Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/CdQzDBdCs2aN7G6g0q5P5SfJtQs.roa
File: CdQzDBdCs2aN7G6g0q5P5SfJtQs.roa (raw, json)
Hash identifier: 03C+WH98bsZ8CJ6pEDV0E//Srw1Y1QZ78XIk5pD32+0=
Subject key identifier: 09:D4:33:0C:17:42:B3:66:8D:EC:6E:A0:D2:AE:4F:E5:27:C9:B5:0B
Certificate issuer: /CN=262341b433e1f8fcb796322d2fd926409396e7ad
Certificate serial: 018D3B85FD976FCFC8220974ED0D22848686
Authority key identifier: 26:23:41:B4:33:E1:F8:FC:B7:96:32:2D:2F:D9:26:40:93:96:E7:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JiNBtDPh-Py3ljItL9kmQJOW560.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/CdQzDBdCs2aN7G6g0q5P5SfJtQs.roa
Signing time: Wed 24 Jan 2024 12:50:53 +0000
ROA not before: Wed 24 Jan 2024 12:50:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43088
IP address blocks: 46.31.16.0/21 maxlen: 24
193.200.225.0/24 maxlen: 24
2a02:2530::/32 maxlen: 64
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3b:85:fd:97:6f:cf:c8:22:09:74:ed:0d:22:84:86:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=262341b433e1f8fcb796322d2fd926409396e7ad
Validity
Not Before: Jan 24 12:50:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09d4330c1742b3668dec6ea0d2ae4fe527c9b50b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:93:7a:72:0d:e4:3f:b6:ff:0f:c8:06:ba:da:
48:85:d2:6c:34:e2:3c:4d:ee:9a:ca:c1:11:cd:b7:
4a:9e:29:0d:33:06:24:42:c0:54:50:24:62:77:dc:
80:f3:26:44:97:9d:d7:75:70:44:20:39:df:ba:9c:
37:d2:94:a3:18:e4:00:85:3a:fa:70:bb:a6:e4:42:
be:91:77:8f:be:84:72:48:20:4a:d5:d5:65:36:57:
7c:1a:ed:78:ab:0b:08:e5:ff:17:fb:70:8a:36:d0:
58:7b:dd:e7:8b:bb:db:08:33:90:8e:91:a5:22:50:
b8:4a:73:fd:22:13:39:bd:dc:8b:2a:14:f8:8d:52:
10:f0:0a:05:01:a3:80:8c:98:7a:81:dc:c6:1e:cc:
3d:b1:4f:76:c5:b2:84:5c:9d:48:e8:f2:8e:78:c1:
a3:56:14:56:b5:43:c4:a4:6a:41:2e:0e:94:5d:37:
1a:d3:4c:3f:68:da:b5:5a:52:43:da:d8:a5:1f:a0:
ad:17:33:f9:ef:ea:84:eb:82:5e:e2:7f:9e:43:ac:
42:d3:ff:7d:14:18:2c:8e:2e:4e:8e:00:2d:e1:27:
78:a8:18:7e:b0:bb:79:19:b1:54:03:45:e2:6d:62:
67:62:0d:4f:12:a2:b9:d5:cf:9b:c0:c1:ca:0f:b6:
65:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D4:33:0C:17:42:B3:66:8D:EC:6E:A0:D2:AE:4F:E5:27:C9:B5:0B
X509v3 Authority Key Identifier:
keyid:26:23:41:B4:33:E1:F8:FC:B7:96:32:2D:2F:D9:26:40:93:96:E7:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JiNBtDPh-Py3ljItL9kmQJOW560.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/CdQzDBdCs2aN7G6g0q5P5SfJtQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/JiNBtDPh-Py3ljItL9kmQJOW560.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.16.0/21
193.200.225.0/24
IPv6:
2a02:2530::/32
Signature Algorithm: sha256WithRSAEncryption
49:af:04:e7:9d:21:0d:75:10:b6:fb:72:0e:33:d1:39:f3:3d:
50:6e:86:ee:83:c3:86:c3:13:c9:f8:53:37:a5:2c:8b:9c:b9:
e9:43:dd:d3:36:86:1d:48:6e:93:3c:0d:c1:aa:00:09:56:1d:
55:e5:53:3b:e8:a2:bf:40:e3:fd:57:71:7f:19:f5:d0:49:ff:
b9:6d:e3:d5:9e:08:62:4a:23:48:8f:e4:14:60:0e:fa:fc:21:
fb:a1:21:d7:39:8f:5d:83:f2:a4:31:31:9d:77:b1:03:73:ff:
3d:ef:0a:6b:45:50:21:a9:89:5a:fd:b1:b0:75:71:e1:fe:96:
b9:37:90:73:f7:8a:05:43:9f:39:f7:1d:69:67:34:f5:81:54:
0e:4d:25:e5:14:90:bf:f9:46:e3:6b:63:8a:c6:2b:39:f5:45:
65:d2:44:cf:d4:5e:f3:f7:e5:af:f4:57:65:81:5a:df:c7:33:
32:26:b8:16:4e:9a:39:b1:c1:37:a6:65:f9:69:35:6f:8d:c3:
ae:2a:0d:31:8c:5f:aa:50:39:7b:93:70:bf:45:b4:f1:be:1f:
97:df:1c:d6:0e:82:97:73:60:c2:3b:63:d2:83:c1:05:07:74:
b2:81:5a:99:d5:e2:79:42:b1:ff:ea:e5:54:17:d3:1f:3d:92:
ed:8a:5b:49
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY07hf2Xb8/IIgl07Q0ihIaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MjM0MWI0MzNlMWY4ZmNiNzk2MzIyZDJmZDkyNjQwOTM5
NmU3YWQwHhcNMjQwMTI0MTI1MDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQ0MzMwYzE3NDJiMzY2OGRlYzZlYTBkMmFlNGZlNTI3YzliNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZN6cg3kP7b/D8gGutpIhdJsNOI8
Te6aysERzbdKnikNMwYkQsBUUCRid9yA8yZEl53XdXBEIDnfupw30pSjGOQAhTr6
cLum5EK+kXePvoRySCBK1dVlNld8Gu14qwsI5f8X+3CKNtBYe93ni7vbCDOQjpGl
IlC4SnP9IhM5vdyLKhT4jVIQ8AoFAaOAjJh6gdzGHsw9sU92xbKEXJ1I6PKOeMGj
VhRWtUPEpGpBLg6UXTca00w/aNq1WlJD2tilH6CtFzP57+qE64Je4n+eQ6xC0/99
FBgsji5OjgAt4Sd4qBh+sLt5GbFUA0XibWJnYg1PEqK51c+bwMHKD7Zl5QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAnUMwwXQrNmjexuoNKuT+UnybULMB8GA1UdIwQY
MBaAFCYjQbQz4fj8t5YyLS/ZJkCTluetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmlOQnREUGgtUHkzbGpJdEw5a21RSk9XNTYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi81NjhlMjEtNTNhNC00ZTU1LTljNTct
OTgyODJjODlmNTE2LzEvQ2RRekRCZENzMmFON0c2ZzBxNVA1U2ZKdFFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi81NjhlMjEtNTNhNC00ZTU1LTljNTctOTgyODJjODlmNTE2
LzEvSmlOQnREUGgtUHkzbGpJdEw5a21RSk9XNTYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLh8QAwQA
wcjhMA0EAgACMAcDBQAqAiUwMA0GCSqGSIb3DQEBCwUAA4IBAQBJrwTnnSENdRC2
+3IOM9E58z1Qbobug8OGwxPJ+FM3pSyLnLnpQ93TNoYdSG6TPA3BqgAJVh1V5VM7
6KK/QOP9V3F/GfXQSf+5bePVnghiSiNIj+QUYA76/CH7oSHXOY9dg/KkMTGdd7ED
c/897wprRVAhqYla/bGwdXHh/pa5N5Bz94oFQ5859x1pZzT1gVQOTSXlFJC/+Ubj
a2OKxis59UVl0kTP1F7z9+Wv9FdlgVrfxzMyJrgWTpo5scE3pmX5aTVvjcOuKg0x
jF+qUDl7k3C/RbTxvh+X3xzWDoKXc2DCO2PSg8EFB3SygVqZ1eJ5QrH/6uVUF9Mf
PZLtiltJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:54 2025 by rpki-client