Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/qIeP0d3hTru1ZrfqNOfAk51Szko.roa
File: qIeP0d3hTru1ZrfqNOfAk51Szko.roa (raw, json)
Hash identifier: 7lVYfiKHgdDCYI7s3kRvH7EtgeNY0yCAE0edr2bnBEQ=
Subject key identifier: A8:87:8F:D1:DD:E1:4E:BB:B5:66:B7:EA:34:E7:C0:93:9D:52:CE:4A
Certificate issuer: /CN=9813e2f6351d3b4d1e61aa4016f1b2cfa62d7cdf
Certificate serial: 0192FE75BCB855F1BBC5EFB8DC51702C5A66
Authority key identifier: 98:13:E2:F6:35:1D:3B:4D:1E:61:AA:40:16:F1:B2:CF:A6:2D:7C:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBPi9jUdO00eYapAFvGyz6YtfN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/qIeP0d3hTru1ZrfqNOfAk51Szko.roa
Signing time: Tue 05 Nov 2024 22:33:01 +0000
ROA not before: Tue 05 Nov 2024 22:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208066
IP address blocks: 46.45.64.0/20 maxlen: 20
46.45.64.0/22 maxlen: 22
46.45.68.0/22 maxlen: 22
46.45.72.0/22 maxlen: 22
46.45.76.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fe:75:bc:b8:55:f1:bb:c5:ef:b8:dc:51:70:2c:5a:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9813e2f6351d3b4d1e61aa4016f1b2cfa62d7cdf
Validity
Not Before: Nov 5 22:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8878fd1dde14ebbb566b7ea34e7c0939d52ce4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:33:2c:19:9c:37:15:7f:6b:2a:d5:93:90:7c:
79:a5:74:3d:99:84:8d:44:c9:74:12:ce:9e:55:18:
4e:ac:60:b7:1c:8c:3d:39:dc:93:25:aa:92:00:a6:
e0:0f:f0:7f:f4:b9:19:00:f9:6c:ad:fc:c4:ab:12:
8d:c1:0d:8d:a7:e7:73:c9:f6:13:26:7a:34:eb:cd:
96:25:4a:ff:03:de:40:47:0f:db:23:2f:43:61:3a:
56:1a:3f:19:0b:ad:06:df:b3:e5:b7:ea:88:63:f2:
a8:c6:19:72:e7:d9:ab:08:dc:80:96:bd:ee:21:f6:
e2:71:28:f5:ee:46:1f:bb:97:09:62:ec:e0:1f:04:
6d:43:28:40:e6:3b:d9:ff:8b:02:05:f8:1c:94:25:
0c:ae:db:9a:82:20:f9:76:2b:9a:73:f2:5e:dc:8a:
45:87:a7:5f:da:31:c8:ca:72:ef:d5:7a:d8:57:ac:
ea:e9:bb:bd:41:b1:f3:4d:9b:51:07:7d:b5:30:7d:
8f:a2:ee:c5:be:6f:b8:e1:4b:08:ae:1d:ce:0f:bf:
b7:f1:a0:7d:aa:76:68:3d:8f:6c:04:66:5d:5b:6a:
a1:e0:0b:75:b3:ad:50:21:c5:73:6a:a7:01:50:4b:
0e:20:f4:e9:34:e1:18:95:80:64:ef:fe:ab:c5:c0:
c8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:87:8F:D1:DD:E1:4E:BB:B5:66:B7:EA:34:E7:C0:93:9D:52:CE:4A
X509v3 Authority Key Identifier:
keyid:98:13:E2:F6:35:1D:3B:4D:1E:61:AA:40:16:F1:B2:CF:A6:2D:7C:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBPi9jUdO00eYapAFvGyz6YtfN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/qIeP0d3hTru1ZrfqNOfAk51Szko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/mBPi9jUdO00eYapAFvGyz6YtfN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.45.64.0/20
Signature Algorithm: sha256WithRSAEncryption
8d:fa:cc:b6:9b:ba:ca:65:20:78:43:5b:05:d9:05:10:11:3f:
a3:3b:da:2e:fe:21:de:e9:c8:89:3c:35:24:56:52:34:b9:46:
e6:da:99:0f:3b:ab:69:37:bd:67:e1:be:b9:8f:5b:0f:f0:1e:
bb:a1:a7:58:fa:5b:ec:27:10:01:bd:4b:14:bb:41:f0:70:66:
51:ba:e7:b0:43:91:75:e1:b4:47:87:a1:bc:0b:ea:49:0e:1f:
0e:23:a2:62:f4:f5:31:f0:92:8c:19:ad:cf:07:87:71:3f:19:
ae:3a:0a:37:f0:d6:97:ea:d5:4c:a0:e4:d3:99:13:cf:2b:95:
b1:d2:2c:10:01:b3:cb:3e:7b:70:e4:8a:0b:08:a2:0a:24:65:
45:81:db:51:ee:b4:ca:2e:98:a8:a7:f1:84:37:e5:d4:97:26:
40:3d:e1:45:7b:6e:e2:94:0c:50:e2:98:70:f2:af:55:2d:d6:
03:08:2a:e0:92:a3:95:29:c3:3d:65:83:00:05:e8:87:3c:da:
64:88:7d:fe:24:fd:bb:07:9b:80:be:36:38:e5:61:49:c3:a8:
01:67:e6:c1:53:4c:9e:ec:b0:e4:91:f2:10:77:4b:7c:25:25:
81:3c:b6:d8:b2:c0:d1:ad:3a:65:c4:4d:cb:4e:a7:4f:39:49:
1b:bb:4d:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZL+dby4VfG7xe+43FFwLFpmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTNlMmY2MzUxZDNiNGQxZTYxYWE0MDE2ZjFiMmNmYTYy
ZDdjZGYwHhcNMjQxMTA1MjIzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODg3OGZkMWRkZTE0ZWJiYjU2NmI3ZWEzNGU3YzA5MzlkNTJjZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTMsGZw3FX9rKtWTkHx5pXQ9mYSN
RMl0Es6eVRhOrGC3HIw9OdyTJaqSAKbgD/B/9LkZAPlsrfzEqxKNwQ2Np+dzyfYT
Jno0682WJUr/A95ARw/bIy9DYTpWGj8ZC60G37Plt+qIY/Koxhly59mrCNyAlr3u
IfbicSj17kYfu5cJYuzgHwRtQyhA5jvZ/4sCBfgclCUMrtuagiD5diuac/Je3IpF
h6df2jHIynLv1XrYV6zq6bu9QbHzTZtRB321MH2Pou7Fvm+44UsIrh3OD7+38aB9
qnZoPY9sBGZdW2qh4At1s61QIcVzaqcBUEsOIPTpNOEYlYBk7/6rxcDI1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKiHj9Hd4U67tWa36jTnwJOdUs5KMB8GA1UdIwQY
MBaAFJgT4vY1HTtNHmGqQBbxss+mLXzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJQaTlqVWRPMDBlWWFwQUZ2R3l6Nll0Zk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zZjc0NjMtNGQ0Zi00MWE2LThkNzIt
Mzk1MTM3OGFhNzY2LzEvcUllUDBkM2hUcnUxWnJmcU5PZkFrNTFTemtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zZjc0NjMtNGQ0Zi00MWE2LThkNzItMzk1MTM3OGFhNzY2
LzEvbUJQaTlqVWRPMDBlWWFwQUZ2R3l6Nll0Zk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELi1AMA0G
CSqGSIb3DQEBCwUAA4IBAQCN+sy2m7rKZSB4Q1sF2QUQET+jO9ou/iHe6ciJPDUk
VlI0uUbm2pkPO6tpN71n4b65j1sP8B67oadY+lvsJxABvUsUu0HwcGZRuuewQ5F1
4bRHh6G8C+pJDh8OI6Ji9PUx8JKMGa3PB4dxPxmuOgo38NaX6tVMoOTTmRPPK5Wx
0iwQAbPLPntw5IoLCKIKJGVFgdtR7rTKLpiop/GEN+XUlyZAPeFFe27ilAxQ4phw
8q9VLdYDCCrgkqOVKcM9ZYMABeiHPNpkiH3+JP27B5uAvjY45WFJw6gBZ+bBU0ye
7LDkkfIQd0t8JSWBPLbYssDRrTplxE3LTqdPOUkbu01x
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:47 2025 by rpki-client