Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/tqeS3dFVj8LaEcFkOcBL8AGKO2k.roa
File: tqeS3dFVj8LaEcFkOcBL8AGKO2k.roa (raw, json)
Hash identifier: kvcnjKlIl/7S+dEWs8xFhdRRWcSE8ThgnkG8UdMGMeU=
Subject key identifier: B6:A7:92:DD:D1:55:8F:C2:DA:11:C1:64:39:C0:4B:F0:01:8A:3B:69
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 018CC8713A8DE50FCBB41EEF8DF2C5C37792
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/tqeS3dFVj8LaEcFkOcBL8AGKO2k.roa
Signing time: Tue 02 Jan 2024 04:31:52 +0000
ROA not before: Tue 02 Jan 2024 04:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57865
IP address blocks: 46.191.184.0/22 maxlen: 22
46.191.188.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:3a:8d:e5:0f:cb:b4:1e:ef:8d:f2:c5:c3:77:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: Jan 2 04:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6a792ddd1558fc2da11c16439c04bf0018a3b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:58:d1:c5:f4:5f:19:77:d1:f6:4b:e0:27:38:
5c:18:84:7b:a1:2f:5f:42:a7:b9:16:f1:34:8e:83:
de:3f:3c:ee:8d:1c:ae:0a:c8:73:2c:96:62:7e:d4:
86:c6:fe:bf:47:75:c3:27:0a:70:dd:2a:b2:06:7c:
a6:35:34:8b:46:64:bf:f6:c5:d3:18:90:51:ba:63:
a7:b0:d7:b4:cd:08:28:2c:47:d2:7d:34:00:eb:89:
74:e1:c6:c1:a4:d0:5f:ab:1e:75:76:1e:32:b5:84:
c9:27:0d:12:40:32:c9:87:6b:26:c3:37:3e:bb:fa:
61:52:14:30:c8:ec:aa:ad:1e:7e:4c:64:d2:7c:46:
ae:5d:72:4a:25:21:be:79:29:c7:de:0f:63:8d:02:
ce:98:9a:b2:2f:02:ab:cf:e8:ba:5d:95:7f:ce:ff:
1d:a4:9e:29:59:4d:28:73:b9:b1:a5:99:e4:ba:03:
cc:f8:78:32:44:c4:09:7a:e6:8a:24:6e:fd:e0:b3:
99:90:47:16:63:ed:cc:e1:6a:15:aa:e8:f3:4e:2c:
74:31:4a:f6:39:22:d6:9e:63:f1:3c:b6:b8:d3:e8:
d7:39:a0:cd:6d:ca:9c:ec:49:e8:a7:4a:c6:ee:2e:
34:62:83:ae:94:cb:eb:a6:c2:16:4a:6b:a5:0f:6e:
70:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:A7:92:DD:D1:55:8F:C2:DA:11:C1:64:39:C0:4B:F0:01:8A:3B:69
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/tqeS3dFVj8LaEcFkOcBL8AGKO2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.191.184.0/21
Signature Algorithm: sha256WithRSAEncryption
a3:1f:1f:c8:c0:17:fb:16:be:99:59:1c:87:cc:41:1a:87:64:
df:32:2e:0a:ef:16:e0:f8:80:06:1a:46:1e:03:91:03:48:1c:
7f:63:e5:24:5b:1a:31:4c:bc:f7:78:84:50:91:5c:72:0e:66:
8a:ab:56:91:aa:cc:28:10:3e:f5:10:07:f3:b7:b6:cb:17:9f:
6b:2d:93:65:35:b5:b0:f8:58:dd:dc:34:af:e5:40:7d:d0:d1:
5a:ce:bd:8b:35:e2:3c:6c:b8:25:f4:c1:7f:54:db:85:35:6e:
f7:30:aa:d6:69:77:ab:46:64:7f:41:33:3f:b0:16:e1:8f:88:
24:69:02:1e:6b:41:6e:aa:99:c0:85:a2:97:9b:39:2f:34:3b:
52:85:bc:cc:5c:cf:4d:a3:a7:5a:da:a2:af:44:1e:f3:2c:68:
20:d7:28:d7:7e:d8:7c:77:3a:52:13:65:ef:4c:a9:4a:91:9c:
e9:9d:8a:a3:0f:4e:b6:fa:d2:d6:f0:9d:4f:e7:eb:b3:f0:39:
c6:5a:b8:7c:0e:30:33:ee:c1:9f:16:1b:03:cb:74:b7:e5:49:
87:58:49:6c:62:72:15:5f:f9:51:23:d8:67:dc:8c:a7:58:df:
69:99:d2:c7:42:ca:dc:da:8d:28:4b:11:50:40:9d:48:b7:e5:
62:4b:11:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcTqN5Q/LtB7vjfLFw3eSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmQwYWU1ZTJmYmZmY2NlMDg3NzBlYmMyMGMyMTZiOWZi
Zjk0ODUwHhcNMjQwMTAyMDQzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmE3OTJkZGQxNTU4ZmMyZGExMWMxNjQzOWMwNGJmMDAxOGEzYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhljRxfRfGXfR9kvgJzhcGIR7oS9f
Qqe5FvE0joPePzzujRyuCshzLJZiftSGxv6/R3XDJwpw3SqyBnymNTSLRmS/9sXT
GJBRumOnsNe0zQgoLEfSfTQA64l04cbBpNBfqx51dh4ytYTJJw0SQDLJh2smwzc+
u/phUhQwyOyqrR5+TGTSfEauXXJKJSG+eSnH3g9jjQLOmJqyLwKrz+i6XZV/zv8d
pJ4pWU0oc7mxpZnkugPM+HgyRMQJeuaKJG794LOZkEcWY+3M4WoVqujzTix0MUr2
OSLWnmPxPLa40+jXOaDNbcqc7Enop0rG7i40YoOulMvrpsIWSmulD25wiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLankt3RVY/C2hHBZDnAS/ABijtpMB8GA1UdIwQY
MBaAFKNtCuXi+//M4Idw68IMIWufv5SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAt
Y2JiOTUxODNiMjdhLzEvdHFlUzNkRlZqOExhRWNGa09jQkw4QUdLTzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAtY2JiOTUxODNiMjdh
LzEvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLr+4MA0G
CSqGSIb3DQEBCwUAA4IBAQCjHx/IwBf7Fr6ZWRyHzEEah2TfMi4K7xbg+IAGGkYe
A5EDSBx/Y+UkWxoxTLz3eIRQkVxyDmaKq1aRqswoED71EAfzt7bLF59rLZNlNbWw
+Fjd3DSv5UB90NFazr2LNeI8bLgl9MF/VNuFNW73MKrWaXerRmR/QTM/sBbhj4gk
aQIea0FuqpnAhaKXmzkvNDtShbzMXM9No6da2qKvRB7zLGgg1yjXfth8dzpSE2Xv
TKlKkZzpnYqjD062+tLW8J1P5+uz8DnGWrh8DjAz7sGfFhsDy3S35UmHWElsYnIV
X/lRI9hn3IynWN9pmdLHQsrc2o0oSxFQQJ1It+ViSxFz
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:44 2025 by rpki-client