Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/wR4qoQ9kcuJU2L6WTYKI-alYEC4.roa
File: wR4qoQ9kcuJU2L6WTYKI-alYEC4.roa (raw, json)
Hash identifier: +ENxyUqNbhKBniD2W+cXeYn+WRT2QuCT9eWblbTJMdA=
Subject key identifier: C1:1E:2A:A1:0F:64:72:E2:54:D8:BE:96:4D:82:88:F9:A9:58:10:2E
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 019423D710814E3579791C8B9E97A9A0E224
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/wR4qoQ9kcuJU2L6WTYKI-alYEC4.roa
Signing time: Wed 01 Jan 2025 21:48:04 +0000
ROA not before: Wed 01 Jan 2025 21:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203622
IP address blocks: 46.32.160.0/24 maxlen: 24
46.32.161.0/24 maxlen: 24
46.32.162.0/24 maxlen: 24
46.32.164.0/24 maxlen: 24
46.32.165.0/24 maxlen: 24
46.32.166.0/24 maxlen: 24
46.32.167.0/24 maxlen: 24
46.32.170.0/24 maxlen: 24
46.32.171.0/24 maxlen: 24
46.32.189.0/24 maxlen: 24
46.32.190.0/24 maxlen: 24
46.32.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 10:53:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:10:81:4e:35:79:79:1c:8b:9e:97:a9:a0:e2:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Jan 1 21:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c11e2aa10f6472e254d8be964d8288f9a958102e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6f:d0:69:ff:0d:0b:a8:08:dc:c4:07:ca:8f:
b0:e2:d9:22:66:65:7f:8e:49:f8:47:df:53:29:47:
12:f5:75:3e:d3:c3:6f:87:2a:28:16:a3:bf:a4:84:
93:70:f4:c7:6f:0b:68:de:67:89:9c:81:a7:6b:39:
32:8d:ee:d3:67:7a:14:8b:5f:a8:f7:47:0d:9f:c5:
f1:10:5f:2a:f3:2c:9b:e2:d3:8f:fc:6d:49:ac:2b:
7b:2d:c8:df:b3:30:d2:b1:11:7a:e8:4b:a0:43:0d:
6f:0f:92:7f:55:75:a5:b4:00:17:dc:f6:38:b7:c1:
bd:9b:5a:b0:ac:7b:49:fa:52:91:91:4b:d7:3a:16:
bd:99:e8:b4:a3:03:d3:4b:e4:1c:37:a7:f0:99:87:
e1:f3:66:aa:f1:99:c0:17:20:ac:76:99:e6:37:ad:
2a:10:c3:d3:c5:07:f9:66:07:24:27:da:8b:3e:aa:
c6:1f:9c:b5:e5:e7:8f:18:a3:8f:64:ce:eb:11:7d:
75:c0:b1:77:1e:84:cd:97:1e:24:89:2e:2e:fc:b2:
4d:70:c1:b8:91:c9:c9:98:f5:eb:dd:90:e6:f8:3f:
0c:2e:20:47:b5:53:cf:57:32:eb:9c:b6:ec:3c:cf:
58:08:3e:a9:b5:65:b2:c0:db:a5:4d:e2:9a:61:d8:
c5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:1E:2A:A1:0F:64:72:E2:54:D8:BE:96:4D:82:88:F9:A9:58:10:2E
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/wR4qoQ9kcuJU2L6WTYKI-alYEC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.160.0-46.32.162.255
46.32.164.0/22
46.32.170.0/23
46.32.189.0-46.32.191.255
Signature Algorithm: sha256WithRSAEncryption
0f:49:6e:a6:98:f7:f9:3f:a7:0e:3f:b7:d6:f3:e7:85:92:2f:
7c:0d:15:db:5c:38:3a:35:f1:40:32:90:13:e8:cb:b5:be:a3:
67:6d:a2:95:af:f0:91:e0:a5:85:a1:54:4f:53:9d:a2:10:eb:
35:b1:27:a5:54:f1:12:aa:ab:e5:87:b2:95:54:d5:1b:58:56:
15:bb:41:40:98:e4:b9:96:9c:9d:04:6f:d0:ab:27:ee:9d:ce:
93:aa:cf:04:aa:89:4e:aa:56:0a:ec:4d:36:d4:3a:eb:be:5e:
65:aa:64:50:f6:36:6f:e2:93:1f:01:b0:92:0a:1c:56:5d:50:
a9:2d:8d:3e:f3:e5:0b:e3:c8:c5:9e:cb:5a:50:c6:f4:58:d7:
d6:c6:6d:b2:33:73:a6:b0:ec:c5:b3:9a:19:8b:58:06:e3:87:
81:fc:90:be:77:1b:d9:04:63:12:96:c0:28:6e:30:3f:b2:1b:
cc:be:77:1f:3f:9d:12:a6:9f:33:6c:c9:ff:36:2c:c4:a1:0b:
28:70:5a:2b:46:47:31:34:37:fc:c0:f4:b7:61:28:52:8c:28:
4e:d0:99:00:37:fb:f9:ce:5f:27:e9:ce:04:c4:ad:32:c9:2b:
53:68:c8:66:f6:db:51:27:1d:66:a9:59:49:a3:e9:88:05:a5:
13:0e:c4:c4
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQj1xCBTjV5eRyLnpepoOIkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2VlMWVjZWQxOWY4YTBhM2E2MzViZmFhMjY0MjkzZTM0
Mzc3OTUwHhcNMjUwMTAxMjE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTFlMmFhMTBmNjQ3MmUyNTRkOGJlOTY0ZDgyODhmOWE5NTgxMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm/Qaf8NC6gI3MQHyo+w4tkiZmV/
jkn4R99TKUcS9XU+08NvhyooFqO/pISTcPTHbwto3meJnIGnazkyje7TZ3oUi1+o
90cNn8XxEF8q8yyb4tOP/G1JrCt7LcjfszDSsRF66EugQw1vD5J/VXWltAAX3PY4
t8G9m1qwrHtJ+lKRkUvXOha9mei0owPTS+QcN6fwmYfh82aq8ZnAFyCsdpnmN60q
EMPTxQf5ZgckJ9qLPqrGH5y15eePGKOPZM7rEX11wLF3HoTNlx4kiS4u/LJNcMG4
kcnJmPXr3ZDm+D8MLiBHtVPPVzLrnLbsPM9YCD6ptWWywNulTeKaYdjFMQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMEeKqEPZHLiVNi+lk2CiPmpWBAuMB8GA1UdIwQY
MBaAFON+4eztGfigo6Y1v6omQpPjQ3eVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMt
MzZlMzQ0YWJjOWQzLzEvd1I0cW9ROWtjdUpVMkw2V1RZS0ktYWxZRUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMtMzZlMzQ0YWJjOWQz
LzEvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAUuIKAD
BAAuIKIDBAIuIKQDBAEuIKowDAMEAC4gvQMEBi4ggDANBgkqhkiG9w0BAQsFAAOC
AQEAD0luppj3+T+nDj+31vPnhZIvfA0V21w4OjXxQDKQE+jLtb6jZ22ila/wkeCl
haFUT1OdohDrNbEnpVTxEqqr5YeylVTVG1hWFbtBQJjkuZacnQRv0Ksn7p3Ok6rP
BKqJTqpWCuxNNtQ6675eZapkUPY2b+KTHwGwkgocVl1QqS2NPvPlC+PIxZ7LWlDG
9FjX1sZtsjNzprDsxbOaGYtYBuOHgfyQvncb2QRjEpbAKG4wP7IbzL53Hz+dEqaf
M2zJ/zYsxKELKHBaK0ZHMTQ3/MD0t2EoUowoTtCZADf7+c5fJ+nOBMStMskrU2jI
ZvbbUScdZqlZSaPpiAWlEw7ExA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:47:03 2025 by rpki-client