Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/VZsTozYa0iWud75PXnj5gQFrLLo.roa
File: VZsTozYa0iWud75PXnj5gQFrLLo.roa (raw, json)
Hash identifier: vvhxB8nlkjtss9o644l6GCPK56wNHUXEiCl5FbvIjqo=
Subject key identifier: 55:9B:13:A3:36:1A:D2:25:AE:77:BE:4F:5E:78:F9:81:01:6B:2C:BA
Certificate issuer: /CN=9813e2f6351d3b4d1e61aa4016f1b2cfa62d7cdf
Certificate serial: 0192FE75BB2C61BF1F4DD148975C9362AF76
Authority key identifier: 98:13:E2:F6:35:1D:3B:4D:1E:61:AA:40:16:F1:B2:CF:A6:2D:7C:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBPi9jUdO00eYapAFvGyz6YtfN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/VZsTozYa0iWud75PXnj5gQFrLLo.roa
Signing time: Tue 05 Nov 2024 22:33:01 +0000
ROA not before: Tue 05 Nov 2024 22:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51484
IP address blocks: 46.45.64.0/18 maxlen: 18
46.45.104.0/23 maxlen: 23
46.45.112.0/20 maxlen: 20
2a03:24c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fe:75:bb:2c:61:bf:1f:4d:d1:48:97:5c:93:62:af:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9813e2f6351d3b4d1e61aa4016f1b2cfa62d7cdf
Validity
Not Before: Nov 5 22:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=559b13a3361ad225ae77be4f5e78f981016b2cba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:85:5b:23:f4:47:a7:9a:4c:7f:7c:c1:a9:32:
4f:32:25:d4:81:7d:b2:fb:d6:6e:9e:d2:8b:ed:b1:
20:af:13:5e:d1:7b:18:3a:c0:df:3d:9e:71:8b:80:
cd:89:30:63:ca:33:03:5c:41:88:cc:51:d0:6f:ed:
9b:36:83:70:7f:7a:86:4f:13:dd:73:f6:76:a3:4d:
a2:ae:56:d6:eb:41:6e:d8:0c:74:5a:52:9d:16:fa:
6a:9b:7d:81:e3:ae:03:e6:fa:2c:20:60:c0:01:3f:
f2:db:81:83:55:5e:1f:4a:55:4e:27:96:06:69:8e:
0b:25:b9:4a:82:c0:d2:71:4c:2d:34:c0:46:55:31:
2f:ad:8e:55:01:4b:1e:bc:93:2e:12:9c:c4:25:5d:
8f:35:88:39:30:0c:9e:a0:02:3b:09:4a:67:4d:7b:
be:74:55:8a:0c:79:73:15:74:95:e9:8a:40:e6:25:
6e:47:92:3b:6a:ac:56:52:1a:39:d9:84:ec:3e:fb:
45:2d:d2:f8:71:0d:30:79:eb:03:64:70:ca:d8:ca:
02:6b:34:ca:da:55:42:ee:35:5e:43:a8:ea:66:6b:
9f:ab:61:83:69:88:7a:f1:a1:8f:62:f2:31:0e:30:
b7:93:16:bd:6c:c5:e3:b1:3c:33:db:5d:57:b0:e3:
74:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:9B:13:A3:36:1A:D2:25:AE:77:BE:4F:5E:78:F9:81:01:6B:2C:BA
X509v3 Authority Key Identifier:
keyid:98:13:E2:F6:35:1D:3B:4D:1E:61:AA:40:16:F1:B2:CF:A6:2D:7C:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBPi9jUdO00eYapAFvGyz6YtfN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/VZsTozYa0iWud75PXnj5gQFrLLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/mBPi9jUdO00eYapAFvGyz6YtfN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.45.64.0/18
IPv6:
2a03:24c0::/48
Signature Algorithm: sha256WithRSAEncryption
4a:b1:d5:9d:6c:e9:60:0d:e6:13:e9:63:51:fb:ca:46:8e:3a:
22:d2:23:32:ea:4f:99:b9:17:b4:ac:46:63:a6:16:a9:85:40:
1d:80:31:6f:54:b8:c4:cd:ad:e5:c6:9a:13:2b:d0:9d:35:d2:
52:67:1f:43:0a:97:74:b0:8a:c6:47:ab:7f:4e:f5:54:28:b8:
a7:b4:95:14:dd:74:bc:3f:be:01:05:89:11:48:f5:75:2e:b9:
87:c5:61:2b:03:93:cd:20:f1:91:54:d9:ee:a9:68:2a:a7:a1:
80:da:9d:e4:6e:08:8c:7d:3a:38:f6:77:ed:14:6e:21:1b:17:
1d:bb:12:84:71:34:54:c1:8d:e4:a8:c9:71:8b:16:b5:b7:d5:
99:af:1b:73:c5:fd:a8:1c:34:3b:8f:88:9b:d0:26:c5:9b:55:
55:ce:2e:57:fe:35:0e:5b:ac:d8:d2:88:54:e2:bf:a5:7b:08:
fc:fc:9e:8d:4f:d8:af:de:d8:2e:2c:15:f1:89:17:20:41:43:
76:6c:64:78:3a:a4:a7:8e:d3:7a:6b:81:4a:9a:e8:c9:b3:39:
fa:7f:65:67:dd:c5:45:db:af:6b:be:bb:41:c1:f0:03:8f:ed:
5b:ce:2e:1a:07:40:73:26:05:ff:cd:0a:c4:98:29:2b:1e:07:
43:c7:63:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZL+dbssYb8fTdFIl1yTYq92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTNlMmY2MzUxZDNiNGQxZTYxYWE0MDE2ZjFiMmNmYTYy
ZDdjZGYwHhcNMjQxMTA1MjIzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTliMTNhMzM2MWFkMjI1YWU3N2JlNGY1ZTc4Zjk4MTAxNmIyY2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/IVbI/RHp5pMf3zBqTJPMiXUgX2y
+9ZuntKL7bEgrxNe0XsYOsDfPZ5xi4DNiTBjyjMDXEGIzFHQb+2bNoNwf3qGTxPd
c/Z2o02irlbW60Fu2Ax0WlKdFvpqm32B464D5vosIGDAAT/y24GDVV4fSlVOJ5YG
aY4LJblKgsDScUwtNMBGVTEvrY5VAUsevJMuEpzEJV2PNYg5MAyeoAI7CUpnTXu+
dFWKDHlzFXSV6YpA5iVuR5I7aqxWUho52YTsPvtFLdL4cQ0weesDZHDK2MoCazTK
2lVC7jVeQ6jqZmufq2GDaYh68aGPYvIxDjC3kxa9bMXjsTwz211XsON0xwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFWbE6M2GtIlrne+T154+YEBayy6MB8GA1UdIwQY
MBaAFJgT4vY1HTtNHmGqQBbxss+mLXzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJQaTlqVWRPMDBlWWFwQUZ2R3l6Nll0Zk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zZjc0NjMtNGQ0Zi00MWE2LThkNzIt
Mzk1MTM3OGFhNzY2LzEvVlpzVG96WWEwaVd1ZDc1UFhuajVnUUZyTExvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zZjc0NjMtNGQ0Zi00MWE2LThkNzItMzk1MTM3OGFhNzY2
LzEvbUJQaTlqVWRPMDBlWWFwQUZ2R3l6Nll0Zk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQGLi1AMA8E
AgACMAkDBwAqAyTAAAAwDQYJKoZIhvcNAQELBQADggEBAEqx1Z1s6WAN5hPpY1H7
ykaOOiLSIzLqT5m5F7SsRmOmFqmFQB2AMW9UuMTNreXGmhMr0J010lJnH0MKl3Sw
isZHq39O9VQouKe0lRTddLw/vgEFiRFI9XUuuYfFYSsDk80g8ZFU2e6paCqnoYDa
neRuCIx9Ojj2d+0UbiEbFx27EoRxNFTBjeSoyXGLFrW31ZmvG3PF/agcNDuPiJvQ
JsWbVVXOLlf+NQ5brNjSiFTiv6V7CPz8no1P2K/e2C4sFfGJFyBBQ3ZsZHg6pKeO
03prgUqa6MmzOfp/ZWfdxUXbr2u+u0HB8AOP7VvOLhoHQHMmBf/NCsSYKSseB0PH
Y68=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:34 2025 by rpki-client