Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/2BDrKuG8ODWvPLNFE__ipGi6q_s.roa
File: 2BDrKuG8ODWvPLNFE__ipGi6q_s.roa (raw, json)
Hash identifier: DFSpTCCR1CLs4OkJ3E9bR7tD7LnJYyT2DWSdL1ieZxc=
Subject key identifier: D8:10:EB:2A:E1:BC:38:35:AF:3C:B3:45:13:FF:E2:A4:68:BA:AB:FB
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 0194D505FD5295B84E65C07BD34FC6F0DBED
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/2BDrKuG8ODWvPLNFE__ipGi6q_s.roa
Signing time: Wed 05 Feb 2025 07:32:06 +0000
ROA not before: Wed 05 Feb 2025 07:32:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Feb 2025 13:29:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:05:fd:52:95:b8:4e:65:c0:7b:d3:4f:c6:f0:db:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Feb 5 07:32:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d810eb2ae1bc3835af3cb34513ffe2a468baabfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2d:57:c7:64:1f:a4:2e:34:3a:5a:69:b2:6f:
b0:1a:fd:47:d0:ee:1e:98:77:9f:00:95:8e:1f:c3:
e8:0a:58:b9:dd:f3:b9:53:f6:ca:aa:ac:c1:99:ed:
e3:3f:76:14:76:df:78:df:8d:ba:a4:8f:83:f5:78:
71:3e:31:b5:c4:e5:06:d2:d0:79:d9:63:5e:47:7c:
52:4c:a2:e3:5a:d9:e9:94:d8:64:bc:ac:17:57:f7:
54:64:62:dc:fa:2a:c7:16:da:21:56:27:76:20:18:
76:1a:94:b5:de:8d:14:be:dc:74:24:e8:1f:2c:ff:
00:7a:16:4b:91:9f:76:b8:e4:51:d5:93:4a:0e:95:
d1:ad:c7:01:2e:10:67:ff:f5:e2:9e:93:87:63:f6:
76:d7:a9:70:84:06:ca:23:f4:b6:a2:bd:1f:bd:63:
5d:ef:01:42:4b:c4:d7:af:b5:61:84:c4:ba:a7:51:
1f:56:8c:b2:ac:c9:17:27:5b:1d:a9:c5:32:43:e1:
3c:d9:47:52:4c:fc:cb:2e:a0:4c:88:2f:a0:e1:0b:
75:38:28:90:dc:31:d7:35:68:38:69:15:84:ae:98:
36:61:5e:76:a0:69:a5:9c:1a:86:f4:e0:79:be:8d:
f8:e4:0f:f9:2d:29:06:f2:49:bf:e3:e6:84:5e:e3:
81:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:10:EB:2A:E1:BC:38:35:AF:3C:B3:45:13:FF:E2:A4:68:BA:AB:FB
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/2BDrKuG8ODWvPLNFE__ipGi6q_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
46.37.123.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:60:a7:f3:0a:39:1e:8a:bc:39:93:07:75:01:e3:4f:ef:3f:
83:e0:26:b8:d3:51:d9:73:eb:2b:4f:7f:83:55:e5:94:4c:43:
28:5f:0c:0a:6a:65:45:ee:19:8b:79:9d:b0:33:63:f5:60:8e:
dd:18:13:e3:5b:46:b7:cd:04:0a:a6:f3:86:2b:71:cf:11:12:
85:f3:27:16:44:49:0f:cc:56:fe:2f:a4:b5:5b:1b:7e:2c:bb:
e3:07:7b:85:81:48:f5:d1:71:f2:37:a6:95:08:3d:79:ff:6e:
e1:90:1b:f1:75:15:3e:ee:05:44:20:30:f2:97:4b:76:20:0b:
d7:14:73:85:08:b2:d1:d3:3a:a2:c7:fe:cb:49:dd:40:c8:5c:
d7:06:c3:ea:9b:0d:95:09:a7:43:64:e7:e2:8f:28:d1:eb:a5:
e1:b7:ac:05:7c:51:84:4f:ed:d4:a3:ad:38:52:84:92:ae:30:
2b:2c:da:85:88:dc:c7:85:f1:c5:db:c6:b3:0d:6d:09:e0:e5:
85:18:d4:40:7e:f6:0a:7e:3f:6a:51:21:c2:be:52:09:ed:cd:
3e:2e:62:f7:fa:f2:32:d6:67:b2:1d:a9:5b:52:9e:be:c0:3f:
c6:a1:f8:f9:9e:fa:e6:82:e6:c9:e1:2a:ec:2c:c3:75:de:39:
b5:7c:ed:95
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZTVBf1SlbhOZcB700/G8NvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjUwMjA1MDczMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODEwZWIyYWUxYmMzODM1YWYzY2IzNDUxM2ZmZTJhNDY4YmFhYmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyi1Xx2QfpC40Olppsm+wGv1H0O4e
mHefAJWOH8PoCli53fO5U/bKqqzBme3jP3YUdt943426pI+D9XhxPjG1xOUG0tB5
2WNeR3xSTKLjWtnplNhkvKwXV/dUZGLc+irHFtohVid2IBh2GpS13o0Uvtx0JOgf
LP8AehZLkZ92uORR1ZNKDpXRrccBLhBn//XinpOHY/Z216lwhAbKI/S2or0fvWNd
7wFCS8TXr7VhhMS6p1EfVoyyrMkXJ1sdqcUyQ+E82UdSTPzLLqBMiC+g4Qt1OCiQ
3DHXNWg4aRWErpg2YV52oGmlnBqG9OB5vo345A/5LSkG8km/4+aEXuOBWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNgQ6yrhvDg1rzyzRRP/4qRouqv7MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvMkJEckt1RzhPRFd2UExORkVfX2lwR2k2cV9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiViAwQA
LiVxAwQALiV7MA0GCSqGSIb3DQEBCwUAA4IBAQCNYKfzCjkeirw5kwd1AeNP7z+D
4Ca401HZc+srT3+DVeWUTEMoXwwKamVF7hmLeZ2wM2P1YI7dGBPjW0a3zQQKpvOG
K3HPERKF8ycWREkPzFb+L6S1Wxt+LLvjB3uFgUj10XHyN6aVCD15/27hkBvxdRU+
7gVEIDDyl0t2IAvXFHOFCLLR0zqix/7LSd1AyFzXBsPqmw2VCadDZOfijyjR66Xh
t6wFfFGET+3Uo604UoSSrjArLNqFiNzHhfHF28azDW0J4OWFGNRAfvYKfj9qUSHC
vlIJ7c0+LmL3+vIy1meyHalbUp6+wD/Gofj5nvrmgubJ4SrsLMN13jm1fO2V
-----END CERTIFICATE-----
Generated at Mon Apr 28 18:42:51 2025 by rpki-client