdOXBNg0J6bHeM0YKl/sBw/ivD0PzqDLeikDGegzoDK5344c20UJep2Ln
EFqQNTCXe8pQaO8hGHhOGODxmQI8ugFQtnCLtaxIGPQa
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:36:40 2025 by rpki-client