Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/4q9rQyTF1jJlCOj3uQk-wXAqsZ8.roa
File: 4q9rQyTF1jJlCOj3uQk-wXAqsZ8.roa (raw, json)
Hash identifier: aC8EiWqSBaYEuTdKce5OcfbwhqBWEIe+jt6H/4tTV7M=
Subject key identifier: E2:AF:6B:43:24:C5:D6:32:65:08:E8:F7:B9:09:3E:C1:70:2A:B1:9F
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018CD3D25ECED1462559996D3D128DE683C2
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/4q9rQyTF1jJlCOj3uQk-wXAqsZ8.roa
Signing time: Thu 04 Jan 2024 09:33:48 +0000
ROA not before: Thu 04 Jan 2024 09:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 10:17:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d3:d2:5e:ce:d1:46:25:59:99:6d:3d:12:8d:e6:83:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jan 4 09:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2af6b4324c5d6326508e8f7b9093ec1702ab19f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:20:84:3a:b5:5b:d7:c7:37:e3:ff:18:49:b0:
f9:f2:be:c6:82:35:83:e4:8d:dd:ea:3c:f3:71:cc:
ee:2d:02:21:48:ed:78:4a:f7:da:47:5f:14:49:8d:
f5:68:6b:f7:e6:96:82:90:ef:d7:1e:e4:b2:d2:e6:
fc:1c:82:10:28:be:25:9a:ad:1b:06:8c:fc:1b:e9:
ed:cb:17:d3:1a:b2:35:4c:a6:bf:0e:a4:7a:25:ae:
3f:13:5e:4e:91:eb:c2:b4:bd:dc:4f:40:6a:07:df:
6a:ca:89:53:fa:c7:7a:1b:12:92:13:6f:85:3c:dd:
d0:97:7c:a0:30:f2:59:72:fe:d1:86:2b:fe:10:ec:
7a:d7:88:7f:fc:9e:6f:7d:5b:51:dc:03:ab:53:cd:
ad:da:7c:38:09:29:68:14:d8:f2:a7:7f:ac:43:a8:
dc:ec:2a:10:4a:d8:3d:85:d3:e4:0a:0a:01:5b:30:
fc:c6:33:3f:e7:05:ec:2a:57:b7:59:38:96:fd:6c:
fb:7c:3f:cb:b7:d5:fd:df:e8:57:78:f2:1f:60:7d:
99:20:9e:fe:a0:3d:76:e3:22:ba:6d:25:6a:b2:de:
ea:31:89:bc:d7:99:e4:7a:93:3c:72:f8:e8:44:84:
c3:d6:60:ac:c9:1d:21:ae:e7:b0:d5:79:cf:9a:4c:
0f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:AF:6B:43:24:C5:D6:32:65:08:E8:F7:B9:09:3E:C1:70:2A:B1:9F
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/4q9rQyTF1jJlCOj3uQk-wXAqsZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:0a:b9:c0:20:e3:f1:8b:05:8f:60:73:5c:dd:55:01:ad:c1:
c0:c3:44:ef:7a:76:ad:25:1d:fe:f0:6c:ff:f3:59:14:a1:e6:
79:7b:8e:ec:1a:33:05:9d:95:61:b9:fc:6a:42:86:4d:69:c7:
b1:8a:76:25:5c:b1:d3:22:cc:44:84:1f:94:fd:6d:b7:b3:87:
1d:02:99:f6:b9:63:f7:33:00:56:f8:ef:0e:4d:0f:8d:db:0e:
a5:fe:41:e2:b8:e2:fd:78:e8:60:6e:ad:01:01:c6:28:b0:ec:
3c:05:32:69:91:6f:e5:ec:5f:12:aa:4c:65:b6:ac:d6:22:f0:
42:68:02:1b:bf:8a:e5:d9:45:5f:e7:14:c4:c8:bf:7b:02:74:
16:3b:aa:8a:f2:4a:d5:78:77:a2:55:be:95:b6:b5:26:07:92:
cf:99:7c:15:d4:4e:d0:8a:de:21:52:b3:42:a4:40:46:b3:c0:
b8:43:db:00:41:32:8e:24:a1:bb:0e:8e:21:6e:28:4d:5d:85:
44:ce:9e:21:9b:d7:c6:0d:fd:8d:09:e9:d6:8f:fa:9d:59:12:
39:5a:a9:07:4d:be:d7:30:f1:1f:64:a4:5a:29:0b:ce:2c:b3:
4e:3b:40:29:9b:a5:09:21:a4:54:78:ec:1f:7c:e9:50:de:81:
1b:86:c4:21
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzT0l7O0UYlWZltPRKN5oPCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjQwMTA0MDkzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmFmNmI0MzI0YzVkNjMyNjUwOGU4ZjdiOTA5M2VjMTcwMmFiMTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSCEOrVb18c34/8YSbD58r7GgjWD
5I3d6jzzcczuLQIhSO14SvfaR18USY31aGv35paCkO/XHuSy0ub8HIIQKL4lmq0b
Boz8G+ntyxfTGrI1TKa/DqR6Ja4/E15OkevCtL3cT0BqB99qyolT+sd6GxKSE2+F
PN3Ql3ygMPJZcv7Rhiv+EOx614h//J5vfVtR3AOrU82t2nw4CSloFNjyp3+sQ6jc
7CoQStg9hdPkCgoBWzD8xjM/5wXsKle3WTiW/Wz7fD/Lt9X93+hXePIfYH2ZIJ7+
oD124yK6bSVqst7qMYm815nkepM8cvjoRITD1mCsyR0hruew1XnPmkwPkQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOKva0MkxdYyZQjo97kJPsFwKrGfMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvNHE5clF5VEYxakpsQ09qM3VRay13WEFxc1o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBAAoKucAg4/GLBY9g
c1zdVQGtwcDDRO96dq0lHf7wbP/zWRSh5nl7juwaMwWdlWG5/GpChk1px7GKdiVc
sdMizESEH5T9bbezhx0Cmfa5Y/czAFb47w5ND43bDqX+QeK44v146GBurQEBxiiw
7DwFMmmRb+XsXxKqTGW2rNYi8EJoAhu/iuXZRV/nFMTIv3sCdBY7qoryStV4d6JV
vpW2tSYHks+ZfBXUTtCK3iFSs0KkQEazwLhD2wBBMo4kobsOjiFuKE1dhUTOniGb
18YN/Y0J6daP+p1ZEjlaqQdNvtcw8R9kpFopC84ss047QCmbpQkhpFR47B986VDe
gRuGxCE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org