Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/1-OMtWAsfTWUIKNOcRl2gsJzldbY.roa
File: 1-OMtWAsfTWUIKNOcRl2gsJzldbY.roa (raw, json)
Hash identifier: ZLWYAWkf2cfRC+d4r2eHHOoYzgDObE5FAh8X9TKF8GA=
Subject key identifier: F8:E3:2D:58:0B:1F:4D:65:08:28:D3:9C:46:5D:A0:B0:9C:E5:75:B6
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018C0FF6308272634F46C5B704CB530FFC1E
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/1-OMtWAsfTWUIKNOcRl2gsJzldbY.roa
Signing time: Mon 27 Nov 2023 08:47:21 +0000
ROA not before: Mon 27 Nov 2023 08:47:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
46.34.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Dec 2023 09:24:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0f:f6:30:82:72:63:4f:46:c5:b7:04:cb:53:0f:fc:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Nov 27 08:47:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8e32d580b1f4d650828d39c465da0b09ce575b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ba:b5:34:87:63:84:f7:c0:4c:a3:20:22:94:
6b:db:9d:72:5f:e4:54:a4:e7:49:86:8e:7a:9c:04:
bd:c5:43:43:36:27:6c:b4:c9:3a:9d:07:7b:00:4f:
51:a3:51:94:66:4b:11:f3:25:c1:f2:7d:57:21:74:
cc:9c:ba:b1:ae:4f:dd:43:23:69:23:40:b6:97:51:
17:ed:34:87:8d:1e:52:73:5c:19:c3:0f:85:f1:01:
f2:d0:44:29:5b:f8:e7:9f:ff:fb:00:aa:50:fa:cd:
eb:9c:01:78:f7:bb:57:4d:8a:c2:f8:e7:2f:9d:e4:
c4:9a:7c:05:43:85:19:07:52:49:17:d2:76:90:b7:
8b:f1:bb:99:8e:9b:36:c0:03:f6:b7:5b:bf:4c:ae:
28:74:de:6f:6b:1d:b3:bb:96:61:f0:5d:39:4c:9d:
84:d1:18:71:9f:01:64:e1:89:71:06:9d:08:d3:7c:
7a:29:31:8f:03:51:b5:ba:f7:ec:ba:ac:d1:c8:08:
aa:63:b1:bf:2f:11:56:ca:c8:08:9f:3f:29:cf:10:
68:34:2a:d3:64:1b:a5:38:39:21:01:85:c3:8e:01:
d1:94:c5:16:f5:2f:d4:cc:36:94:11:f8:8e:49:f8:
7d:80:f4:16:97:b1:6b:d5:27:f4:4e:2c:3f:af:27:
a4:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E3:2D:58:0B:1F:4D:65:08:28:D3:9C:46:5D:A0:B0:9C:E5:75:B6
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/1-OMtWAsfTWUIKNOcRl2gsJzldbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.62.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:95:e8:0b:39:e3:0a:68:9c:d1:c2:88:2a:d5:6a:3f:c3:75:
18:6d:3e:16:ba:83:9e:4c:59:72:65:4b:09:d7:32:88:aa:88:
58:6f:9f:70:80:5a:c6:5a:45:3c:1a:6a:43:48:ca:48:85:9a:
ce:c7:19:36:57:63:85:80:0c:44:da:56:69:8c:f4:d6:c5:78:
c2:01:8f:f7:15:a1:7e:8c:e5:c9:9d:44:c1:97:c2:34:7b:8c:
b4:35:f0:3d:02:ea:14:ec:dd:0a:47:69:d8:4b:26:1c:3d:5c:
78:85:be:8e:72:9d:aa:96:72:ad:e0:21:bb:ed:cc:8c:36:83:
d4:66:77:98:5f:1b:5f:bc:f7:5e:0d:5e:88:f5:5b:80:cb:cc:
79:60:39:77:59:15:c9:6f:fb:b0:17:5f:6f:1f:59:23:dd:3e:
57:8c:ba:ff:0d:75:36:fb:70:5c:e9:a9:ec:38:dd:4f:00:33:
b5:b8:f0:8a:26:db:af:48:fd:c5:25:0b:5a:80:d1:75:41:23:
8e:b8:a8:98:fc:dc:69:45:43:31:05:f2:90:3e:95:84:61:69:
1a:66:9f:03:66:5a:b3:c0:23:8c:c4:9d:33:c6:c6:92:52:e1:
ae:78:76:48:7f:cb:22:29:eb:c3:68:59:bd:b1:5b:d2:7f:d2:
d1:a3:2d:c2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYwP9jCCcmNPRsW3BMtTD/weMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMxMTI3MDg0NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGUzMmQ1ODBiMWY0ZDY1MDgyOGQzOWM0NjVkYTBiMDljZTU3NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7q1NIdjhPfATKMgIpRr251yX+RU
pOdJho56nAS9xUNDNidstMk6nQd7AE9Ro1GUZksR8yXB8n1XIXTMnLqxrk/dQyNp
I0C2l1EX7TSHjR5Sc1wZww+F8QHy0EQpW/jnn//7AKpQ+s3rnAF497tXTYrC+Ocv
neTEmnwFQ4UZB1JJF9J2kLeL8buZjps2wAP2t1u/TK4odN5vax2zu5Zh8F05TJ2E
0RhxnwFk4YlxBp0I03x6KTGPA1G1uvfsuqzRyAiqY7G/LxFWysgInz8pzxBoNCrT
ZBulODkhAYXDjgHRlMUW9S/UzDaUEfiOSfh9gPQWl7Fr1Sf0Tiw/ryek9wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPjjLVgLH01lCCjTnEZdoLCc5XW2MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvMS1PTXRXQXNmVFdVSUtOT2NSbDJnc0p6bGRiWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTkvZTE3NzE0LTQ2N2ItNDQzMy05YjdkLWE2Yjk5MWY0ZmFm
OC8xL1NrY2MxczVncS0zWFIyS3hBYXBlYjBJSDc4NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQFLiIg
AwQALiIkAwQALiIoAwQBLiI+MA0GCSqGSIb3DQEBCwUAA4IBAQAelegLOeMKaJzR
wogq1Wo/w3UYbT4WuoOeTFlyZUsJ1zKIqohYb59wgFrGWkU8GmpDSMpIhZrOxxk2
V2OFgAxE2lZpjPTWxXjCAY/3FaF+jOXJnUTBl8I0e4y0NfA9AuoU7N0KR2nYSyYc
PVx4hb6Ocp2qlnKt4CG77cyMNoPUZneYXxtfvPdeDV6I9VuAy8x5YDl3WRXJb/uw
F19vH1kj3T5XjLr/DXU2+3Bc6ansON1PADO1uPCKJtuvSP3FJQtagNF1QSOOuKiY
/NxpRUMxBfKQPpWEYWkaZp8DZlqzwCOMxJ0zxsaSUuGueHZIf8siKevDaFm9sVvS
f9LRoy3C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org