Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/cReyfHxRedEyWCc4T2I-S6LxAbg.roa
File: cReyfHxRedEyWCc4T2I-S6LxAbg.roa (raw, json)
Hash identifier: F+k746vtbwQnRbIkj+PlDdhTRO3luOc0FY4hJkVdy98=
Subject key identifier: 71:17:B2:7C:7C:51:79:D1:32:58:27:38:4F:62:3E:4B:A2:F1:01:B8
Certificate issuer: /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial: 018E051A86E37DEF0C9A3AE646B411663016
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/cReyfHxRedEyWCc4T2I-S6LxAbg.roa
Signing time: Sun 03 Mar 2024 16:16:48 +0000
ROA not before: Sun 03 Mar 2024 16:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8932
IP address blocks: 46.36.124.0/22 maxlen: 24
46.162.220.0/22 maxlen: 24
185.48.240.0/22 maxlen: 24
2a00:cc40:1::/48 maxlen: 48
2a00:cc40:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:05:1a:86:e3:7d:ef:0c:9a:3a:e6:46:b4:11:66:30:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
Validity
Not Before: Mar 3 16:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7117b27c7c5179d1325827384f623e4ba2f101b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3f:e1:dc:9e:bd:a7:ca:c2:b4:48:6c:8a:b3:
e4:2d:d2:99:dc:57:cb:39:e5:7f:e8:0a:77:1e:ee:
75:5f:d6:7d:64:16:f3:3c:bb:21:ae:e4:a5:db:b7:
2a:5a:e4:43:32:18:88:65:2e:d9:5a:04:12:29:85:
6a:dd:e1:c6:a3:17:62:94:6c:5a:83:70:6f:45:34:
e8:a0:f3:c2:db:d2:94:76:c0:77:91:7a:f9:81:c8:
9e:49:c0:58:2c:6d:d8:43:02:a5:05:be:34:e3:da:
b0:08:20:82:6f:c7:05:aa:fd:1c:bf:3e:c5:6a:8c:
42:34:91:b4:fa:fe:b8:86:66:6d:32:66:ab:47:d0:
17:3b:c4:1b:01:b3:0a:67:41:ee:a5:c0:3b:6e:9e:
10:43:a5:bb:84:79:c5:5c:2b:56:4f:07:02:8d:4d:
51:91:bb:9d:bd:ec:ec:f1:65:93:80:db:22:60:e8:
bf:5d:e8:ef:5c:7e:1b:4d:23:24:65:5b:50:5d:92:
e9:eb:f0:41:05:14:57:6b:3c:9b:78:b1:a9:2f:17:
30:9f:8b:65:a7:07:08:8e:ab:53:37:7d:c3:cb:c3:
53:a8:17:c3:5f:61:30:37:91:79:33:c6:48:96:cc:
af:e2:17:25:f1:3c:7f:76:0e:1f:0c:2e:6f:83:cf:
9e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:17:B2:7C:7C:51:79:D1:32:58:27:38:4F:62:3E:4B:A2:F1:01:B8
X509v3 Authority Key Identifier:
keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/cReyfHxRedEyWCc4T2I-S6LxAbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.124.0/22
46.162.220.0/22
185.48.240.0/22
IPv6:
2a00:cc40:1::-2a00:cc40:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
82:a2:42:e0:b7:3d:81:e2:23:54:c8:09:b9:da:8a:70:05:cb:
02:d3:9d:49:b1:bc:e8:cc:80:95:6a:a4:54:af:2e:d2:3f:18:
1b:31:5d:ef:46:0c:4c:54:d0:17:f8:53:3d:51:ad:88:11:42:
c0:d4:03:ac:72:3b:05:90:7d:3c:97:d1:9a:e7:31:25:a3:cb:
ab:87:cb:56:de:ac:68:e8:4c:a0:64:e8:81:24:33:32:29:72:
63:26:1d:60:25:e5:98:8a:3d:02:0f:d9:c0:63:be:2e:a4:c2:
b4:c5:6c:7e:0b:0d:b9:32:85:ff:2b:61:e4:9d:98:6c:93:dd:
10:a8:92:57:80:3c:40:ce:1b:c4:59:44:e2:a7:58:81:9b:a3:
d2:46:a1:03:92:bf:bc:15:86:56:02:61:37:75:cb:09:d2:7f:
b7:21:21:cc:f8:54:85:87:a9:5e:fa:c5:9a:53:de:4b:74:b6:
96:70:77:fe:c5:4f:99:e8:40:b7:0d:f0:ec:e9:15:1c:69:5f:
f1:46:11:6e:15:af:9f:5f:27:11:96:fe:d3:06:61:ad:6f:95:
99:8e:0a:44:96:80:bf:9f:18:3a:02:31:a7:6f:57:c7:ab:16:
88:b6:ce:74:c1:83:03:03:0e:28:cd:3d:8c:71:cd:b5:4b:99:
d3:07:dc:4a
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAY4FGobjfe8MmjrmRrQRZjAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTBjMzU2ZTI4NjRmNDM4OTQ4NTc0NDM1NTVkOGI1YzAz
NTI4MTkwHhcNMjQwMzAzMTYxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTE3YjI3YzdjNTE3OWQxMzI1ODI3Mzg0ZjYyM2U0YmEyZjEwMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhz/h3J69p8rCtEhsirPkLdKZ3FfL
OeV/6Ap3Hu51X9Z9ZBbzPLshruSl27cqWuRDMhiIZS7ZWgQSKYVq3eHGoxdilGxa
g3BvRTTooPPC29KUdsB3kXr5gcieScBYLG3YQwKlBb4049qwCCCCb8cFqv0cvz7F
aoxCNJG0+v64hmZtMmarR9AXO8QbAbMKZ0HupcA7bp4QQ6W7hHnFXCtWTwcCjU1R
kbudvezs8WWTgNsiYOi/XejvXH4bTSMkZVtQXZLp6/BBBRRXazybeLGpLxcwn4tl
pwcIjqtTN33Dy8NTqBfDX2EwN5F5M8ZIlsyv4hcl8Tx/dg4fDC5vg8+epwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFHEXsnx8UXnRMlgnOE9iPkui8QG4MB8GA1UdIwQY
MBaAFAyQw1bihk9DiUhXRDVV2LXANSgZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDct
ZTM3OTlhZGU5ZGZlLzEvY1JleWZIeFJlZEV5V0NjNFQySS1TNkx4QWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDctZTM3OTlhZGU5ZGZl
LzEvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAYBAIAATASAwQCLiR8AwQC
LqLcAwQCuTDwMBoEAgACMBQwEgMHACoAzEAAAQMHACoAzEAAAjANBgkqhkiG9w0B
AQsFAAOCAQEAgqJC4Lc9geIjVMgJudqKcAXLAtOdSbG86MyAlWqkVK8u0j8YGzFd
70YMTFTQF/hTPVGtiBFCwNQDrHI7BZB9PJfRmucxJaPLq4fLVt6saOhMoGTogSQz
MilyYyYdYCXlmIo9Ag/ZwGO+LqTCtMVsfgsNuTKF/yth5J2YbJPdEKiSV4A8QM4b
xFlE4qdYgZuj0kahA5K/vBWGVgJhN3XLCdJ/tyEhzPhUhYepXvrFmlPeS3S2lnB3
/sVPmehAtw3w7OkVHGlf8UYRbhWvn18nEZb+0wZhrW+VmY4KRJaAv58YOgIxp29X
x6sWiLbOdMGDAwMOKM09jHHNtUuZ0wfcSg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:01 2025 by rpki-client