Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/5mF_ZsOlaZmAR_D15DFyu6Lk1yg.roa
File: 5mF_ZsOlaZmAR_D15DFyu6Lk1yg.roa (raw, json)
Hash identifier: dMfvDvI9F/I7EAOc8pEEJ0+/SmP3C+kXa8hPhhro3ZE=
Subject key identifier: E6:61:7F:66:C3:A5:69:99:80:47:F0:F5:E4:31:72:BB:A2:E4:D7:28
Certificate issuer: /CN=aace6725a0a0ddd1680480a83785d2cd57bf6ab0
Certificate serial: 018CC8DEE0DF88E9661187BF1E491581AE11
Authority key identifier: AA:CE:67:25:A0:A0:DD:D1:68:04:80:A8:37:85:D2:CD:57:BF:6A:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qs5nJaCg3dFoBICoN4XSzVe_arA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/5mF_ZsOlaZmAR_D15DFyu6Lk1yg.roa
Signing time: Tue 02 Jan 2024 06:31:38 +0000
ROA not before: Tue 02 Jan 2024 06:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 46.28.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 15:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:e0:df:88:e9:66:11:87:bf:1e:49:15:81:ae:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aace6725a0a0ddd1680480a83785d2cd57bf6ab0
Validity
Not Before: Jan 2 06:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6617f66c3a569998047f0f5e43172bba2e4d728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:c5:f4:64:90:1e:c3:a3:50:be:76:34:f5:21:
95:b1:77:2f:d4:bb:69:d1:d0:82:3e:cd:1f:7a:02:
08:f3:27:85:6f:46:9b:d4:18:30:65:66:2a:15:b3:
b4:4a:00:95:94:97:93:1c:2b:a0:46:02:04:2b:8c:
84:19:04:30:16:06:86:e0:5b:57:a0:97:50:8d:35:
c4:f9:a3:2a:80:4d:ff:a7:47:c6:a1:1f:35:00:c9:
09:a0:a4:03:70:de:3b:2b:88:2e:10:0c:bf:6d:a7:
7f:37:d3:4a:57:b2:d1:04:18:e9:3c:ec:b3:9b:b1:
ec:42:7b:92:81:af:36:35:bf:38:24:9c:8b:15:4d:
05:d0:ae:6c:be:1a:4f:8b:99:98:74:85:53:1e:56:
63:8d:3b:da:17:b3:5d:6f:4a:c7:21:90:b0:70:68:
ed:3d:75:58:ad:51:f1:a7:e8:9b:1a:8b:b3:72:df:
df:4e:54:4d:0b:6e:14:5f:45:72:78:23:79:cf:f5:
7c:9e:88:5c:b8:94:ce:ae:db:63:61:4b:9b:d9:a2:
4d:9f:b4:18:7f:77:03:cb:61:9f:49:61:c7:1c:51:
b3:b1:be:8a:d2:de:8d:a4:db:41:34:93:11:67:13:
ff:d0:f7:a1:b3:e0:67:11:e2:50:de:66:95:c0:77:
4f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:61:7F:66:C3:A5:69:99:80:47:F0:F5:E4:31:72:BB:A2:E4:D7:28
X509v3 Authority Key Identifier:
keyid:AA:CE:67:25:A0:A0:DD:D1:68:04:80:A8:37:85:D2:CD:57:BF:6A:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qs5nJaCg3dFoBICoN4XSzVe_arA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/5mF_ZsOlaZmAR_D15DFyu6Lk1yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/qs5nJaCg3dFoBICoN4XSzVe_arA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.236.0/24
Signature Algorithm: sha256WithRSAEncryption
68:eb:9b:9f:d1:f8:b2:ae:7b:48:5e:ff:4c:0d:7e:62:02:67:
bb:36:2d:84:1b:7d:20:1c:cd:e3:ca:56:b5:3c:bd:42:8f:ef:
f7:e1:62:5d:e5:e7:a9:52:d2:ac:5d:4e:85:a4:1a:e3:cd:0e:
ba:09:6e:88:d5:b4:32:6e:f7:52:28:8c:6c:f7:5f:79:a7:5e:
bd:fc:3b:02:cc:67:ad:97:a6:63:54:67:c1:b4:ee:5a:64:8c:
ee:9a:31:b7:f2:50:01:d3:be:8c:7c:c1:4c:b8:6f:5e:0b:90:
60:ec:21:8e:1e:09:b7:b2:32:84:02:95:fe:37:85:13:3b:8b:
d4:3d:f5:49:3b:a5:01:38:04:40:5e:d9:86:c1:ae:37:da:61:
f5:0f:24:b6:af:41:01:bd:e5:10:1d:63:a8:c5:3c:9b:0e:1c:
49:02:c8:e8:4e:e5:81:06:20:8b:da:e8:f6:5b:ae:b2:09:03:
a3:ae:29:99:01:ff:58:fd:83:93:de:b4:7b:f7:33:81:87:ef:
94:bb:86:65:43:b5:5a:4f:67:3c:a6:f3:ba:99:c3:33:f1:8a:
80:50:23:06:04:33:67:2d:7b:d2:c6:1e:f8:11:c3:a1:84:b4:
76:8c:c2:34:ae:6d:5d:9f:99:0f:2a:3e:b9:b6:3e:b4:b9:70:
05:50:7e:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3uDfiOlmEYe/HkkVga4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhY2U2NzI1YTBhMGRkZDE2ODA0ODBhODM3ODVkMmNkNTdi
ZjZhYjAwHhcNMjQwMTAyMDYzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjYxN2Y2NmMzYTU2OTk5ODA0N2YwZjVlNDMxNzJiYmEyZTRkNzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7sX0ZJAew6NQvnY09SGVsXcv1Ltp
0dCCPs0fegII8yeFb0ab1BgwZWYqFbO0SgCVlJeTHCugRgIEK4yEGQQwFgaG4FtX
oJdQjTXE+aMqgE3/p0fGoR81AMkJoKQDcN47K4guEAy/bad/N9NKV7LRBBjpPOyz
m7HsQnuSga82Nb84JJyLFU0F0K5svhpPi5mYdIVTHlZjjTvaF7Ndb0rHIZCwcGjt
PXVYrVHxp+ibGouzct/fTlRNC24UX0VyeCN5z/V8nohcuJTOrttjYUub2aJNn7QY
f3cDy2GfSWHHHFGzsb6K0t6NpNtBNJMRZxP/0Pehs+BnEeJQ3maVwHdPXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZhf2bDpWmZgEfw9eQxcrui5NcoMB8GA1UdIwQY
MBaAFKrOZyWgoN3RaASAqDeF0s1Xv2qwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXM1bkphQ2czZEZvQklDb040WFN6VmVfYXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84MTEyZmYtYjIxNi00MDZmLThmNTkt
NzJhMDgyY2RiMTgyLzEvNW1GX1pzT2xhWm1BUl9EMTVERnl1NkxrMXlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84MTEyZmYtYjIxNi00MDZmLThmNTktNzJhMDgyY2RiMTgy
LzEvcXM1bkphQ2czZEZvQklDb040WFN6VmVfYXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhzsMA0G
CSqGSIb3DQEBCwUAA4IBAQBo65uf0fiyrntIXv9MDX5iAme7Ni2EG30gHM3jyla1
PL1Cj+/34WJd5eepUtKsXU6FpBrjzQ66CW6I1bQybvdSKIxs9195p169/DsCzGet
l6ZjVGfBtO5aZIzumjG38lAB076MfMFMuG9eC5Bg7CGOHgm3sjKEApX+N4UTO4vU
PfVJO6UBOARAXtmGwa432mH1DyS2r0EBveUQHWOoxTybDhxJAsjoTuWBBiCL2uj2
W66yCQOjrimZAf9Y/YOT3rR79zOBh++Uu4ZlQ7VaT2c8pvO6mcMz8YqAUCMGBDNn
LXvSxh74EcOhhLR2jMI0rm1dn5kPKj65tj60uXAFUH6y
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:31 2025 by rpki-client