Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/q2EgKyfdZlyf-mydXDED7NFVYRE.roa
File: q2EgKyfdZlyf-mydXDED7NFVYRE.roa (raw, json)
Hash identifier: wZugobMuWNnyMVgBHAFi/ungwwH/WBpcw95tlC0uT8A=
Subject key identifier: AB:61:20:2B:27:DD:66:5C:9F:FA:6C:9D:5C:31:03:EC:D1:55:61:11
Certificate issuer: /CN=9813e2f6351d3b4d1e61aa4016f1b2cfa62d7cdf
Certificate serial: 0192FE75BC1FB4050FB319D4E5475C22B820
Authority key identifier: 98:13:E2:F6:35:1D:3B:4D:1E:61:AA:40:16:F1:B2:CF:A6:2D:7C:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBPi9jUdO00eYapAFvGyz6YtfN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/q2EgKyfdZlyf-mydXDED7NFVYRE.roa
Signing time: Tue 05 Nov 2024 22:33:01 +0000
ROA not before: Tue 05 Nov 2024 22:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206518
IP address blocks: 46.45.118.0/23 maxlen: 23
46.45.118.0/24 maxlen: 24
46.45.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fe:75:bc:1f:b4:05:0f:b3:19:d4:e5:47:5c:22:b8:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9813e2f6351d3b4d1e61aa4016f1b2cfa62d7cdf
Validity
Not Before: Nov 5 22:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab61202b27dd665c9ffa6c9d5c3103ecd1556111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fc:38:63:eb:5a:6e:c7:17:02:7f:f7:4c:dc:
49:3b:e6:28:51:c3:55:72:14:6f:1c:a5:ea:ae:b0:
1b:e3:fc:46:cc:0e:12:ec:51:b0:72:7a:2e:16:6c:
f4:f8:31:ab:1d:16:54:6a:0b:c0:c3:67:09:7a:fa:
34:b0:dc:e4:0b:eb:51:8c:3d:e8:11:96:c6:e9:08:
dc:3f:81:0a:d5:80:eb:20:16:25:8a:80:c0:58:a6:
31:8c:ba:0d:53:44:1d:fc:17:aa:8e:8f:4f:05:24:
3c:3f:35:1e:a9:d0:7c:9b:69:2b:4b:ee:0b:81:72:
a3:7e:ff:d1:16:18:33:dd:39:80:0a:b0:7f:f2:b4:
88:6d:08:ec:a6:c4:e2:52:57:0d:c1:91:1a:ba:53:
41:2b:e0:2e:c0:a5:00:f9:55:8d:fb:56:e2:de:eb:
ab:ea:8b:19:6f:7c:cd:69:91:1f:80:b7:fa:51:cf:
80:6f:b3:1c:d4:ee:17:bc:e6:40:78:16:8c:20:99:
3d:19:aa:17:47:34:87:62:f0:80:ac:60:24:cd:ac:
0f:e7:7f:d6:d2:fb:e8:c0:56:94:aa:5a:ec:ba:7b:
b0:91:1b:b7:27:24:79:88:de:7f:d9:86:bb:2f:d4:
bf:64:41:5d:69:09:7b:45:31:4d:1c:02:7f:21:b2:
60:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:61:20:2B:27:DD:66:5C:9F:FA:6C:9D:5C:31:03:EC:D1:55:61:11
X509v3 Authority Key Identifier:
keyid:98:13:E2:F6:35:1D:3B:4D:1E:61:AA:40:16:F1:B2:CF:A6:2D:7C:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBPi9jUdO00eYapAFvGyz6YtfN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/q2EgKyfdZlyf-mydXDED7NFVYRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/mBPi9jUdO00eYapAFvGyz6YtfN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.45.118.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:c6:89:28:a7:f0:77:4d:22:4c:c3:f5:08:8c:0a:0f:6b:fd:
21:fd:44:55:2e:73:e1:29:41:2b:83:5f:11:d7:6d:5c:67:3f:
fc:b6:50:fe:e3:d5:5b:fc:d0:2b:03:8a:f3:5b:d4:7e:cf:6b:
18:24:3a:ee:8f:1a:86:3b:31:1e:e3:3d:fd:84:2d:6f:b0:90:
1f:39:2c:7c:6c:bf:1d:95:b5:b6:7f:91:4b:31:02:14:f4:b8:
91:36:57:18:95:02:6f:f1:45:83:f9:a6:76:f4:f7:61:4a:44:
52:8c:d0:81:9e:5a:f9:5f:2c:dd:10:af:bf:13:94:13:bc:3c:
47:48:c5:f7:2a:4e:f1:68:f4:bf:47:e8:74:05:f3:35:03:e0:
3f:6e:7c:79:5b:96:de:60:ea:99:2b:8c:c6:cb:d7:fd:3b:6f:
ec:30:47:78:f8:d6:62:b2:7f:7e:b1:64:86:32:56:c1:8c:46:
08:c6:95:a3:92:28:4d:e2:2c:06:7c:65:5d:9e:90:dc:e9:5f:
a9:fc:a8:14:4e:a0:8c:07:f3:a6:3c:f2:d6:6b:b6:aa:2a:37:
30:f7:a2:b1:8b:21:33:d6:a0:66:83:f8:0d:35:44:8f:9f:79:
09:36:3a:28:d4:41:de:4c:7d:c4:c5:db:2b:da:cc:10:c2:84:
27:24:cd:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZL+dbwftAUPsxnU5UdcIrggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTNlMmY2MzUxZDNiNGQxZTYxYWE0MDE2ZjFiMmNmYTYy
ZDdjZGYwHhcNMjQxMTA1MjIzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjYxMjAyYjI3ZGQ2NjVjOWZmYTZjOWQ1YzMxMDNlY2QxNTU2MTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/w4Y+tabscXAn/3TNxJO+YoUcNV
chRvHKXqrrAb4/xGzA4S7FGwcnouFmz0+DGrHRZUagvAw2cJevo0sNzkC+tRjD3o
EZbG6QjcP4EK1YDrIBYlioDAWKYxjLoNU0Qd/Beqjo9PBSQ8PzUeqdB8m2krS+4L
gXKjfv/RFhgz3TmACrB/8rSIbQjspsTiUlcNwZEaulNBK+AuwKUA+VWN+1bi3uur
6osZb3zNaZEfgLf6Uc+Ab7Mc1O4XvOZAeBaMIJk9GaoXRzSHYvCArGAkzawP53/W
0vvowFaUqlrsunuwkRu3JyR5iN5/2Ya7L9S/ZEFdaQl7RTFNHAJ/IbJg1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKthICsn3WZcn/psnVwxA+zRVWERMB8GA1UdIwQY
MBaAFJgT4vY1HTtNHmGqQBbxss+mLXzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJQaTlqVWRPMDBlWWFwQUZ2R3l6Nll0Zk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zZjc0NjMtNGQ0Zi00MWE2LThkNzIt
Mzk1MTM3OGFhNzY2LzEvcTJFZ0t5ZmRabHlmLW15ZFhERUQ3TkZWWVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zZjc0NjMtNGQ0Zi00MWE2LThkNzItMzk1MTM3OGFhNzY2
LzEvbUJQaTlqVWRPMDBlWWFwQUZ2R3l6Nll0Zk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLi12MA0G
CSqGSIb3DQEBCwUAA4IBAQBrxokop/B3TSJMw/UIjAoPa/0h/URVLnPhKUErg18R
121cZz/8tlD+49Vb/NArA4rzW9R+z2sYJDrujxqGOzEe4z39hC1vsJAfOSx8bL8d
lbW2f5FLMQIU9LiRNlcYlQJv8UWD+aZ29PdhSkRSjNCBnlr5XyzdEK+/E5QTvDxH
SMX3Kk7xaPS/R+h0BfM1A+A/bnx5W5beYOqZK4zGy9f9O2/sMEd4+NZisn9+sWSG
MlbBjEYIxpWjkihN4iwGfGVdnpDc6V+p/KgUTqCMB/OmPPLWa7aqKjcw96KxiyEz
1qBmg/gNNUSPn3kJNjoo1EHeTH3Exdsr2swQwoQnJM3I
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:35 2025 by rpki-client