Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/CA2cypHdU81l34JeQhvtRgA7-Rw.roa
File: CA2cypHdU81l34JeQhvtRgA7-Rw.roa (raw, json)
Hash identifier: kcGhErPIJ4HjgtPknPpVo8oxAGPx+2+g3xAgf6VWjL0=
Subject key identifier: 08:0D:9C:CA:91:DD:53:CD:65:DF:82:5E:42:1B:ED:46:00:3B:F9:1C
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0190FFD5DFC048B2F7E0913BB43E49B1CE2E
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/CA2cypHdU81l34JeQhvtRgA7-Rw.roa
Signing time: Mon 29 Jul 2024 18:52:04 +0000
ROA not before: Mon 29 Jul 2024 18:52:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 14:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ff:d5:df:c0:48:b2:f7:e0:91:3b:b4:3e:49:b1:ce:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jul 29 18:52:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=080d9cca91dd53cd65df825e421bed46003bf91c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:be:09:ef:7e:71:9d:4f:0c:1a:27:da:1f:8f:
e5:06:9e:62:92:5b:99:bc:d8:2f:79:61:3f:9a:2e:
7d:d8:d3:12:91:cb:e3:ee:c2:2b:d0:e6:fd:4b:f7:
10:4d:87:29:71:9f:4e:a9:7f:78:fe:2a:a8:9d:a9:
bc:f5:a7:75:31:dc:19:a4:9e:26:e1:69:94:60:54:
ef:c2:8c:6c:4a:83:ea:c0:95:08:df:00:8a:f4:48:
97:b6:b8:a3:c7:6d:bd:a3:e6:94:35:f6:12:00:c1:
c1:3f:25:70:88:64:ee:79:d6:24:09:85:44:a2:f7:
38:57:04:d1:9c:ff:8e:43:5f:f8:04:09:02:9e:78:
72:a8:f2:2c:6f:6f:af:fd:ba:9a:b7:06:39:d8:6e:
05:0e:31:44:5e:d9:d0:28:63:80:e5:df:df:28:d7:
f8:04:07:2e:93:37:84:94:bb:aa:b1:5f:69:8d:3c:
27:1e:25:21:f8:f5:c0:1d:61:94:99:8b:db:5f:15:
35:aa:54:1a:71:21:4a:30:1a:26:35:1d:02:5f:b5:
1f:5d:50:b1:c0:67:f9:f4:6f:93:5d:98:e7:00:e9:
a0:12:16:ea:d9:3b:72:16:68:69:e6:ee:a5:44:ce:
d0:51:ef:a3:90:5e:92:1c:30:97:4c:0f:86:0a:80:
5d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:0D:9C:CA:91:DD:53:CD:65:DF:82:5E:42:1B:ED:46:00:3B:F9:1C
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/CA2cypHdU81l34JeQhvtRgA7-Rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
08:64:8e:01:fb:42:0c:d2:2f:21:27:cb:a5:f9:fd:dc:1c:c4:
bc:cc:8f:cf:f6:97:01:9f:66:87:ac:3a:13:66:9f:61:6e:6f:
62:73:c8:8d:e6:72:08:0c:ee:c6:12:46:5e:31:9e:0f:05:cd:
17:34:b8:12:a5:53:27:1b:bd:8a:bf:4f:ad:76:0d:f4:73:b8:
65:b9:8d:e4:d9:12:84:7e:8d:71:8a:02:a4:b3:d3:fe:5d:7c:
6d:b0:93:17:2d:e8:f7:cb:27:f0:d9:62:61:64:e9:8b:5e:db:
d4:f0:cc:7a:e6:19:85:8f:a5:e5:33:54:25:16:9d:f3:56:e4:
6c:ae:fc:6b:ab:2b:ff:69:da:11:33:17:0e:1f:c5:30:68:23:
42:a7:22:c1:75:d9:2c:2f:55:e7:07:e9:8a:d3:b5:d9:14:7e:
15:38:5f:be:e7:52:2a:3d:48:6b:50:28:50:a3:36:9b:52:43:
a6:2f:02:b8:17:85:95:3d:28:cf:a4:59:1c:d9:d5:91:79:64:
0a:81:16:c1:f7:88:53:1a:54:a0:f4:85:9a:81:1e:73:b0:33:
e0:2f:c4:5d:9f:a1:76:fc:40:85:e0:6f:d5:6f:27:8d:c3:de:
62:5e:20:a7:55:79:ea:ff:b2:04:1a:f3:30:37:e6:3e:d0:4d:
d5:12:45:c7
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZD/1d/ASLL34JE7tD5Jsc4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjQwNzI5MTg1MjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODBkOWNjYTkxZGQ1M2NkNjVkZjgyNWU0MjFiZWQ0NjAwM2JmOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL4J735xnU8MGifaH4/lBp5ikluZ
vNgveWE/mi592NMSkcvj7sIr0Ob9S/cQTYcpcZ9OqX94/iqonam89ad1MdwZpJ4m
4WmUYFTvwoxsSoPqwJUI3wCK9EiXtrijx229o+aUNfYSAMHBPyVwiGTuedYkCYVE
ovc4VwTRnP+OQ1/4BAkCnnhyqPIsb2+v/bqatwY52G4FDjFEXtnQKGOA5d/fKNf4
BAcukzeElLuqsV9pjTwnHiUh+PXAHWGUmYvbXxU1qlQacSFKMBomNR0CX7UfXVCx
wGf59G+TXZjnAOmgEhbq2TtyFmhp5u6lRM7QUe+jkF6SHDCXTA+GCoBdbwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAgNnMqR3VPNZd+CXkIb7UYAO/kcMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvQ0EyY3lwSGRVODFsMzRKZVFodnRSZ0E3LVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBAAhkjgH7QgzSLyEn
y6X5/dwcxLzMj8/2lwGfZoesOhNmn2Fub2JzyI3mcggM7sYSRl4xng8FzRc0uBKl
UycbvYq/T612DfRzuGW5jeTZEoR+jXGKAqSz0/5dfG2wkxct6PfLJ/DZYmFk6Yte
29TwzHrmGYWPpeUzVCUWnfNW5Gyu/GurK/9p2hEzFw4fxTBoI0KnIsF12SwvVecH
6YrTtdkUfhU4X77nUio9SGtQKFCjNptSQ6YvArgXhZU9KM+kWRzZ1ZF5ZAqBFsH3
iFMaVKD0hZqBHnOwM+AvxF2foXb8QIXgb9VvJ43D3mJeIKdVeer/sgQa8zA35j7Q
TdUSRcc=
-----END CERTIFICATE-----
Generated at Tue Sep 10 17:30:57 2024 by rpki-client on console-fra.rpki-client.org