Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/BBJIyx8pZdxvno-MBGSlHvTxgD0.roa
File: BBJIyx8pZdxvno-MBGSlHvTxgD0.roa (raw, json)
Hash identifier: prkFnuiuJ6fZ7YhYg9FVHbMDHylbIFK5A+flLpQVvGg=
Subject key identifier: 04:12:48:CB:1F:29:65:DC:6F:9E:8F:8C:04:64:A5:1E:F4:F1:80:3D
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0188D98E57D959D3DD5CFDD08224833041D6
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/BBJIyx8pZdxvno-MBGSlHvTxgD0.roa
Signing time: Tue 20 Jun 2023 16:06:04 +0000
ROA not before: Tue 20 Jun 2023 16:06:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.45.0/24 maxlen: 24
46.34.48.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Jun 2023 09:16:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d9:8e:57:d9:59:d3:dd:5c:fd:d0:82:24:83:30:41:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jun 20 16:06:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=041248cb1f2965dc6f9e8f8c0464a51ef4f1803d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:33:1a:d2:64:e9:c1:c5:15:fd:1f:11:d6:91:
bb:68:a5:86:5d:a5:31:e4:81:b6:47:3f:a5:19:af:
e4:df:1f:dd:0a:52:91:db:f3:c5:cc:be:ac:5c:cd:
d1:74:50:31:38:4a:a3:58:82:4c:ca:ad:25:1b:e8:
06:43:22:32:0f:a8:95:d4:ad:c3:b6:4f:c4:86:ef:
dc:00:e5:15:59:a4:bb:61:c4:72:f2:53:9c:0e:dd:
3f:1b:f8:b1:79:27:04:de:9d:8d:6b:be:ef:38:48:
63:e0:e8:58:16:84:ee:99:f8:93:ce:1b:69:02:ac:
94:7c:6c:1d:66:db:b7:59:78:9b:6f:31:95:da:68:
8a:07:e4:eb:09:e8:37:0f:41:65:59:c6:20:75:14:
8c:f7:20:1c:5c:35:17:09:78:9a:06:49:bd:bb:72:
1a:ee:b1:1d:74:63:43:45:5b:6b:6e:28:c6:4a:33:
7f:b0:ac:de:84:6e:c1:52:53:95:e4:58:d9:6f:c7:
79:83:8c:08:10:c0:94:ae:38:62:0f:78:0f:c1:83:
e6:ab:78:1a:0b:b0:92:3f:c2:66:4c:8d:3a:60:3a:
43:53:ff:82:a5:aa:2f:43:5f:35:2e:08:be:06:90:
f4:eb:41:2c:f8:34:bf:7b:b5:35:47:e3:38:73:b0:
17:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:12:48:CB:1F:29:65:DC:6F:9E:8F:8C:04:64:A5:1E:F4:F1:80:3D
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/BBJIyx8pZdxvno-MBGSlHvTxgD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.45.0/24
46.34.48.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:a7:cd:a0:5a:0f:df:6e:f4:de:c7:30:11:f1:b5:33:8c:49:
d4:ae:e2:30:bd:a4:3f:a2:53:b6:3a:85:74:e8:d2:f0:83:69:
5f:df:a4:a0:b4:3a:5c:b9:b7:22:a8:b0:3a:24:88:d1:50:53:
b4:bf:1e:99:63:c5:d4:f5:8e:f0:32:be:64:83:f0:e0:6a:02:
74:72:33:e3:e0:21:9f:04:c4:fe:a7:2a:65:e6:01:d3:34:1e:
fb:34:9e:ce:3c:fe:d1:04:08:f6:82:b3:15:71:a2:81:6b:38:
ce:04:fb:50:a5:c0:8b:65:90:9e:0e:86:e0:31:8d:14:fe:e9:
7f:22:ae:3f:0b:96:b3:b8:9b:97:7e:e9:b6:b9:47:10:b8:00:
ae:e4:2f:b5:42:39:ae:84:0b:0c:c7:53:ab:18:8a:da:3f:9b:
8d:f9:e4:0b:79:9c:e4:da:50:de:ad:a1:1e:4f:9d:9f:cd:16:
55:cc:af:22:c9:8f:c2:43:7c:29:a3:25:89:df:ed:f9:d6:32:
2a:42:df:a9:48:77:5e:9c:4d:28:77:70:81:12:55:29:21:ff:
9d:f6:fa:41:ef:17:1a:62:3a:e4:35:80:18:df:ed:c6:00:7b:
09:c5:38:f7:26:a0:88:20:11:aa:c2:7b:8b:5b:1a:e5:d2:cc:
05:d5:c7:ab
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYjZjlfZWdPdXP3QgiSDMEHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwNjIwMTYwNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDEyNDhjYjFmMjk2NWRjNmY5ZThmOGMwNDY0YTUxZWY0ZjE4MDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDMa0mTpwcUV/R8R1pG7aKWGXaUx
5IG2Rz+lGa/k3x/dClKR2/PFzL6sXM3RdFAxOEqjWIJMyq0lG+gGQyIyD6iV1K3D
tk/Ehu/cAOUVWaS7YcRy8lOcDt0/G/ixeScE3p2Na77vOEhj4OhYFoTumfiTzhtp
AqyUfGwdZtu3WXibbzGV2miKB+TrCeg3D0FlWcYgdRSM9yAcXDUXCXiaBkm9u3Ia
7rEddGNDRVtrbijGSjN/sKzehG7BUlOV5FjZb8d5g4wIEMCUrjhiD3gPwYPmq3ga
C7CSP8JmTI06YDpDU/+CpaovQ181Lgi+BpD060Es+DS/e7U1R+M4c7AXJQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAQSSMsfKWXcb56PjARkpR708YA9MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvQkJKSXl4OHBaZHh2bm8tTUJHU2xIdlR4Z0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAAuIi0DBAAuIjADBAAuIj8wDQYJKoZIhvcNAQELBQADggEB
AEynzaBaD99u9N7HMBHxtTOMSdSu4jC9pD+iU7Y6hXTo0vCDaV/fpKC0Oly5tyKo
sDokiNFQU7S/HpljxdT1jvAyvmSD8OBqAnRyM+PgIZ8ExP6nKmXmAdM0Hvs0ns48
/tEECPaCsxVxooFrOM4E+1ClwItlkJ4OhuAxjRT+6X8irj8LlrO4m5d+6ba5RxC4
AK7kL7VCOa6ECwzHU6sYito/m4355At5nOTaUN6toR5PnZ/NFlXMryLJj8JDfCmj
JYnf7fnWMipC36lId16cTSh3cIESVSkh/532+kHvFxpiOuQ1gBjf7cYAewnFOPcm
oIggEarCe4tbGuXSzAXVx6s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org