Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/69idNQsAYlCZ2lSh7q-EA4wBuFA.roa
File: 69idNQsAYlCZ2lSh7q-EA4wBuFA.roa (raw, json)
Hash identifier: L2GqHqs89wNXLaHb5mEkKEvu/X1ph2AQ5D+VAReb4Tk=
Subject key identifier: EB:D8:9D:35:0B:00:62:50:99:DA:54:A1:EE:AF:84:03:8C:01:B8:50
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018A227753A7552C70682327031F23628314
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/69idNQsAYlCZ2lSh7q-EA4wBuFA.roa
Signing time: Wed 23 Aug 2023 12:56:00 +0000
ROA not before: Wed 23 Aug 2023 12:56:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.39.0/24 maxlen: 24
46.34.42.0/24 maxlen: 24
46.34.43.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Aug 2023 19:47:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:22:77:53:a7:55:2c:70:68:23:27:03:1f:23:62:83:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Aug 23 12:56:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebd89d350b00625099da54a1eeaf84038c01b850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:5a:30:46:82:f1:d2:55:ae:bc:ac:6b:32:ba:
37:b8:8d:04:e0:2d:8a:20:d7:55:cb:70:73:47:9a:
9e:de:25:06:97:1e:15:7b:4a:cc:c7:16:17:a4:c2:
0a:50:ec:f5:37:36:a1:23:65:eb:e1:38:02:45:1c:
f4:5d:05:df:32:2e:ec:d9:67:44:22:0b:38:0f:36:
f7:55:db:23:29:53:4f:76:ca:e0:16:5b:d7:78:0a:
aa:5e:b0:61:2e:7a:bb:42:22:f0:bf:6a:76:03:f0:
c7:ea:c6:d3:5b:6b:5e:18:2f:3a:bd:a0:bd:a8:b9:
7b:1d:6a:3a:27:49:4a:44:e3:87:bb:0a:57:8f:0b:
6a:da:93:ce:84:05:1f:85:07:26:8d:8b:b1:20:99:
7a:e9:b3:5b:73:ea:e8:e2:ba:16:4b:9a:70:6f:4f:
29:73:8c:d4:7d:e6:d0:b2:0d:57:f8:a8:1e:3d:b9:
f8:a4:58:49:22:0c:50:5e:67:df:dd:15:67:88:ed:
93:ff:12:6e:0e:da:15:b3:4a:f5:9a:bb:0e:17:1d:
0e:52:7b:c3:67:ae:34:29:b3:61:b5:98:94:c1:d3:
bf:71:9f:eb:4a:0a:d6:50:88:9f:f4:ac:d0:e8:83:
30:d9:c2:6c:43:42:02:4c:cd:63:a5:8a:9e:b0:f4:
57:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:D8:9D:35:0B:00:62:50:99:DA:54:A1:EE:AF:84:03:8C:01:B8:50
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/69idNQsAYlCZ2lSh7q-EA4wBuFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.39.0-46.34.40.255
46.34.42.0/23
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:45:e2:dd:9a:7d:ae:66:03:e4:7c:05:fd:ac:78:ee:f4:36:
d8:02:c7:71:7e:2c:16:d1:7a:8e:4f:70:34:bb:eb:3a:5a:aa:
f0:1f:36:dc:76:0e:e3:c4:f2:9a:94:bc:00:57:1b:06:31:66:
b0:88:9c:b4:70:8b:d5:80:22:3b:6e:ef:21:fd:66:37:6b:62:
13:7b:fd:99:d3:26:fd:41:f8:ba:96:ff:40:e8:2e:ff:f9:95:
d1:40:cb:8c:97:d2:ed:a3:ce:fa:ca:de:2f:0a:70:d4:e2:9a:
70:12:e5:48:7a:40:a4:55:13:16:9e:41:0f:a8:b2:fa:01:65:
6b:eb:4c:97:bb:3e:45:44:24:a3:fc:3f:9f:c8:f5:9f:e5:e9:
37:18:55:fd:b3:c4:c5:48:67:ab:be:1e:ac:8f:d4:02:23:88:
16:e0:d2:46:5e:49:98:f5:aa:a5:ea:38:c5:65:33:06:3a:cf:
a8:d8:3f:d7:68:d5:33:ae:fd:5f:1e:b1:1d:79:94:64:2a:b9:
2b:ad:97:2d:00:4a:b7:72:36:eb:1b:14:56:e4:9b:ea:69:9f:
12:c1:e6:97:b8:8f:78:fe:50:03:2a:4e:03:d1:4c:24:6f:84:
83:f3:ac:49:f2:5d:21:2a:e3:91:f4:a1:33:06:72:d2:42:17:
f2:e8:48:89
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYoid1OnVSxwaCMnAx8jYoMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwODIzMTI1NjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmQ4OWQzNTBiMDA2MjUwOTlkYTU0YTFlZWFmODQwMzhjMDFiODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+VowRoLx0lWuvKxrMro3uI0E4C2K
INdVy3BzR5qe3iUGlx4Ve0rMxxYXpMIKUOz1NzahI2Xr4TgCRRz0XQXfMi7s2WdE
Igs4Dzb3VdsjKVNPdsrgFlvXeAqqXrBhLnq7QiLwv2p2A/DH6sbTW2teGC86vaC9
qLl7HWo6J0lKROOHuwpXjwtq2pPOhAUfhQcmjYuxIJl66bNbc+ro4roWS5pwb08p
c4zUfebQsg1X+KgePbn4pFhJIgxQXmff3RVniO2T/xJuDtoVs0r1mrsOFx0OUnvD
Z640KbNhtZiUwdO/cZ/rSgrWUIif9KzQ6IMw2cJsQ0ICTM1jpYqesPRXdwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFOvYnTULAGJQmdpUoe6vhAOMAbhQMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvNjlpZE5Rc0FZbENaMmxTaDdxLUVBNHdCdUZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAUuIiAD
BAAuIiQwDAMEAC4iJwMEAC4iKAMEAS4iKgMEAC4iPzANBgkqhkiG9w0BAQsFAAOC
AQEAP0Xi3Zp9rmYD5HwF/ax47vQ22ALHcX4sFtF6jk9wNLvrOlqq8B823HYO48Ty
mpS8AFcbBjFmsIictHCL1YAiO27vIf1mN2tiE3v9mdMm/UH4upb/QOgu//mV0UDL
jJfS7aPO+sreLwpw1OKacBLlSHpApFUTFp5BD6iy+gFla+tMl7s+RUQko/w/n8j1
n+XpNxhV/bPExUhnq74erI/UAiOIFuDSRl5JmPWqpeo4xWUzBjrPqNg/12jVM679
Xx6xHXmUZCq5K62XLQBKt3I26xsUVuSb6mmfEsHml7iPeP5QAypOA9FMJG+Eg/Os
SfJdISrjkfShMwZy0kIX8uhIiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org