Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/K3Hfvb3e4DkbdjRGb8zlWu65MK0.roa
File: K3Hfvb3e4DkbdjRGb8zlWu65MK0.roa (raw, json)
Hash identifier: O4xIVuLb8EEGyz0WB0nYzvAuWXsj8hspGsdeIaRgfho=
Subject key identifier: 2B:71:DF:BD:BD:DE:E0:39:1B:76:34:46:6F:CC:E5:5A:EE:B9:30:AD
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018A319DCB427046874370BCDCBA41081DD3
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/K3Hfvb3e4DkbdjRGb8zlWu65MK0.roa
Signing time: Sat 26 Aug 2023 11:32:19 +0000
ROA not before: Sat 26 Aug 2023 11:32:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 46.34.49.0/24 maxlen: 24
46.34.55.0/24 maxlen: 24
46.34.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Sep 2023 07:43:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:31:9d:cb:42:70:46:87:43:70:bc:dc:ba:41:08:1d:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Aug 26 11:32:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b71dfbdbddee0391b7634466fcce55aeeb930ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ee:9a:e9:84:ea:0b:0f:e7:02:c2:2a:70:e9:
11:4a:ff:f5:a4:04:53:6b:50:b2:5e:77:3e:a0:47:
ee:ed:64:5c:2c:dc:0b:90:20:cb:c8:0e:89:c1:91:
b3:2b:91:6a:f7:1b:10:a9:25:f3:99:36:84:c0:a6:
5b:93:20:00:7b:0c:84:90:bc:bf:71:dd:11:20:26:
cf:04:83:94:c1:a6:30:a2:52:b4:3f:88:7b:cb:1f:
e8:29:d3:e2:27:38:6e:45:6f:39:3d:02:24:92:34:
c5:e7:be:33:f0:11:5a:8e:e7:2a:13:e0:83:7c:32:
33:36:a2:4c:94:ad:3f:0d:3c:63:21:bc:4a:48:50:
95:18:a8:e1:61:b6:37:8c:8a:66:b3:5f:ed:72:42:
89:60:9e:5c:cc:f6:14:b3:28:77:05:63:16:f5:8c:
89:cb:cc:cd:ae:fd:ad:4c:4b:91:0f:b6:a9:8d:7b:
58:66:4e:a4:0b:62:33:7b:1c:b9:ec:2b:5a:f0:7b:
65:64:e2:ac:76:3e:17:97:05:86:9c:6e:4d:f1:b6:
58:09:75:ee:50:ad:d8:3b:c8:c7:69:22:db:50:79:
15:c3:99:aa:22:8e:0a:8c:2b:9e:22:e2:0b:72:4b:
2f:bb:f3:1b:31:fb:4d:be:23:3f:df:10:b6:f3:e4:
f5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:71:DF:BD:BD:DE:E0:39:1B:76:34:46:6F:CC:E5:5A:EE:B9:30:AD
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/K3Hfvb3e4DkbdjRGb8zlWu65MK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.49.0/24
46.34.55.0/24
46.34.62.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:c4:1a:b6:e0:fa:35:e2:c2:25:8d:f2:dc:3f:77:d5:5d:58:
77:bf:e4:0e:11:3e:30:46:39:15:7c:45:b6:9d:e7:bf:6e:76:
79:dd:8b:5a:1e:1a:11:f0:cb:e7:df:82:13:a8:24:8f:66:37:
14:2f:6a:79:7a:b9:2a:5a:7e:2a:1e:8c:7f:51:b9:6f:0c:56:
f6:35:31:71:33:e3:1c:6c:ac:fa:3b:1f:3d:c6:b8:04:65:70:
eb:21:4f:86:17:1e:9a:25:e2:bc:9c:73:00:e4:59:a1:6c:92:
e3:9c:6c:cd:ec:d0:0a:d9:54:f9:ff:e3:33:70:40:c5:1d:13:
10:c4:b7:97:2b:f7:c8:c2:07:98:da:3c:63:dd:5a:8b:5b:39:
77:bb:ed:c3:da:45:3d:fe:07:6c:f4:03:64:88:c6:87:8f:82:
4f:0c:5a:8f:00:31:e8:fb:bb:4b:fe:39:01:06:b9:6b:e1:23:
6c:79:6c:6b:f4:57:96:b3:a4:e0:32:97:3c:7d:72:8d:96:33:
c3:a5:89:5e:ab:87:d7:8a:08:0e:af:16:68:94:c3:0a:ff:8a:
59:21:1f:26:85:44:4a:ca:9a:28:fa:7f:5a:03:19:03:d3:9a:
d4:ad:80:67:97:9e:3f:fd:60:5d:f0:a5:64:45:a1:bc:c5:0c:
c6:30:a3:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoxnctCcEaHQ3C83LpBCB3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwODI2MTEzMjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjcxZGZiZGJkZGVlMDM5MWI3NjM0NDY2ZmNjZTU1YWVlYjkzMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkO6a6YTqCw/nAsIqcOkRSv/1pART
a1CyXnc+oEfu7WRcLNwLkCDLyA6JwZGzK5Fq9xsQqSXzmTaEwKZbkyAAewyEkLy/
cd0RICbPBIOUwaYwolK0P4h7yx/oKdPiJzhuRW85PQIkkjTF574z8BFajucqE+CD
fDIzNqJMlK0/DTxjIbxKSFCVGKjhYbY3jIpms1/tckKJYJ5czPYUsyh3BWMW9YyJ
y8zNrv2tTEuRD7apjXtYZk6kC2Izexy57Cta8HtlZOKsdj4XlwWGnG5N8bZYCXXu
UK3YO8jHaSLbUHkVw5mqIo4KjCueIuILcksvu/MbMftNviM/3xC28+T1JQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCtx37293uA5G3Y0Rm/M5VruuTCtMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvSzNIZnZiM2U0RGtiZGpSR2I4emxXdTY1TUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiIxAwQA
LiI3AwQALiI+MA0GCSqGSIb3DQEBCwUAA4IBAQAKxBq24Po14sIljfLcP3fVXVh3
v+QOET4wRjkVfEW2nee/bnZ53YtaHhoR8Mvn34ITqCSPZjcUL2p5erkqWn4qHox/
UblvDFb2NTFxM+McbKz6Ox89xrgEZXDrIU+GFx6aJeK8nHMA5FmhbJLjnGzN7NAK
2VT5/+MzcEDFHRMQxLeXK/fIwgeY2jxj3VqLWzl3u+3D2kU9/gds9ANkiMaHj4JP
DFqPADHo+7tL/jkBBrlr4SNseWxr9FeWs6TgMpc8fXKNljPDpYleq4fXiggOrxZo
lMMK/4pZIR8mhURKypoo+n9aAxkD05rUrYBnl54//WBd8KVkRaG8xQzGMKPX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org