Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/iRlEIBYxjLQkpU22UHSYAxDLGFY.roa
File: iRlEIBYxjLQkpU22UHSYAxDLGFY.roa (raw, json)
Hash identifier: squ183rn4NSJP4Wz3sKE/YURFmJ2DpCk0/DxqZKMpqU=
Subject key identifier: 89:19:44:20:16:31:8C:B4:24:A5:4D:B6:50:74:98:03:10:CB:18:56
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 0195995883B7876B5271D2039295699A3DE0
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/iRlEIBYxjLQkpU22UHSYAxDLGFY.roa
Signing time: Sat 15 Mar 2025 10:27:49 +0000
ROA not before: Sat 15 Mar 2025 10:27:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 46.233.32.0/22 maxlen: 24
46.233.38.0/24 maxlen: 24
46.233.42.0/23 maxlen: 23
46.233.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 09:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:99:58:83:b7:87:6b:52:71:d2:03:92:95:69:9a:3d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Mar 15 10:27:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8919442016318cb424a54db65074980310cb1856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:09:07:dc:f9:7f:d9:6d:b6:cc:92:91:1a:7b:
18:84:7b:3b:96:2d:52:cf:d7:8c:ce:e1:bc:20:27:
bf:ec:8e:16:5e:39:6e:5e:fd:6c:f5:05:51:b3:45:
cd:cb:03:db:29:2e:f5:aa:3e:24:8b:dc:7d:e6:b4:
f0:01:cc:d2:44:40:3b:c5:38:94:51:9a:b0:2b:c0:
34:66:49:96:7e:8e:e2:ec:4f:03:ba:f4:16:a1:29:
83:50:26:69:52:a2:e1:fd:61:13:64:e3:f0:a2:60:
85:91:91:e6:ed:de:26:c7:6d:21:29:30:0a:de:1e:
63:ad:86:d8:06:12:80:e9:fd:a4:07:29:ff:24:56:
77:66:ee:83:dc:13:86:e8:4e:8b:7b:17:f3:a9:c5:
af:88:45:c8:28:d6:24:5c:42:59:28:9e:e0:93:e5:
ef:14:42:03:bd:1e:8e:85:28:c9:60:21:7e:fc:4d:
a0:31:18:5e:e4:f8:df:d4:6c:7e:66:dd:6b:63:a3:
88:a0:32:aa:e2:f6:12:dc:ba:3c:95:b2:47:77:b9:
0c:d4:ea:05:31:31:f1:b4:03:1d:38:b3:e3:49:69:
c7:76:aa:b6:c6:c4:b2:b6:00:2b:ac:09:32:97:e8:
fb:de:ee:e5:6f:37:1f:dc:a0:ac:00:75:0d:5f:c4:
be:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:19:44:20:16:31:8C:B4:24:A5:4D:B6:50:74:98:03:10:CB:18:56
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/iRlEIBYxjLQkpU22UHSYAxDLGFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.32.0/22
46.233.38.0/24
46.233.42.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:47:f2:d8:9f:28:f7:8a:d4:fe:9e:a6:ac:7b:03:d7:92:0e:
fc:ae:76:c9:0e:79:11:4a:f8:0a:ab:f3:79:01:15:14:e8:96:
b6:2d:d7:2c:39:6f:14:62:b7:03:e8:c3:81:bd:f8:84:29:61:
f3:0d:4f:9a:d9:3f:e4:f9:ad:fd:46:86:3b:5c:5c:d0:1c:5f:
43:61:78:ed:b5:cc:59:6e:7e:b7:75:11:a7:bc:5b:0b:81:e2:
50:92:8c:0f:3a:a2:95:14:e6:91:6f:1a:ab:34:18:65:46:0d:
7f:10:24:3a:11:98:8d:aa:2b:ae:d0:79:3d:71:43:53:26:5c:
4e:59:70:31:42:17:a7:15:de:9f:b7:dd:27:04:34:85:d3:0a:
24:72:04:85:fd:f0:09:5c:c2:af:c6:47:34:92:91:1c:18:11:
06:10:4e:29:80:26:f4:ea:a5:4a:42:93:00:7e:bf:c3:4f:00:
ee:11:a9:8b:f5:b0:9e:b5:01:4b:f0:af:dc:d3:7d:a0:bd:05:
a6:99:d8:5d:c1:e1:44:6b:26:76:de:3c:8c:f7:13:01:8d:fd:
1d:02:a0:c5:1f:64:ff:70:5b:71:38:6f:26:ba:6a:69:6c:34:
69:f4:8e:73:0e:b0:69:bd:e5:25:b6:07:68:2d:15:90:a6:81:
d3:96:b4:e0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZWZWIO3h2tScdIDkpVpmj3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjUwMzE1MTAyNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTE5NDQyMDE2MzE4Y2I0MjRhNTRkYjY1MDc0OTgwMzEwY2IxODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAkH3Pl/2W22zJKRGnsYhHs7li1S
z9eMzuG8ICe/7I4WXjluXv1s9QVRs0XNywPbKS71qj4ki9x95rTwAczSREA7xTiU
UZqwK8A0ZkmWfo7i7E8DuvQWoSmDUCZpUqLh/WETZOPwomCFkZHm7d4mx20hKTAK
3h5jrYbYBhKA6f2kByn/JFZ3Zu6D3BOG6E6LexfzqcWviEXIKNYkXEJZKJ7gk+Xv
FEIDvR6OhSjJYCF+/E2gMRhe5Pjf1Gx+Zt1rY6OIoDKq4vYS3Lo8lbJHd7kM1OoF
MTHxtAMdOLPjSWnHdqq2xsSytgArrAkyl+j73u7lbzcf3KCsAHUNX8S+hQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIkZRCAWMYy0JKVNtlB0mAMQyxhWMB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvaVJsRUlCWXhqTFFrcFUyMlVIU1lBeERMR0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLukgAwQA
LukmAwQBLukqMA0GCSqGSIb3DQEBCwUAA4IBAQAMR/LYnyj3itT+nqasewPXkg78
rnbJDnkRSvgKq/N5ARUU6Ja2LdcsOW8UYrcD6MOBvfiEKWHzDU+a2T/k+a39RoY7
XFzQHF9DYXjttcxZbn63dRGnvFsLgeJQkowPOqKVFOaRbxqrNBhlRg1/ECQ6EZiN
qiuu0Hk9cUNTJlxOWXAxQhenFd6ft90nBDSF0wokcgSF/fAJXMKvxkc0kpEcGBEG
EE4pgCb06qVKQpMAfr/DTwDuEamL9bCetQFL8K/c032gvQWmmdhdweFEayZ23jyM
9xMBjf0dAqDFH2T/cFtxOG8mumppbDRp9I5zDrBpveUltgdoLRWQpoHTlrTg
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:45:07 2025 by rpki-client