Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/qEdWz2VClhT65VZD4qW7_cHoiPo.roa
File: qEdWz2VClhT65VZD4qW7_cHoiPo.roa (raw, json)
Hash identifier: lUZ7qOoYiE0vTUwntk/m2r6BrQU754mOSdQ7x3lpFXU=
Subject key identifier: A8:47:56:CF:65:42:96:14:FA:E5:56:43:E2:A5:BB:FD:C1:E8:88:FA
Certificate issuer: /CN=dac32632aa9154253c6dcd2331e9ad6920b6bdcc
Certificate serial: 018CC3B7319E4C83FBAA7A8C767BBF3613FD
Authority key identifier: DA:C3:26:32:AA:91:54:25:3C:6D:CD:23:31:E9:AD:69:20:B6:BD:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2sMmMqqRVCU8bc0jMemtaSC2vcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/qEdWz2VClhT65VZD4qW7_cHoiPo.roa
Signing time: Mon 01 Jan 2024 06:30:11 +0000
ROA not before: Mon 01 Jan 2024 06:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 212.46.57.0/24 maxlen: 24
2a12:fc0::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:31:9e:4c:83:fb:aa:7a:8c:76:7b:bf:36:13:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac32632aa9154253c6dcd2331e9ad6920b6bdcc
Validity
Not Before: Jan 1 06:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a84756cf65429614fae55643e2a5bbfdc1e888fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:dd:52:a7:60:24:02:8c:22:62:a4:59:c6:03:
9d:56:8a:ac:dd:bd:11:dd:61:df:c4:42:f3:6b:b6:
e4:e4:0c:f5:7f:87:eb:4f:42:f8:7c:71:42:19:0e:
2d:ad:3c:3c:88:b1:59:ca:8d:64:39:04:9d:69:40:
9d:ec:99:13:f2:05:4d:ae:e0:ec:17:3e:31:3f:3b:
9e:50:c1:67:5a:8b:32:ad:3e:ce:18:45:62:1f:33:
de:2a:b6:fa:67:fb:85:69:e7:79:07:66:c0:de:ce:
91:d2:8b:2b:8b:39:a1:a0:39:c9:98:95:de:56:b5:
11:57:36:05:8b:62:95:3f:d2:6a:58:c2:d1:97:3d:
ac:aa:94:9e:7a:db:ac:58:4d:48:80:48:21:20:7b:
75:24:aa:94:f5:a2:75:93:07:a8:75:21:25:21:89:
41:fe:18:6c:fe:c5:2d:cc:dc:36:30:a9:07:55:d0:
43:59:e7:33:76:fc:38:cd:77:78:42:e0:ce:bf:ed:
88:8f:22:c5:41:4c:1b:7a:fc:e7:d1:4b:73:c0:d4:
e1:8c:96:5a:e2:23:63:cf:f9:cd:9b:86:f7:c3:9a:
9d:07:02:8d:ec:71:33:d4:76:0e:e8:9e:83:06:d5:
a7:dc:de:9e:ae:41:51:68:19:48:5e:da:62:bf:da:
b5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:47:56:CF:65:42:96:14:FA:E5:56:43:E2:A5:BB:FD:C1:E8:88:FA
X509v3 Authority Key Identifier:
keyid:DA:C3:26:32:AA:91:54:25:3C:6D:CD:23:31:E9:AD:69:20:B6:BD:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sMmMqqRVCU8bc0jMemtaSC2vcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/qEdWz2VClhT65VZD4qW7_cHoiPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/2sMmMqqRVCU8bc0jMemtaSC2vcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.46.57.0/24
IPv6:
2a12:fc0::/44
Signature Algorithm: sha256WithRSAEncryption
a5:c1:a2:20:6b:6a:27:52:c7:48:51:82:d7:55:1b:95:cc:1a:
8b:72:cb:cd:e8:65:66:ee:db:3a:92:1a:4f:34:76:08:b0:e3:
cc:24:6d:14:7b:83:05:51:a8:03:9d:b1:31:0d:c6:74:31:b6:
d1:47:94:e9:eb:68:ea:e6:95:0c:6a:f0:1b:64:3b:af:ee:fa:
5d:ca:88:8d:a7:15:ed:db:8e:97:e2:e5:ef:1b:3e:5f:2e:7b:
31:a8:52:16:e4:dc:63:af:80:72:4a:88:5e:ed:78:50:de:9f:
ad:9e:6f:02:42:ee:6c:1b:92:82:44:b2:d2:e1:e3:54:53:d8:
1c:ce:2c:9e:2f:fa:e3:63:f5:ac:29:e0:3a:98:28:cd:d5:8a:
c8:bb:48:43:22:c6:1f:e1:0b:b1:86:94:51:cf:90:22:88:5b:
c6:e6:30:cc:b0:e6:4b:8a:1b:81:dd:d9:01:e6:1d:0e:28:19:
01:1e:30:c1:e2:56:e4:a2:25:f4:00:cd:93:e7:7d:e6:f2:85:
c0:58:f4:9c:47:e7:f4:e6:7e:8d:ca:23:50:8d:13:51:17:7d:
fc:ed:5c:21:4a:63:a8:d0:08:91:49:af:42:f8:92:52:de:05:
ee:96:b2:32:b1:c9:d8:a6:e1:1e:16:54:66:d5:cb:45:bd:e1:
a0:02:a7:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDtzGeTIP7qnqMdnu/NhP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzMyNjMyYWE5MTU0MjUzYzZkY2QyMzMxZTlhZDY5MjBi
NmJkY2MwHhcNMjQwMTAxMDYzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODQ3NTZjZjY1NDI5NjE0ZmFlNTU2NDNlMmE1YmJmZGMxZTg4OGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo91Sp2AkAowiYqRZxgOdVoqs3b0R
3WHfxELza7bk5Az1f4frT0L4fHFCGQ4trTw8iLFZyo1kOQSdaUCd7JkT8gVNruDs
Fz4xPzueUMFnWosyrT7OGEViHzPeKrb6Z/uFaed5B2bA3s6R0osrizmhoDnJmJXe
VrURVzYFi2KVP9JqWMLRlz2sqpSeetusWE1IgEghIHt1JKqU9aJ1kweodSElIYlB
/hhs/sUtzNw2MKkHVdBDWeczdvw4zXd4QuDOv+2IjyLFQUwbevzn0UtzwNThjJZa
4iNjz/nNm4b3w5qdBwKN7HEz1HYO6J6DBtWn3N6erkFRaBlIXtpiv9q1TQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKhHVs9lQpYU+uVWQ+Klu/3B6Ij6MB8GA1UdIwQY
MBaAFNrDJjKqkVQlPG3NIzHprWkgtr3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNNbU1xcVJWQ1U4YmMwak1lbXRhU0MydmN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi80OTQyNGEtYWE1Zi00YjlmLWE2Mjct
MjQ2NTRlOTQxYzEyLzEvcUVkV3oyVkNsaFQ2NVZaRDRxVzdfY0hvaVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi80OTQyNGEtYWE1Zi00YjlmLWE2MjctMjQ2NTRlOTQxYzEy
LzEvMnNNbU1xcVJWQ1U4YmMwak1lbXRhU0MydmN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1C45MA8E
AgACMAkDBwQqEg/AAAAwDQYJKoZIhvcNAQELBQADggEBAKXBoiBraidSx0hRgtdV
G5XMGotyy83oZWbu2zqSGk80dgiw48wkbRR7gwVRqAOdsTENxnQxttFHlOnraOrm
lQxq8BtkO6/u+l3KiI2nFe3bjpfi5e8bPl8uezGoUhbk3GOvgHJKiF7teFDen62e
bwJC7mwbkoJEstLh41RT2BzOLJ4v+uNj9awp4DqYKM3Visi7SEMixh/hC7GGlFHP
kCKIW8bmMMyw5kuKG4Hd2QHmHQ4oGQEeMMHiVuSiJfQAzZPnfebyhcBY9JxH5/Tm
fo3KI1CNE1EXffztXCFKY6jQCJFJr0L4klLeBe6WsjKxydim4R4WVGbVy0W94aAC
p3E=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:06:26 2025 by rpki-client