Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/5dsxzfjmp7N63J55K3ER9uoF_tA.roa
File: 5dsxzfjmp7N63J55K3ER9uoF_tA.roa (raw, json)
Hash identifier: 2PBMvP93azq5CUn1Ae9u3wLu+C9bah7VnWAEUFbxkxc=
Subject key identifier: E5:DB:31:CD:F8:E6:A7:B3:7A:DC:9E:79:2B:71:11:F6:EA:05:FE:D0
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018CC9BBF40A07A6FA18CB751976C4B8C226
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/5dsxzfjmp7N63J55K3ER9uoF_tA.roa
Signing time: Tue 02 Jan 2024 10:33:07 +0000
ROA not before: Tue 02 Jan 2024 10:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54339
IP address blocks: 46.34.38.0/24 maxlen: 24
46.34.42.0/23 maxlen: 23
46.34.49.0/24 maxlen: 24
46.34.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Apr 2024 06:07:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:f4:0a:07:a6:fa:18:cb:75:19:76:c4:b8:c2:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jan 2 10:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5db31cdf8e6a7b37adc9e792b7111f6ea05fed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1f:1f:11:1a:91:e8:fb:51:e1:43:7a:83:14:
27:91:f5:e8:52:29:ef:66:2f:9b:43:15:e7:e8:70:
f5:f8:23:66:c6:2c:76:93:2d:60:49:38:8f:52:9a:
aa:ed:8a:4d:c0:b9:57:3e:1d:71:3d:0a:83:78:71:
c9:52:dc:a4:e5:a1:5e:83:bb:19:b6:a4:4a:c6:38:
37:04:5d:81:ec:17:4c:00:3b:ef:f2:68:09:17:33:
b3:09:24:6d:7f:dc:fd:f0:8f:40:48:c9:f0:26:7f:
03:1c:c7:ac:3b:dc:3e:6f:f2:43:b6:c6:50:7d:52:
6a:ea:0f:5e:e6:5e:f7:64:c1:08:c7:68:4f:c3:b8:
74:1b:38:aa:c4:68:b3:4d:53:87:98:83:85:e6:d2:
a3:75:24:8d:c2:3e:e6:15:cf:70:dd:c7:df:71:6b:
81:c0:39:66:56:5a:9d:3a:b7:63:02:8f:cd:f2:0d:
a4:9d:f6:08:7d:75:bd:01:b3:cf:7d:82:22:10:91:
a1:30:79:e9:b0:55:c4:b9:1a:d0:99:44:0d:aa:68:
1c:b6:92:d1:4e:ab:5f:21:93:38:28:6c:47:1a:7d:
33:f6:02:f7:0e:fc:89:c3:77:38:de:3a:7f:f4:b4:
56:eb:49:c6:1a:88:22:95:fe:7e:c2:19:4a:ee:f8:
f0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:DB:31:CD:F8:E6:A7:B3:7A:DC:9E:79:2B:71:11:F6:EA:05:FE:D0
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/5dsxzfjmp7N63J55K3ER9uoF_tA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.38.0/24
46.34.42.0/23
46.34.49.0/24
46.34.55.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:a6:8e:4c:a1:d0:07:c4:97:84:71:13:1d:35:e9:3b:eb:0a:
32:05:f6:39:8a:44:2a:78:f4:2d:b0:e2:64:68:d1:cf:c8:58:
08:38:fd:42:18:ac:0f:87:23:30:2c:67:21:66:b1:d4:16:ce:
a6:f2:d5:d0:bf:89:02:af:1b:64:fd:ed:bb:cc:b0:d0:b0:5e:
77:26:06:02:67:cf:b1:b7:db:5d:9a:eb:90:59:c9:ee:8b:af:
a0:63:47:b8:5b:95:5e:7f:92:15:ab:f9:5d:0d:17:1e:ea:c2:
2f:c7:dd:be:da:df:cd:26:1b:fb:cf:96:b0:3f:3b:b1:d0:c5:
48:28:1c:b6:5a:7d:32:11:d4:6f:55:48:06:99:08:e3:15:76:
26:e0:08:b0:5b:3e:3a:d9:f4:08:29:9a:9d:07:ed:36:2f:37:
11:2f:be:52:72:d5:2c:60:2e:57:61:b4:a0:ad:8f:88:7e:0a:
e6:17:ea:5e:ce:27:a2:b2:3d:89:bd:02:34:6c:ce:b1:d7:79:
40:a3:a0:4d:34:ce:10:e2:8a:cf:5c:82:bb:c1:27:89:df:3f:
8c:73:5d:89:46:8f:c4:3e:26:35:80:52:b3:da:b9:6a:4c:21:
72:7e:73:96:5f:71:6d:61:33:e7:f4:6d:30:d4:72:d8:0b:b4:
7a:11:d1:ab
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJu/QKB6b6GMt1GXbEuMImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjQwMTAyMTAzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWRiMzFjZGY4ZTZhN2IzN2FkYzllNzkyYjcxMTFmNmVhMDVmZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh8fERqR6PtR4UN6gxQnkfXoUinv
Zi+bQxXn6HD1+CNmxix2ky1gSTiPUpqq7YpNwLlXPh1xPQqDeHHJUtyk5aFeg7sZ
tqRKxjg3BF2B7BdMADvv8mgJFzOzCSRtf9z98I9ASMnwJn8DHMesO9w+b/JDtsZQ
fVJq6g9e5l73ZMEIx2hPw7h0GziqxGizTVOHmIOF5tKjdSSNwj7mFc9w3cffcWuB
wDlmVlqdOrdjAo/N8g2knfYIfXW9AbPPfYIiEJGhMHnpsFXEuRrQmUQNqmgctpLR
TqtfIZM4KGxHGn0z9gL3DvyJw3c43jp/9LRW60nGGogilf5+whlK7vjwEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOXbMc345qezetyeeStxEfbqBf7QMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvNWRzeHpmam1wN042M0o1NUszRVI5dW9GX3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALiImAwQB
LiIqAwQALiIxAwQALiI3MA0GCSqGSIb3DQEBCwUAA4IBAQA6po5ModAHxJeEcRMd
Nek76woyBfY5ikQqePQtsOJkaNHPyFgIOP1CGKwPhyMwLGchZrHUFs6m8tXQv4kC
rxtk/e27zLDQsF53JgYCZ8+xt9tdmuuQWcnui6+gY0e4W5Vef5IVq/ldDRce6sIv
x92+2t/NJhv7z5awPzux0MVIKBy2Wn0yEdRvVUgGmQjjFXYm4AiwWz462fQIKZqd
B+02LzcRL75SctUsYC5XYbSgrY+IfgrmF+pezieisj2JvQI0bM6x13lAo6BNNM4Q
4orPXIK7wSeJ3z+Mc12JRo/EPiY1gFKz2rlqTCFyfnOWX3FtYTPn9G0w1HLYC7R6
EdGr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org