Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/xP4G9IMnX6P4JUSvwi3diJeLFoc.roa
File: xP4G9IMnX6P4JUSvwi3diJeLFoc.roa (raw, json)
Hash identifier: 0otfdbXWEtz6uXvBs2e9VYbX30fyOAWGZZZK+F1TVC8=
Subject key identifier: C4:FE:06:F4:83:27:5F:A3:F8:25:44:AF:C2:2D:DD:88:97:8B:16:87
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 0194126D955769438BAEFE06E517E61B2CAE
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/xP4G9IMnX6P4JUSvwi3diJeLFoc.roa
Signing time: Sun 29 Dec 2024 12:39:19 +0000
ROA not before: Sun 29 Dec 2024 12:39:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59962
IP address blocks: 46.209.32.0/24 maxlen: 24
46.209.33.0/24 maxlen: 24
46.209.34.0/24 maxlen: 24
46.209.35.0/24 maxlen: 24
46.209.36.0/24 maxlen: 24
46.209.37.0/24 maxlen: 24
46.209.38.0/24 maxlen: 24
46.209.39.0/24 maxlen: 24
46.209.168.0/24 maxlen: 24
46.209.169.0/24 maxlen: 24
46.209.170.0/24 maxlen: 24
46.209.171.0/24 maxlen: 24
46.209.172.0/24 maxlen: 24
46.209.173.0/24 maxlen: 24
46.209.174.0/24 maxlen: 24
46.209.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:12:6d:95:57:69:43:8b:ae:fe:06:e5:17:e6:1b:2c:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Dec 29 12:39:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4fe06f483275fa3f82544afc22ddd88978b1687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:63:69:41:c1:10:a5:e1:86:94:39:f6:15:1a:
2e:0d:46:73:dd:fc:56:6d:41:61:e2:df:93:19:16:
92:ff:4b:33:20:77:cd:81:45:8b:84:53:aa:4e:c5:
ab:48:23:91:20:1b:db:23:a1:2b:7b:7e:86:96:10:
27:2a:7d:9c:9f:a5:de:b4:4b:67:81:ad:6a:30:e2:
48:f4:6e:3d:65:e4:b3:2f:7e:75:62:f3:35:c4:5a:
d2:2a:03:fd:1e:8d:22:2e:df:f2:59:c4:9d:11:bb:
82:6d:e7:e3:12:3c:c4:0a:22:d3:cb:60:84:53:8a:
67:56:5a:2a:0d:09:d8:67:cc:c4:6b:04:6e:d3:f2:
5d:40:45:db:f7:dd:54:e2:ab:29:82:ad:7c:a3:c6:
fe:98:a2:23:b3:fe:6e:da:9a:9b:e7:35:4b:67:42:
11:4b:aa:2e:56:f6:7d:48:bc:6e:3b:02:ee:d7:fa:
b3:c7:db:62:e6:9e:5f:ac:d6:c1:fe:8a:8d:19:57:
e0:67:7c:c3:13:2b:82:95:21:3c:d5:2b:83:aa:88:
b1:0b:a6:3c:7d:9e:99:84:a6:49:ff:59:01:bc:87:
1f:7c:cd:cd:d8:12:5a:21:44:72:84:71:9d:f7:af:
ab:13:f7:7a:3e:42:d4:9a:60:12:37:a8:7e:1b:0c:
82:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:FE:06:F4:83:27:5F:A3:F8:25:44:AF:C2:2D:DD:88:97:8B:16:87
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/xP4G9IMnX6P4JUSvwi3diJeLFoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.209.32.0/21
46.209.168.0/21
Signature Algorithm: sha256WithRSAEncryption
63:9e:e5:00:eb:80:40:67:9f:9a:67:ff:80:f9:63:e8:b2:77:
86:2a:e0:bd:9f:40:a5:21:d9:19:8f:87:6c:d0:77:96:49:c0:
1c:ee:e0:88:3b:4a:6f:24:5f:40:6a:4b:df:9a:9d:f2:31:65:
f2:d3:27:ad:7f:82:1f:e7:7b:23:39:24:94:bf:f9:81:e5:c4:
73:6e:b9:1c:71:54:84:cf:01:ea:95:8b:bf:30:2f:5e:6e:24:
97:0b:ab:7a:3d:3b:47:6b:54:09:07:9e:29:1a:03:12:bc:ed:
89:ae:e7:6b:d1:6c:09:c5:b6:6f:59:ad:26:b4:d5:d5:e3:41:
ca:31:a5:49:7f:e9:46:b1:5f:49:6f:55:c1:bc:d0:00:25:a9:
51:8b:3b:cc:cf:6a:0e:ed:7c:a6:d7:8c:36:85:94:10:ca:7a:
5b:7f:68:71:4c:0a:00:fc:25:fc:e1:4b:61:52:38:da:5e:06:
2d:83:d0:d4:6e:21:17:53:40:77:e4:b4:ea:c8:4c:94:d1:ea:
89:4d:25:52:04:97:50:2f:ea:d3:63:3e:08:8b:cf:5e:b4:c9:
b8:83:5f:9c:2a:f2:4d:23:78:d2:de:09:ae:3b:20:fb:c1:cd:
c0:fa:c1:fd:43:9b:0f:25:3a:95:5e:89:32:58:fb:6b:49:a0:
25:ae:25:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQSbZVXaUOLrv4G5RfmGyyuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjQxMjI5MTIzOTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGZlMDZmNDgzMjc1ZmEzZjgyNTQ0YWZjMjJkZGQ4ODk3OGIxNjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmNpQcEQpeGGlDn2FRouDUZz3fxW
bUFh4t+TGRaS/0szIHfNgUWLhFOqTsWrSCORIBvbI6Ere36GlhAnKn2cn6XetEtn
ga1qMOJI9G49ZeSzL351YvM1xFrSKgP9Ho0iLt/yWcSdEbuCbefjEjzECiLTy2CE
U4pnVloqDQnYZ8zEawRu0/JdQEXb991U4qspgq18o8b+mKIjs/5u2pqb5zVLZ0IR
S6ouVvZ9SLxuOwLu1/qzx9ti5p5frNbB/oqNGVfgZ3zDEyuClSE81SuDqoixC6Y8
fZ6ZhKZJ/1kBvIcffM3N2BJaIURyhHGd96+rE/d6PkLUmmASN6h+GwyClQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMT+BvSDJ1+j+CVEr8It3YiXixaHMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEveFA0RzlJTW5YNlA0SlVTdndpM2RpSmVMRm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLtEgAwQD
LtGoMA0GCSqGSIb3DQEBCwUAA4IBAQBjnuUA64BAZ5+aZ/+A+WPosneGKuC9n0Cl
IdkZj4ds0HeWScAc7uCIO0pvJF9Aakvfmp3yMWXy0yetf4If53sjOSSUv/mB5cRz
brkccVSEzwHqlYu/MC9ebiSXC6t6PTtHa1QJB54pGgMSvO2Jrudr0WwJxbZvWa0m
tNXV40HKMaVJf+lGsV9Jb1XBvNAAJalRizvMz2oO7Xym14w2hZQQynpbf2hxTAoA
/CX84UthUjjaXgYtg9DUbiEXU0B35LTqyEyU0eqJTSVSBJdQL+rTYz4Ii89etMm4
g1+cKvJNI3jS3gmuOyD7wc3A+sH9Q5sPJTqVXokyWPtrSaAlriWb
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:33:09 2025 by rpki-client