Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/C2h7VrKqjP7Wl8h9QZ_0T44alcw.roa
File: C2h7VrKqjP7Wl8h9QZ_0T44alcw.roa (raw, json)
Hash identifier: YQOIUTkXiealVM41olHqpKSm16J+CUJdfLswhICJvq4=
Subject key identifier: 0B:68:7B:56:B2:AA:8C:FE:D6:97:C8:7D:41:9F:F4:4F:8E:1A:95:CC
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018945A33779972C80C7C1441AA5CE717E56
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/C2h7VrKqjP7Wl8h9QZ_0T44alcw.roa
Signing time: Tue 11 Jul 2023 15:47:51 +0000
ROA not before: Tue 11 Jul 2023 15:47:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.38.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.44.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.58.0/23 maxlen: 23
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Jul 2023 07:53:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:45:a3:37:79:97:2c:80:c7:c1:44:1a:a5:ce:71:7e:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jul 11 15:47:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b687b56b2aa8cfed697c87d419ff44f8e1a95cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:8a:56:2e:16:82:07:de:ba:1a:8d:65:60:34:
30:63:55:b2:87:ea:21:47:85:40:be:3b:e1:aa:b5:
c1:46:0a:7c:ea:15:2b:0e:1e:27:6e:f4:4c:0b:72:
e1:31:94:e8:01:c5:ab:ca:7f:f7:ad:e8:dd:ac:77:
2c:da:41:23:a7:b2:b5:c3:01:68:df:11:53:2e:89:
3a:c6:d2:9d:99:91:eb:2f:da:ae:23:68:69:bb:c6:
9a:ba:0f:a3:93:7b:68:7f:87:66:3a:17:c2:4b:9c:
fe:90:96:5c:33:62:20:c7:bb:fa:2a:12:75:66:ab:
da:cd:71:c4:8e:e1:8b:49:10:dd:eb:fc:60:9c:95:
45:f3:e2:be:45:8a:15:d9:49:de:19:f9:0f:28:f9:
c9:b3:f6:56:7c:ec:eb:cf:05:d9:6a:33:f1:5e:1e:
1d:21:34:59:4c:2a:57:64:11:b7:43:29:b7:b4:1c:
52:93:f7:16:06:33:09:e7:80:b2:d7:76:c5:73:49:
82:35:55:f9:f5:db:ce:f4:e3:5e:00:87:2a:ba:50:
0c:d5:e0:a9:60:db:d1:d6:9b:46:5d:e9:25:b5:60:
dd:ee:c9:8f:48:27:aa:42:6e:f5:01:e9:df:ed:72:
20:39:33:e2:ca:28:ae:50:dd:c0:48:33:51:81:a1:
92:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:68:7B:56:B2:AA:8C:FE:D6:97:C8:7D:41:9F:F4:4F:8E:1A:95:CC
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/C2h7VrKqjP7Wl8h9QZ_0T44alcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.38.0/24
46.34.40.0/24
46.34.44.0/24
46.34.58.0/23
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
60:7e:57:ff:aa:f8:1e:ce:38:91:57:d7:83:af:d6:35:7e:0a:
2d:e8:69:2a:43:aa:ec:a0:bb:83:6c:b9:9c:1d:2e:4d:89:76:
10:75:0c:1e:e6:9b:08:47:69:a4:76:18:2e:64:2c:eb:14:56:
92:5d:6b:60:3f:8e:22:a9:38:79:fa:4e:81:15:04:d4:6c:fa:
5c:c4:c8:d4:80:26:16:d8:9c:bb:48:ae:a4:0d:b8:b6:f3:2e:
df:1a:76:24:50:1f:11:56:dd:82:3c:36:23:51:d8:d5:10:6c:
43:f5:4b:51:f6:86:32:9f:f5:eb:f8:03:42:c5:e9:84:6e:81:
7f:de:8b:63:ba:68:ec:e2:de:2e:88:df:d0:52:d2:ac:3d:75:
7a:7e:76:6f:5a:00:9d:21:a6:75:09:19:f8:01:73:2c:1e:d4:
01:0d:5a:5b:34:6f:ac:7c:27:6e:79:40:6a:a0:50:d0:60:f7:
1f:df:91:5b:d4:59:80:22:48:b7:b9:ab:5b:4c:f4:ca:b3:87:
6e:3a:22:9e:a1:7d:b2:02:98:70:14:78:0c:4d:56:79:be:a8:
61:ea:ce:bb:3b:da:a1:71:8a:ee:c6:db:08:a5:31:a2:63:fc:
59:02:50:0e:c6:57:b9:40:d9:ee:f9:89:74:fd:d8:98:e2:4b:
c2:0a:25:9d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYlFozd5lyyAx8FEGqXOcX5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwNzExMTU0NzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjY4N2I1NmIyYWE4Y2ZlZDY5N2M4N2Q0MTlmZjQ0ZjhlMWE5NWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgopWLhaCB966Go1lYDQwY1Wyh+oh
R4VAvjvhqrXBRgp86hUrDh4nbvRMC3LhMZToAcWryn/3rejdrHcs2kEjp7K1wwFo
3xFTLok6xtKdmZHrL9quI2hpu8aaug+jk3tof4dmOhfCS5z+kJZcM2Igx7v6KhJ1
ZqvazXHEjuGLSRDd6/xgnJVF8+K+RYoV2UneGfkPKPnJs/ZWfOzrzwXZajPxXh4d
ITRZTCpXZBG3Qym3tBxSk/cWBjMJ54Cy13bFc0mCNVX59dvO9ONeAIcqulAM1eCp
YNvR1ptGXekltWDd7smPSCeqQm71Aenf7XIgOTPiyiiuUN3ASDNRgaGSgQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAtoe1ayqoz+1pfIfUGf9E+OGpXMMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvQzJoN1ZyS3FqUDdXbDhoOVFaXzBUNDRhbGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAUuIiAD
BAAuIiQDBAAuIiYDBAAuIigDBAAuIiwDBAEuIjoDBAAuIj8wDQYJKoZIhvcNAQEL
BQADggEBAGB+V/+q+B7OOJFX14Ov1jV+Ci3oaSpDquygu4NsuZwdLk2JdhB1DB7m
mwhHaaR2GC5kLOsUVpJda2A/jiKpOHn6ToEVBNRs+lzEyNSAJhbYnLtIrqQNuLbz
Lt8adiRQHxFW3YI8NiNR2NUQbEP1S1H2hjKf9ev4A0LF6YRugX/ei2O6aOzi3i6I
39BS0qw9dXp+dm9aAJ0hpnUJGfgBcywe1AENWls0b6x8J255QGqgUNBg9x/fkVvU
WYAiSLe5q1tM9Mqzh246Ip6hfbICmHAUeAxNVnm+qGHqzrs72qFxiu7G2wilMaJj
/FkCUA7GV7lA2e75iXT92JjiS8IKJZ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org