Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/JH_qkFoA9nmIhs5qabWxTK9ndyA.roa
File: JH_qkFoA9nmIhs5qabWxTK9ndyA.roa (raw, json)
Hash identifier: kbiZcBJrw1TAD8FKsOIzqeK7uOjweLVhLScbPHc/528=
Subject key identifier: 24:7F:EA:90:5A:00:F6:79:88:86:CE:6A:69:B5:B1:4C:AF:67:77:20
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0188DD4386D5C2ED9FB09A9D1CABC6494C37
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/JH_qkFoA9nmIhs5qabWxTK9ndyA.roa
Signing time: Wed 21 Jun 2023 09:22:50 +0000
ROA not before: Wed 21 Jun 2023 09:22:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.49.0/24 maxlen: 24
46.34.48.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Jun 2023 10:56:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dd:43:86:d5:c2:ed:9f:b0:9a:9d:1c:ab:c6:49:4c:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jun 21 09:22:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=247fea905a00f6798886ce6a69b5b14caf677720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:75:2b:85:7c:38:ee:e0:26:c6:79:c7:a6:68:
48:69:00:b7:c1:d5:1f:61:20:78:7c:24:a7:58:94:
9d:13:11:c5:9d:40:1f:cd:59:db:46:e3:09:78:45:
d8:c6:ca:1f:69:98:1b:a7:21:9c:a6:37:ce:75:2f:
20:1c:e7:da:9a:33:51:86:c1:28:64:a4:23:d8:96:
96:31:d6:62:7a:ac:bd:ff:9c:10:25:2d:2b:b1:c1:
b1:a6:6a:6a:fe:6a:5d:24:9c:46:f2:5e:44:13:39:
69:71:2b:86:ca:f9:1d:ef:08:49:5a:e8:29:e2:63:
b5:4b:17:8f:ae:dc:ec:ba:7b:57:89:c7:6d:d4:4a:
e6:0f:d9:bf:b7:07:aa:c8:ec:34:b8:94:c6:fc:21:
50:3d:5b:e2:3b:96:da:bb:c0:12:0f:53:5c:d0:d3:
53:39:27:62:32:de:35:42:7f:bf:d3:aa:f8:8d:64:
d2:cf:34:66:2b:cd:a9:ac:bf:4f:34:5a:2e:3d:e7:
ce:1b:90:7c:34:42:bc:68:cb:ce:98:1f:57:d0:81:
45:20:29:af:8c:b6:c1:7a:1e:d0:e9:b8:81:f4:22:
48:ce:4b:8f:30:81:38:b7:41:71:bf:bb:1b:b4:12:
41:55:3a:f9:1e:a9:ae:d9:37:b4:0e:e5:e3:f0:a8:
03:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:7F:EA:90:5A:00:F6:79:88:86:CE:6A:69:B5:B1:4C:AF:67:77:20
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/JH_qkFoA9nmIhs5qabWxTK9ndyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.48.0/23
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:77:90:5f:86:c3:67:30:e8:6b:6b:54:51:57:95:da:66:59:
25:49:a6:cb:d1:ec:52:b7:e9:6e:86:bf:e7:2a:30:44:98:3e:
ad:c1:71:94:ec:c5:19:e0:e5:2c:4b:3f:dc:9a:3f:25:f1:32:
c4:1b:1c:50:63:54:fb:e2:be:1e:1d:28:9d:ce:03:fa:2c:41:
58:dc:1a:bb:27:58:46:82:17:c3:2b:df:f0:9d:88:fa:cc:24:
3a:5c:62:17:c0:55:cd:23:4d:4d:52:43:2f:74:a7:0b:e2:86:
d3:ad:a1:65:6e:5a:9d:6c:bf:a8:fd:03:bf:63:06:ba:cb:3c:
9d:f7:ee:72:6e:8a:1e:b8:2a:e8:87:01:65:ef:79:74:a1:9d:
20:5f:6f:ec:b3:fd:68:5e:ed:c6:00:c2:91:37:a7:6d:da:5a:
5a:30:45:8d:94:07:55:a2:de:9f:30:70:61:3c:20:64:ef:b2:
3d:f3:2f:33:cd:c1:45:5e:6d:34:51:42:1b:09:69:ea:5d:bf:
3c:4c:29:c9:ba:09:f8:c0:82:97:7a:25:90:68:7c:d5:5a:1a:
32:57:dc:47:9f:3b:07:fc:f1:bc:46:fe:47:bd:a6:7c:48:31:
34:fd:62:df:99:8a:8a:fe:88:de:50:39:2c:d4:18:d3:f4:0d:
42:89:05:6e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYjdQ4bVwu2fsJqdHKvGSUw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwNjIxMDkyMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDdmZWE5MDVhMDBmNjc5ODg4NmNlNmE2OWI1YjE0Y2FmNjc3NzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXUrhXw47uAmxnnHpmhIaQC3wdUf
YSB4fCSnWJSdExHFnUAfzVnbRuMJeEXYxsofaZgbpyGcpjfOdS8gHOfamjNRhsEo
ZKQj2JaWMdZieqy9/5wQJS0rscGxpmpq/mpdJJxG8l5EEzlpcSuGyvkd7whJWugp
4mO1SxePrtzsuntXicdt1ErmD9m/tweqyOw0uJTG/CFQPVviO5bau8ASD1Nc0NNT
OSdiMt41Qn+/06r4jWTSzzRmK82prL9PNFouPefOG5B8NEK8aMvOmB9X0IFFICmv
jLbBeh7Q6biB9CJIzkuPMIE4t0Fxv7sbtBJBVTr5Hqmu2Te0DuXj8KgDMwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCR/6pBaAPZ5iIbOamm1sUyvZ3cgMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvSkhfcWtGb0E5bm1JaHM1cWFiV3hUSzluZHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAEuIjADBAAuIj8wDQYJKoZIhvcNAQELBQADggEBAB93kF+G
w2cw6GtrVFFXldpmWSVJpsvR7FK36W6Gv+cqMESYPq3BcZTsxRng5SxLP9yaPyXx
MsQbHFBjVPvivh4dKJ3OA/osQVjcGrsnWEaCF8Mr3/CdiPrMJDpcYhfAVc0jTU1S
Qy90pwvihtOtoWVuWp1sv6j9A79jBrrLPJ337nJuih64KuiHAWXveXShnSBfb+yz
/Whe7cYAwpE3p23aWlowRY2UB1Wi3p8wcGE8IGTvsj3zLzPNwUVebTRRQhsJaepd
vzxMKcm6CfjAgpd6JZBofNVaGjJX3EefOwf88bxG/ke9pnxIMTT9Yt+Zior+iN5Q
OSzUGNP0DUKJBW4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org