Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/nPPEFdcuqV7dKMWl__PGe7e7MbE.roa
File: nPPEFdcuqV7dKMWl__PGe7e7MbE.roa (raw, json)
Hash identifier: AlaOAKJPYgdXZU4TQLJVRKUEVeliam+63pTwl++6j1o=
Subject key identifier: 9C:F3:C4:15:D7:2E:A9:5E:DD:28:C5:A5:FF:F3:C6:7B:B7:BB:31:B1
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 019423D7129C57C7434B28F006F9F933E015
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/nPPEFdcuqV7dKMWl__PGe7e7MbE.roa
Signing time: Wed 01 Jan 2025 21:48:05 +0000
ROA not before: Wed 01 Jan 2025 21:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211790
IP address blocks: 46.32.168.0/24 maxlen: 24
46.32.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 10:52:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:12:9c:57:c7:43:4b:28:f0:06:f9:f9:33:e0:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Jan 1 21:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cf3c415d72ea95edd28c5a5fff3c67bb7bb31b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:22:56:7b:1e:a0:5d:b9:3d:6c:1d:6a:09:ae:
9e:f1:e6:7d:e2:b1:6f:6a:52:36:ff:13:a5:f6:9a:
57:6b:77:52:76:d6:a4:2e:2d:e7:f6:05:29:30:b3:
6e:48:9d:0c:59:18:f3:68:d0:4f:25:74:02:7d:a6:
44:52:9b:cc:d1:40:61:ed:7c:a0:ed:1d:6b:a2:66:
a6:d5:88:d8:d6:57:52:2e:9a:05:62:4d:e0:16:20:
cf:85:8a:4e:60:ee:ab:06:8c:ed:ee:27:c7:7a:25:
cb:d7:b7:2d:e2:ea:ef:f5:22:9b:95:48:ae:7b:7f:
6d:2a:95:1b:8b:b4:a5:7f:1b:c1:70:c6:9a:f2:e3:
61:37:2b:d0:0f:bb:e1:83:cd:f5:7e:0e:5d:32:9f:
f5:f9:21:fb:d0:49:49:31:a5:ca:0f:72:61:95:61:
37:62:cf:ec:a1:f4:18:b0:55:93:61:b1:5e:6a:56:
85:42:9e:aa:b4:79:5d:11:c6:3a:3f:0f:35:1e:72:
25:24:f0:38:3f:64:99:c1:8a:b7:dc:8e:f9:d3:a8:
d1:93:8b:92:77:ad:74:51:04:6a:5f:a5:e0:a7:20:
cc:a4:b9:1c:49:f2:5d:36:80:ce:e6:33:2c:ab:7a:
c7:a7:bf:49:42:d4:63:fc:34:93:15:be:a7:06:f8:
88:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:F3:C4:15:D7:2E:A9:5E:DD:28:C5:A5:FF:F3:C6:7B:B7:BB:31:B1
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/nPPEFdcuqV7dKMWl__PGe7e7MbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.168.0/24
46.32.176.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:78:3f:fa:9c:60:89:80:59:0e:84:1f:5d:9a:0b:9a:03:f5:
7f:1f:e6:83:27:95:da:0a:ea:c4:ce:7e:02:b4:0a:f7:7e:e2:
a3:ec:52:1a:9a:a0:84:55:89:3d:cc:97:35:54:e6:8b:05:68:
aa:a1:35:05:29:22:eb:f1:5e:53:54:06:5b:af:a8:78:3d:4d:
0c:39:59:a0:98:d6:2d:aa:71:97:d0:47:00:9c:23:0d:56:32:
25:82:e7:9d:b8:88:2b:a9:de:60:43:3f:3d:ce:1a:40:8c:2e:
42:7e:2f:15:6f:de:e9:51:d2:49:52:1c:a8:5d:48:04:2c:39:
4e:03:7f:be:3b:af:b5:74:80:7f:b0:b4:e3:2a:c4:3a:03:df:
2f:5a:59:d2:37:41:2d:75:44:09:6a:e3:3f:b4:10:74:e9:c2:
0b:61:aa:b1:00:73:a2:77:07:89:4d:ea:23:c7:77:0e:d9:93:
7b:52:80:00:8a:e4:b4:21:88:37:bb:f5:55:92:66:1b:c0:fa:
f3:22:bf:fb:01:fe:9d:6a:7e:ed:e4:2a:d9:ba:d3:c3:c5:97:
ad:0c:b5:43:2a:16:ea:af:a2:04:6e:66:bd:b3:b2:a9:6a:f6:
61:21:c1:0e:e8:27:b6:49:55:d3:be:02:32:5e:31:25:72:3f:
d8:77:c1:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1xKcV8dDSyjwBvn5M+AVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2VlMWVjZWQxOWY4YTBhM2E2MzViZmFhMjY0MjkzZTM0
Mzc3OTUwHhcNMjUwMTAxMjE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2YzYzQxNWQ3MmVhOTVlZGQyOGM1YTVmZmYzYzY3YmI3YmIzMWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSJWex6gXbk9bB1qCa6e8eZ94rFv
alI2/xOl9ppXa3dSdtakLi3n9gUpMLNuSJ0MWRjzaNBPJXQCfaZEUpvM0UBh7Xyg
7R1romam1YjY1ldSLpoFYk3gFiDPhYpOYO6rBozt7ifHeiXL17ct4urv9SKblUiu
e39tKpUbi7SlfxvBcMaa8uNhNyvQD7vhg831fg5dMp/1+SH70ElJMaXKD3JhlWE3
Ys/sofQYsFWTYbFealaFQp6qtHldEcY6Pw81HnIlJPA4P2SZwYq33I7506jRk4uS
d610UQRqX6XgpyDMpLkcSfJdNoDO5jMsq3rHp79JQtRj/DSTFb6nBviIBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJzzxBXXLqle3SjFpf/zxnu3uzGxMB8GA1UdIwQY
MBaAFON+4eztGfigo6Y1v6omQpPjQ3eVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMt
MzZlMzQ0YWJjOWQzLzEvblBQRUZkY3VxVjdkS01XbF9fUEdlN2U3TWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMtMzZlMzQ0YWJjOWQz
LzEvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiCoAwQA
LiCwMA0GCSqGSIb3DQEBCwUAA4IBAQBPeD/6nGCJgFkOhB9dmguaA/V/H+aDJ5Xa
CurEzn4CtAr3fuKj7FIamqCEVYk9zJc1VOaLBWiqoTUFKSLr8V5TVAZbr6h4PU0M
OVmgmNYtqnGX0EcAnCMNVjIlgueduIgrqd5gQz89zhpAjC5Cfi8Vb97pUdJJUhyo
XUgELDlOA3++O6+1dIB/sLTjKsQ6A98vWlnSN0EtdUQJauM/tBB06cILYaqxAHOi
dweJTeojx3cO2ZN7UoAAiuS0IYg3u/VVkmYbwPrzIr/7Af6dan7t5CrZutPDxZet
DLVDKhbqr6IEbma9s7KpavZhIcEO6Ce2SVXTvgIyXjElcj/Yd8GW
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:21:24 2025 by rpki-client