Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/FM4KlrU765UG_HM-9c5as8nw1yQ.roa
File: FM4KlrU765UG_HM-9c5as8nw1yQ.roa (raw, json)
Hash identifier: SIkvean50i+6NrsPCPcYxX+S98SDm5bDEAcMIwXbEPo=
Subject key identifier: 14:CE:0A:96:B5:3B:EB:95:06:FC:73:3E:F5:CE:5A:B3:C9:F0:D7:24
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 01876AC89743347B4195E4C81C408EC9A789
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/FM4KlrU765UG_HM-9c5as8nw1yQ.roa
Signing time: Mon 10 Apr 2023 10:49:03 +0000
ROA not before: Mon 10 Apr 2023 10:49:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Jun 2023 10:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6a:c8:97:43:34:7b:41:95:e4:c8:1c:40:8e:c9:a7:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Apr 10 10:49:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14ce0a96b53beb9506fc733ef5ce5ab3c9f0d724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b2:1d:45:4c:12:a8:ed:c2:45:43:e7:f3:fd:
a9:69:5f:d4:51:04:46:0e:d5:cf:cf:c4:a8:42:c6:
27:3b:d8:d6:a0:9c:46:a7:db:50:0b:80:80:9a:8f:
80:f8:f8:85:e3:d5:a1:4a:9f:1c:a9:94:a3:f4:22:
41:55:8e:54:59:81:e6:85:29:19:9f:a1:35:52:48:
c5:b4:11:b8:f6:72:90:ec:06:83:86:e5:00:58:79:
9e:ed:fd:ed:9e:10:72:1f:ef:67:2a:bd:9c:43:91:
bb:4b:15:3d:d1:63:1f:bf:0a:b0:a2:ce:22:5b:74:
96:6a:7c:05:29:a1:9a:23:6a:a5:8e:f7:e8:17:77:
a4:c3:00:b4:b5:e1:7b:21:97:d9:4c:35:5c:1a:04:
40:0b:f2:23:aa:09:a3:a4:0a:0f:a1:0f:4b:7b:23:
70:f7:1d:01:d1:57:71:84:4f:40:fb:f5:77:61:96:
da:d3:40:74:4b:d4:3d:08:1d:59:9a:6a:d7:fd:f9:
20:64:01:5f:e8:b0:86:02:f1:33:17:04:3d:4c:b8:
ef:41:6b:d1:96:d9:3c:9d:07:57:c5:24:5a:d6:93:
69:94:c0:aa:56:05:1b:0e:43:cd:8e:65:4a:f7:62:
cc:5c:36:a7:ab:8a:cc:72:a2:bb:f1:da:4e:c6:1e:
ad:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:CE:0A:96:B5:3B:EB:95:06:FC:73:3E:F5:CE:5A:B3:C9:F0:D7:24
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/FM4KlrU765UG_HM-9c5as8nw1yQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
15:c5:8c:8b:41:41:e2:1e:9c:b9:d8:b3:da:94:79:1f:8c:cd:
21:be:19:45:a0:8f:3f:bc:15:64:f8:7e:10:b4:a1:ab:0b:75:
1b:d3:62:75:ad:b7:58:49:52:ea:89:cb:0a:c0:a5:52:48:c6:
75:8b:ce:95:06:a8:bf:e0:d3:87:c6:e2:73:b3:68:f7:b5:dc:
ce:74:64:ad:91:f5:65:d0:c1:0c:31:f0:51:9c:5f:bd:73:70:
dc:39:aa:aa:ae:50:ef:bf:35:d9:0b:ee:44:6a:a4:c0:04:0b:
02:14:e9:42:cc:b5:d3:31:0b:ff:78:25:9e:9b:40:f6:83:4e:
b6:08:e3:f1:aa:6b:1d:8e:7d:2a:d2:e1:86:39:92:73:35:05:
1c:54:ff:cf:ff:91:e2:b5:cc:34:73:be:b7:a9:99:63:6c:a6:
45:c0:fb:fb:68:dd:fa:94:4a:01:e7:80:f7:0f:1f:3b:d7:b7:
b7:cc:f8:c6:3e:fd:e5:78:79:53:9d:c8:56:4d:6a:db:24:09:
d8:d4:a2:70:77:d3:02:8b:71:b9:65:7f:4f:48:ad:d7:30:ac:
23:77:b1:bc:ca:25:69:92:80:db:7f:16:20:20:a4:2e:fe:4b:
07:d5:9a:e5:26:a3:76:52:32:a1:c4:d9:4e:95:b7:9c:9e:31:
8a:dd:74:9e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYdqyJdDNHtBleTIHECOyaeJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwNDEwMTA0OTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGNlMGE5NmI1M2JlYjk1MDZmYzczM2VmNWNlNWFiM2M5ZjBkNzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrIdRUwSqO3CRUPn8/2paV/UUQRG
DtXPz8SoQsYnO9jWoJxGp9tQC4CAmo+A+PiF49WhSp8cqZSj9CJBVY5UWYHmhSkZ
n6E1UkjFtBG49nKQ7AaDhuUAWHme7f3tnhByH+9nKr2cQ5G7SxU90WMfvwqwos4i
W3SWanwFKaGaI2qljvfoF3ekwwC0teF7IZfZTDVcGgRAC/IjqgmjpAoPoQ9LeyNw
9x0B0VdxhE9A+/V3YZba00B0S9Q9CB1ZmmrX/fkgZAFf6LCGAvEzFwQ9TLjvQWvR
ltk8nQdXxSRa1pNplMCqVgUbDkPNjmVK92LMXDanq4rMcqK78dpOxh6tXwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBTOCpa1O+uVBvxzPvXOWrPJ8NckMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvRk00S2xyVTc2NVVHX0hNLTljNWFzOG53MXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBABXFjItBQeIenLnY
s9qUeR+MzSG+GUWgjz+8FWT4fhC0oasLdRvTYnWtt1hJUuqJywrApVJIxnWLzpUG
qL/g04fG4nOzaPe13M50ZK2R9WXQwQwx8FGcX71zcNw5qqquUO+/NdkL7kRqpMAE
CwIU6ULMtdMxC/94JZ6bQPaDTrYI4/Gqax2OfSrS4YY5knM1BRxU/8//keK1zDRz
vrepmWNspkXA+/to3fqUSgHngPcPHzvXt7fM+MY+/eV4eVOdyFZNatskCdjUonB3
0wKLcbllf09IrdcwrCN3sbzKJWmSgNt/FiAgpC7+SwfVmuUmo3ZSMqHE2U6Vt5ye
MYrddJ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org