Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/mA_ClAH--AmNhEZovU6QXsuRhmc.roa
File: mA_ClAH--AmNhEZovU6QXsuRhmc.roa (raw, json)
Hash identifier: GBvtMgYC6u9F7s8xclRgaINfU9wPtfUNhY1yApLBaTk=
Subject key identifier: 98:0F:C2:94:01:FE:F8:09:8D:84:46:68:BD:4E:90:5E:CB:91:86:67
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018CC8020862247F61678F6B663DABBED609
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/mA_ClAH--AmNhEZovU6QXsuRhmc.roa
Signing time: Tue 02 Jan 2024 02:30:25 +0000
ROA not before: Tue 02 Jan 2024 02:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56341
IP address blocks: 46.52.224.0/21 maxlen: 21
188.133.224.0/20 maxlen: 20
109.203.198.0/23 maxlen: 23
188.133.240.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 27 Aug 2024 09:55:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:08:62:24:7f:61:67:8f:6b:66:3d:ab:be:d6:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 02:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=980fc29401fef8098d844668bd4e905ecb918667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ad:1a:57:a8:19:a8:2d:9d:11:b1:78:87:7b:
a7:31:fb:40:e1:c5:0d:2b:96:bd:26:91:82:bf:36:
38:34:f5:48:7d:29:34:2b:4d:a5:aa:4e:d0:fa:ed:
b7:3d:e3:63:c8:f2:a5:ed:09:62:06:e7:17:2a:05:
95:fa:f7:82:3b:1e:d0:28:86:c2:7f:37:38:f2:df:
d2:01:46:fa:e2:67:fb:09:9a:39:79:3d:1a:81:df:
b4:55:9a:e3:48:4f:1b:60:61:af:17:dc:16:62:a4:
62:f4:cb:1d:19:71:70:88:e9:f7:0a:eb:55:0a:21:
fe:fb:ff:a6:cb:b9:71:e2:ba:32:83:8d:fc:cd:2a:
eb:37:66:b9:89:d5:6c:a6:72:3b:bc:51:4f:cf:58:
1a:bb:f5:0c:35:38:55:68:a0:2a:4b:b5:d2:08:59:
e5:f2:de:f6:4d:6e:72:f3:b0:b5:17:e3:8b:46:aa:
c1:62:a3:32:9a:3e:ca:fb:2a:49:d5:01:e9:99:16:
e2:a3:91:9e:23:98:29:08:fc:56:e0:ef:c6:0c:c3:
9b:71:b8:4c:5d:41:ff:ea:7b:38:ae:54:e1:f0:4d:
7c:d2:4c:47:7d:a5:75:78:68:76:a7:29:e0:ba:83:
08:be:00:39:63:a8:75:51:79:85:b4:69:ae:bd:a1:
d1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:0F:C2:94:01:FE:F8:09:8D:84:46:68:BD:4E:90:5E:CB:91:86:67
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/mA_ClAH--AmNhEZovU6QXsuRhmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.52.224.0/21
109.203.198.0/23
188.133.224.0/19
Signature Algorithm: sha256WithRSAEncryption
78:10:7a:64:1e:21:c1:33:1b:1d:b4:30:4f:55:67:fd:74:87:
74:dd:2b:04:be:43:3d:60:02:9a:a8:e6:c2:29:86:e8:04:d8:
52:74:6c:c0:c9:cc:c7:25:71:25:e6:17:67:18:b5:fd:d7:ca:
36:72:17:fd:a7:49:d3:09:fe:7d:50:cb:84:3e:10:78:2c:60:
c9:91:02:cd:1f:c1:fc:6d:1e:10:af:d2:b5:07:53:5f:08:9a:
22:b6:ee:77:96:bd:f6:8d:36:29:19:86:90:21:b1:6a:e3:ad:
39:de:c4:fa:69:20:ff:9e:b0:83:8a:50:15:31:94:95:3c:fc:
aa:98:89:b4:65:0e:c7:e3:89:c5:ee:1e:bc:5f:b1:cf:be:85:
20:c6:16:5e:66:b3:b8:34:8b:ff:70:93:43:c1:32:b8:01:45:
cf:c2:45:6a:33:db:93:76:a2:ed:0c:2a:3c:d8:88:cd:9d:35:
8a:53:90:a2:7a:74:65:cf:24:04:60:8c:3b:e5:b7:dc:49:97:
6d:44:c3:a0:80:ee:a0:7f:eb:2c:22:c9:66:67:5b:bd:40:7a:
41:b9:ed:e4:ee:af:08:a7:a3:c9:1f:56:b5:3d:4a:ab:47:43:
d9:4e:06:be:84:f9:22:b9:05:93:ea:98:10:28:83:77:c2:32:
42:05:17:dd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAghiJH9hZ49rZj2rvtYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMTAyMDIzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODBmYzI5NDAxZmVmODA5OGQ4NDQ2NjhiZDRlOTA1ZWNiOTE4NjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta0aV6gZqC2dEbF4h3unMftA4cUN
K5a9JpGCvzY4NPVIfSk0K02lqk7Q+u23PeNjyPKl7QliBucXKgWV+veCOx7QKIbC
fzc48t/SAUb64mf7CZo5eT0agd+0VZrjSE8bYGGvF9wWYqRi9MsdGXFwiOn3CutV
CiH++/+my7lx4royg438zSrrN2a5idVspnI7vFFPz1gau/UMNThVaKAqS7XSCFnl
8t72TW5y87C1F+OLRqrBYqMymj7K+ypJ1QHpmRbio5GeI5gpCPxW4O/GDMObcbhM
XUH/6ns4rlTh8E180kxHfaV1eGh2pynguoMIvgA5Y6h1UXmFtGmuvaHR6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJgPwpQB/vgJjYRGaL1OkF7LkYZnMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvbUFfQ2xBSC0tQW1OaEVab3ZVNlFYc3VSaG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLjTgAwQB
bcvGAwQFvIXgMA0GCSqGSIb3DQEBCwUAA4IBAQB4EHpkHiHBMxsdtDBPVWf9dId0
3SsEvkM9YAKaqObCKYboBNhSdGzAyczHJXEl5hdnGLX918o2chf9p0nTCf59UMuE
PhB4LGDJkQLNH8H8bR4Qr9K1B1NfCJoitu53lr32jTYpGYaQIbFq46053sT6aSD/
nrCDilAVMZSVPPyqmIm0ZQ7H44nF7h68X7HPvoUgxhZeZrO4NIv/cJNDwTK4AUXP
wkVqM9uTdqLtDCo82IjNnTWKU5CienRlzyQEYIw75bfcSZdtRMOggO6gf+ssIslm
Z1u9QHpBue3k7q8Ip6PJH1a1PUqrR0PZTga+hPkiuQWT6pgQKIN3wjJCBRfd
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:31:01 2025 by rpki-client