Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/1-leBvUScuvwVqQ3d1ptFR5PRvzU.roa
File: 1-leBvUScuvwVqQ3d1ptFR5PRvzU.roa (raw, json)
Hash identifier: BhZmRM3rrKVJqfzZ2Za3T/qn5uBkqMMcZSoSWdn4DEw=
Subject key identifier: FA:57:81:BD:44:9C:BA:FC:15:A9:0D:DD:D6:9B:45:47:93:D1:BF:35
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018CCF4E0DCE706B3939BF11B78D83B502CC
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/1-leBvUScuvwVqQ3d1ptFR5PRvzU.roa
Signing time: Wed 03 Jan 2024 12:30:48 +0000
ROA not before: Wed 03 Jan 2024 12:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
46.34.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jan 2024 09:33:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:4e:0d:ce:70:6b:39:39:bf:11:b7:8d:83:b5:02:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jan 3 12:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa5781bd449cbafc15a90dddd69b454793d1bf35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:83:0a:80:4b:67:57:e2:bf:05:7b:4a:52:09:
48:a7:30:29:34:f1:b3:73:a2:0a:b2:83:d0:e5:f8:
63:36:84:ad:9a:db:8c:38:f8:16:4a:c9:bf:ca:48:
e9:3a:ed:4f:49:bd:3f:5d:aa:3c:05:0a:8d:52:db:
64:a5:41:32:7d:6c:14:76:bc:66:89:0d:59:11:95:
e2:22:5f:8d:e5:c7:e5:41:6a:52:12:28:be:ce:dc:
48:8a:42:0c:bf:1e:65:3e:6f:24:57:9d:fe:32:86:
30:c5:0e:9b:29:ab:a8:09:07:4b:10:32:a5:9a:2e:
90:83:32:f9:da:9e:d1:49:42:30:e1:37:40:c3:73:
06:c0:3f:dd:d1:97:ec:18:93:6f:bc:91:4e:53:41:
12:b0:03:7d:02:ac:d8:81:84:0b:d7:0d:3a:3c:6d:
98:2a:96:59:03:6f:1c:91:c2:85:01:20:26:cc:d3:
f6:cb:30:f7:67:44:16:4c:3a:27:77:11:e2:90:3e:
37:65:a3:9d:9a:27:d8:c5:9d:6a:12:d2:06:5b:d7:
13:9f:44:27:00:23:1f:f6:dc:d6:94:af:a3:c0:fd:
e3:90:44:cd:5b:fa:9f:a3:02:2b:c3:82:52:5e:0e:
a7:0c:8b:bd:9d:cb:0b:02:2f:21:ba:50:d0:45:df:
fd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:57:81:BD:44:9C:BA:FC:15:A9:0D:DD:D6:9B:45:47:93:D1:BF:35
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/1-leBvUScuvwVqQ3d1ptFR5PRvzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.59.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
46:1d:d6:ad:9c:09:9f:ba:05:c6:eb:aa:b7:19:68:be:56:fa:
9d:48:ce:44:1c:ba:99:07:2d:a6:d2:d0:1a:5e:3a:24:c6:c8:
8d:d6:67:af:38:a6:b7:e6:c8:fc:6a:d3:71:9f:fd:2a:86:b2:
36:8a:bf:26:de:1f:c6:1e:25:39:24:45:f4:2b:39:89:73:e1:
16:0b:50:50:91:e6:0d:39:27:ec:5c:7e:2a:08:bd:f9:15:d2:
c6:25:d3:e8:ce:8f:31:03:fd:86:83:41:7c:c7:4c:e6:b6:50:
5f:00:12:a0:33:60:ec:ea:f6:de:fb:a4:33:86:49:6d:bd:d2:
41:ef:e4:f9:e0:18:46:14:8e:88:08:3c:68:d9:9c:61:90:ed:
b7:d1:5b:8e:c3:cb:75:3b:12:9a:f7:5c:cf:6d:32:ad:d6:16:
13:c0:67:a9:9a:5f:6c:f5:27:e6:77:91:97:62:03:1c:9c:a8:
91:d1:74:f7:a2:04:92:7d:55:8d:8b:8e:41:39:d5:91:86:f8:
3d:2b:a4:fb:6d:8c:22:af:e0:42:8e:e2:f3:ab:1c:73:64:4f:
ac:f0:46:51:d7:d5:e8:b6:b1:f0:f9:e1:fa:f4:df:25:9e:32:
6a:4a:26:20:a7:be:19:98:4a:5e:1b:4d:a2:db:bd:1f:43:05:
61:e9:c8:a4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzPTg3OcGs5Ob8Rt42DtQLMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjQwMTAzMTIzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTU3ODFiZDQ0OWNiYWZjMTVhOTBkZGRkNjliNDU0NzkzZDFiZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIMKgEtnV+K/BXtKUglIpzApNPGz
c6IKsoPQ5fhjNoStmtuMOPgWSsm/ykjpOu1PSb0/Xao8BQqNUttkpUEyfWwUdrxm
iQ1ZEZXiIl+N5cflQWpSEii+ztxIikIMvx5lPm8kV53+MoYwxQ6bKauoCQdLEDKl
mi6QgzL52p7RSUIw4TdAw3MGwD/d0ZfsGJNvvJFOU0ESsAN9AqzYgYQL1w06PG2Y
KpZZA28ckcKFASAmzNP2yzD3Z0QWTDondxHikD43ZaOdmifYxZ1qEtIGW9cTn0Qn
ACMf9tzWlK+jwP3jkETNW/qfowIrw4JSXg6nDIu9ncsLAi8hulDQRd/9lwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPpXgb1EnLr8FakN3dabRUeT0b81MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvMS1sZUJ2VVNjdXZ3VnFRM2QxcHRGUjVQUnZ6VS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTkvZTE3NzE0LTQ2N2ItNDQzMy05YjdkLWE2Yjk5MWY0ZmFm
OC8xL1NrY2MxczVncS0zWFIyS3hBYXBlYjBJSDc4NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQFLiIg
AwQALiIkAwQALiIoAwQALiI7AwQALiI/MA0GCSqGSIb3DQEBCwUAA4IBAQBGHdat
nAmfugXG66q3GWi+VvqdSM5EHLqZBy2m0tAaXjokxsiN1mevOKa35sj8atNxn/0q
hrI2ir8m3h/GHiU5JEX0KzmJc+EWC1BQkeYNOSfsXH4qCL35FdLGJdPozo8xA/2G
g0F8x0zmtlBfABKgM2Ds6vbe+6QzhkltvdJB7+T54BhGFI6ICDxo2ZxhkO230VuO
w8t1OxKa91zPbTKt1hYTwGepml9s9Sfmd5GXYgMcnKiR0XT3ogSSfVWNi45BOdWR
hvg9K6T7bYwir+BCjuLzqxxzZE+s8EZR19XotrHw+eH69N8lnjJqSiYgp74ZmEpe
G02i270fQwVh6cik
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org