Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/1-9r-R49wKobns5WMpHYy2lzs84o.roa
File: 1-9r-R49wKobns5WMpHYy2lzs84o.roa (raw, json)
Hash identifier: 1vb/JCfMii3+8P97fyzrBJZXMja6Gb21bpnF018TDio=
Subject key identifier: FB:DA:FE:47:8F:70:2A:86:E7:B3:95:8C:A4:76:32:DA:5C:EC:F3:8A
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0186D2007EEE02D0F884686C04C8FA787FD4
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/1-9r-R49wKobns5WMpHYy2lzs84o.roa
Signing time: Sat 11 Mar 2023 18:48:13 +0000
ROA not before: Sat 11 Mar 2023 18:48:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 46.34.42.0/23 maxlen: 23
46.34.38.0/23 maxlen: 23
46.34.48.0/24 maxlen: 24
46.34.49.0/24 maxlen: 24
46.34.55.0/24 maxlen: 24
46.34.58.0/23 maxlen: 23
46.34.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Mar 2023 09:43:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d2:00:7e:ee:02:d0:f8:84:68:6c:04:c8:fa:78:7f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Mar 11 18:48:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbdafe478f702a86e7b3958ca47632da5cecf38a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a8:78:cc:d8:10:be:26:a1:a8:6b:fb:d1:ef:
b7:2e:d4:82:98:ef:50:39:fe:65:92:3e:43:83:f9:
e0:1d:6b:c9:19:05:09:46:10:5f:af:09:33:e3:09:
b8:bf:32:cc:64:8f:be:43:c9:8b:80:99:f3:fc:a9:
ac:a5:2b:a4:34:83:de:a5:0a:94:2c:db:ea:72:8d:
14:8a:a7:47:67:47:de:00:0c:49:d6:2e:fd:af:30:
1f:c3:a3:ef:47:10:9c:a6:c3:39:43:ec:3d:61:14:
d2:a0:38:2b:c4:08:90:f6:0b:e1:b2:b8:67:1e:29:
c4:c3:45:68:85:2f:88:ff:7f:cd:5d:0f:af:a5:1b:
97:25:e9:f7:41:0c:84:c7:3f:4f:76:8f:bf:35:dd:
02:cf:9f:a8:82:1d:9d:c7:b6:a2:41:fc:5d:3a:a8:
04:16:ed:9f:21:a8:c6:14:ad:c7:5a:23:f3:27:1f:
3e:15:ac:f4:c8:8d:77:66:1d:1c:18:d6:e3:38:35:
1b:61:a4:84:8f:32:56:16:5a:c1:fb:b2:af:69:93:
c4:f6:88:0c:08:f6:e9:8a:78:e9:56:a7:92:66:05:
a1:01:4e:12:9f:dd:ce:35:b7:6f:81:7c:67:4a:bc:
78:b5:97:2d:db:55:01:39:bf:5f:ec:0b:42:1b:63:
6a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:DA:FE:47:8F:70:2A:86:E7:B3:95:8C:A4:76:32:DA:5C:EC:F3:8A
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/1-9r-R49wKobns5WMpHYy2lzs84o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.38.0/23
46.34.42.0/23
46.34.48.0/23
46.34.54.0/23
46.34.58.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:75:2c:82:59:56:dc:6d:f4:d2:ff:0d:98:7a:0a:24:f4:db:
15:e7:ef:36:c8:89:5f:e9:71:3d:a6:cc:9b:5a:9d:e5:46:bf:
76:f7:8b:3c:20:46:4a:fa:99:7c:10:24:27:0f:20:36:ff:ab:
9a:ff:af:cf:ea:95:ea:dd:54:0a:15:71:23:21:38:92:25:53:
c2:78:8a:8f:01:45:2a:5a:48:91:19:ae:57:61:05:26:11:06:
74:d9:e4:e4:c3:44:84:33:cc:52:5c:99:42:7f:51:50:2f:8b:
20:35:50:49:3e:75:c8:d1:13:a6:40:9b:b2:ee:6d:2e:46:8a:
82:18:05:92:a2:14:3b:1b:a6:c6:88:e4:1f:2c:68:98:ee:66:
87:43:b1:7f:25:cf:f8:2d:f6:c7:66:89:13:c9:c3:28:6a:0f:
19:d1:2e:f4:40:b7:06:11:ff:06:7c:15:6d:72:67:aa:ea:44:
00:df:62:af:b9:06:e0:eb:47:20:11:6f:27:b9:7a:56:3e:c3:
9f:19:5c:2a:0e:85:aa:cd:39:af:08:a7:0e:90:55:8e:6f:7c:
b3:50:1c:a0:dc:d2:a2:bc:35:2d:57:83:55:1e:f4:ad:f9:5b:
0d:21:d9:a8:39:eb:ea:d8:68:d9:ee:9f:f0:2c:b7:ba:b8:43:
90:48:38:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYbSAH7uAtD4hGhsBMj6eH/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwMzExMTg0ODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmRhZmU0NzhmNzAyYTg2ZTdiMzk1OGNhNDc2MzJkYTVjZWNmMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqh4zNgQviahqGv70e+3LtSCmO9Q
Of5lkj5Dg/ngHWvJGQUJRhBfrwkz4wm4vzLMZI++Q8mLgJnz/KmspSukNIPepQqU
LNvqco0UiqdHZ0feAAxJ1i79rzAfw6PvRxCcpsM5Q+w9YRTSoDgrxAiQ9gvhsrhn
HinEw0VohS+I/3/NXQ+vpRuXJen3QQyExz9Pdo+/Nd0Cz5+ogh2dx7aiQfxdOqgE
Fu2fIajGFK3HWiPzJx8+Faz0yI13Zh0cGNbjODUbYaSEjzJWFlrB+7KvaZPE9ogM
CPbpinjpVqeSZgWhAU4Sn93ONbdvgXxnSrx4tZct21UBOb9f7AtCG2NqlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPva/kePcCqG57OVjKR2Mtpc7POKMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvMS05ci1SNDl3S29ibnM1V01wSFl5Mmx6czg0by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTkvZTE3NzE0LTQ2N2ItNDQzMy05YjdkLWE2Yjk5MWY0ZmFm
OC8xL1NrY2MxczVncS0zWFIyS3hBYXBlYjBJSDc4NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAS4iJgME
AS4iKgMEAS4iMAMEAS4iNgMEAS4iOjANBgkqhkiG9w0BAQsFAAOCAQEAOnUsgllW
3G300v8NmHoKJPTbFefvNsiJX+lxPabMm1qd5Ua/dveLPCBGSvqZfBAkJw8gNv+r
mv+vz+qV6t1UChVxIyE4kiVTwniKjwFFKlpIkRmuV2EFJhEGdNnk5MNEhDPMUlyZ
Qn9RUC+LIDVQST51yNETpkCbsu5tLkaKghgFkqIUOxumxojkHyxomO5mh0OxfyXP
+C32x2aJE8nDKGoPGdEu9EC3BhH/BnwVbXJnqupEAN9ir7kG4OtHIBFvJ7l6Vj7D
nxlcKg6Fqs05rwinDpBVjm98s1AcoNzSorw1LVeDVR70rflbDSHZqDnr6tho2e6f
8Cy3urhDkEg49Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org