Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/2Pw3g7juyYo-LothC69boUWx0cA.roa
File: 2Pw3g7juyYo-LothC69boUWx0cA.roa (raw, json)
Hash identifier: BK/ZizacrwNcWjRlKWj/QWETbHyXNGCniwFoZLXh3OQ=
Subject key identifier: D8:FC:37:83:B8:EE:C9:8A:3E:2E:8B:61:0B:AF:5B:A1:45:B1:D1:C0
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0190EE5806F89EA273176179187426021573
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/2Pw3g7juyYo-LothC69boUWx0cA.roa
Signing time: Fri 26 Jul 2024 09:21:04 +0000
ROA not before: Fri 26 Jul 2024 09:21:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.62.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 18:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ee:58:06:f8:9e:a2:73:17:61:79:18:74:26:02:15:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jul 26 09:21:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8fc3783b8eec98a3e2e8b610baf5ba145b1d1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:04:ce:60:d1:a7:6b:c2:81:fd:62:28:c4:af:
ce:aa:e8:90:31:f7:0c:36:cf:13:5e:b0:52:b1:22:
3e:97:a6:da:97:3b:b7:a8:28:d0:62:37:7d:2a:58:
6f:5e:09:2f:f3:83:9b:a6:42:b1:5d:40:b6:fd:76:
94:01:0d:a0:12:a7:f1:b8:11:62:7a:d4:a2:56:ce:
33:ea:ed:d6:9e:db:63:cd:61:0a:c3:35:7c:e5:0b:
62:eb:08:39:18:42:7a:59:ea:cc:4e:82:e3:8a:39:
d2:de:91:dd:9d:3a:e2:88:47:bc:4b:be:26:ea:0c:
7e:26:31:ca:cf:49:69:85:b7:8c:2b:32:85:36:49:
c3:02:45:6b:a4:ca:9b:92:53:2e:6c:0b:3f:11:a3:
4a:a2:76:b6:7b:5b:9d:64:72:2d:d1:bc:52:0a:a1:
7e:a0:ea:7f:6b:ec:21:35:50:97:08:6e:86:7e:e5:
f3:e0:35:1e:42:b2:b1:06:d6:1e:de:a6:bf:26:b5:
db:01:59:f8:a0:38:67:aa:15:f0:56:58:14:ca:e0:
bb:64:d1:4d:c7:ef:85:82:67:df:9d:62:e3:55:69:
40:d1:df:be:71:70:ab:aa:58:f0:1f:f1:ec:f4:38:
6b:7f:af:4d:26:cf:f0:d2:0d:18:16:e3:cd:43:b4:
41:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:FC:37:83:B8:EE:C9:8A:3E:2E:8B:61:0B:AF:5B:A1:45:B1:D1:C0
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/2Pw3g7juyYo-LothC69boUWx0cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.62.0/23
Signature Algorithm: sha256WithRSAEncryption
41:ba:26:08:7d:fd:c7:df:fd:12:29:0e:78:55:b0:0e:97:6e:
25:1e:9a:6e:c3:a1:79:33:cf:58:17:a3:cf:5d:84:ab:b1:8c:
d0:7f:4f:c1:fd:8c:04:a4:0d:71:4b:d4:81:63:bf:9f:5e:55:
21:aa:7b:0d:b8:c8:08:c6:95:f6:84:1c:1b:35:74:c5:ae:75:
dc:76:cb:a9:c5:4e:95:b9:fc:13:f1:db:af:4b:5b:df:93:78:
95:cc:15:6b:89:38:e2:1d:56:9e:d4:fe:c7:2a:f9:9e:bd:7a:
38:ad:3e:e5:e0:13:3c:6e:9e:b6:4d:a4:7e:c2:b8:dc:c9:f5:
ea:4a:e4:fd:ef:70:1f:5c:d1:8b:01:a3:60:da:a4:3d:f7:f8:
37:98:50:63:b8:58:5a:ad:91:ad:7e:2e:80:47:e6:38:a9:80:
b6:56:38:62:eb:f5:e8:3a:af:c6:60:f0:11:a1:c0:c8:97:34:
1a:bc:c3:0f:e3:4a:1a:5f:09:08:ce:1b:00:08:0b:69:ee:61:
f9:47:1c:0e:14:fb:31:0c:d0:99:81:6e:c3:69:19:7a:7f:a0:
3c:18:c8:51:37:a6:e9:24:36:ad:aa:13:12:4d:f2:59:7b:17:
f8:19:21:aa:2a:a2:f9:74:23:60:7c:55:32:76:03:25:1c:72:
17:c9:fb:ee
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZDuWAb4nqJzF2F5GHQmAhVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjQwNzI2MDkyMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGZjMzc4M2I4ZWVjOThhM2UyZThiNjEwYmFmNWJhMTQ1YjFkMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gTOYNGna8KB/WIoxK/OquiQMfcM
Ns8TXrBSsSI+l6balzu3qCjQYjd9KlhvXgkv84ObpkKxXUC2/XaUAQ2gEqfxuBFi
etSiVs4z6u3WnttjzWEKwzV85Qti6wg5GEJ6WerMToLjijnS3pHdnTriiEe8S74m
6gx+JjHKz0lphbeMKzKFNknDAkVrpMqbklMubAs/EaNKona2e1udZHIt0bxSCqF+
oOp/a+whNVCXCG6GfuXz4DUeQrKxBtYe3qa/JrXbAVn4oDhnqhXwVlgUyuC7ZNFN
x++FgmffnWLjVWlA0d++cXCrqljwH/Hs9Dhrf69NJs/w0g0YFuPNQ7RBowIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNj8N4O47smKPi6LYQuvW6FFsdHAMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvMlB3M2c3anV5WW8tTG90aEM2OWJvVVd4MGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAEuIj4wDQYJKoZIhvcNAQELBQADggEBAEG6Jgh9/cff/RIp
DnhVsA6XbiUemm7DoXkzz1gXo89dhKuxjNB/T8H9jASkDXFL1IFjv59eVSGqew24
yAjGlfaEHBs1dMWuddx2y6nFTpW5/BPx269LW9+TeJXMFWuJOOIdVp7U/scq+Z69
ejitPuXgEzxunrZNpH7CuNzJ9epK5P3vcB9c0YsBo2DapD33+DeYUGO4WFqtka1+
LoBH5jipgLZWOGLr9eg6r8Zg8BGhwMiXNBq8ww/jShpfCQjOGwAIC2nuYflHHA4U
+zEM0JmBbsNpGXp/oDwYyFE3pukkNq2qExJN8ll7F/gZIaoqovl0I2B8VTJ2AyUc
chfJ++4=
-----END CERTIFICATE-----
Generated at Mon Jul 29 21:54:47 2024 by rpki-client on console-ams.rpki-client.org