Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/LyFK0RUyFFwx5RMB-GC915i2Wf8.roa
File: LyFK0RUyFFwx5RMB-GC915i2Wf8.roa (raw, json)
Hash identifier: OjXhq1bNeje0EFjgks8P+M5r6heTFa3dKUEo+nLUu+Q=
Subject key identifier: 2F:21:4A:D1:15:32:14:5C:31:E5:13:01:F8:60:BD:D7:98:B6:59:FF
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018F09D47143B975CE8184BD46E0C6A041BF
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/LyFK0RUyFFwx5RMB-GC915i2Wf8.roa
Signing time: Tue 23 Apr 2024 07:21:08 +0000
ROA not before: Tue 23 Apr 2024 07:21:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 13:11:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:09:d4:71:43:b9:75:ce:81:84:bd:46:e0:c6:a0:41:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Apr 23 07:21:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f214ad11532145c31e51301f860bdd798b659ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0d:76:b5:d1:e6:64:1e:65:77:d8:f9:cf:05:
d7:25:83:ff:2c:c6:f7:a4:fc:1f:d3:04:2f:f7:1f:
e3:83:4d:5b:3c:36:f6:8f:17:83:13:ab:82:0e:87:
d2:f1:ba:95:84:3c:f9:74:8f:60:fc:63:0d:14:20:
89:43:37:92:01:8f:c3:05:26:5d:fa:5e:73:66:66:
7e:1b:c9:80:bf:62:be:b3:35:b1:c0:dd:d3:0f:58:
3e:73:3a:b5:8d:0b:6b:b9:88:70:ec:bc:22:b6:e8:
e9:c0:b0:c5:aa:cc:6d:43:bb:08:1a:14:ef:b8:0a:
85:50:de:ec:93:a2:a0:91:a6:67:f3:79:15:c5:ff:
7c:78:3c:44:7c:51:b2:de:b9:0e:9e:53:bc:df:d6:
9d:c5:7f:52:af:23:27:96:3b:37:8e:7e:38:f6:08:
6e:49:53:19:2a:c7:4a:46:19:16:c3:53:0e:1f:3f:
4e:3b:32:68:64:9b:ca:02:c0:72:92:e0:9c:e1:47:
5d:fd:6e:d4:b2:88:b9:6e:6d:30:d1:1f:f4:37:45:
9d:58:2b:9c:b0:0b:37:f8:8d:0d:91:b0:ae:0c:8a:
c5:99:26:07:1e:90:3f:e8:da:de:65:e9:7a:b6:4b:
74:e4:a9:9a:4a:c2:92:a3:6e:80:ab:3c:57:86:94:
9f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:21:4A:D1:15:32:14:5C:31:E5:13:01:F8:60:BD:D7:98:B6:59:FF
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/LyFK0RUyFFwx5RMB-GC915i2Wf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:b2:a7:f9:86:f8:fa:a2:86:3c:7b:c6:39:93:cb:19:75:36:
74:6d:99:4f:0c:92:f5:72:5c:21:90:3c:fb:ae:d9:84:e5:6d:
71:a5:ee:9f:37:93:6c:90:49:a2:47:61:62:86:d0:95:86:0f:
82:49:4b:54:db:84:25:0f:1e:f3:d1:50:dd:92:c0:de:09:a2:
df:0a:b7:26:13:14:49:35:6d:85:77:cc:8d:fe:80:2c:f3:8e:
c8:df:d0:cd:2f:b2:31:81:7f:a6:98:f5:f6:b0:68:89:cc:96:
82:70:84:75:96:8b:d1:33:93:a9:e3:c4:9c:af:73:f4:c3:c7:
e8:14:22:36:a7:cf:08:a8:e7:84:51:9a:ad:4a:77:92:03:02:
91:8a:f9:82:7f:cf:44:d1:7b:e6:81:d6:75:52:56:4e:e6:8e:
df:56:2d:80:d3:c8:1b:7e:86:7f:04:86:3f:71:21:27:91:d9:
8a:97:14:21:31:64:3b:07:d3:4c:4e:74:08:d6:6f:3f:6d:fa:
41:55:2a:bf:de:29:26:1f:7e:8d:4a:be:3d:79:01:bb:66:fc:
bb:97:71:a4:6a:28:50:e1:11:33:46:8a:ec:5c:d2:54:44:3e:
0a:e6:37:de:90:8e:0e:f7:a1:57:7c:48:e6:bd:e3:10:4e:a7:
4e:9d:4e:82
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY8J1HFDuXXOgYS9RuDGoEG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjQwNDIzMDcyMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjIxNGFkMTE1MzIxNDVjMzFlNTEzMDFmODYwYmRkNzk4YjY1OWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmA12tdHmZB5ld9j5zwXXJYP/LMb3
pPwf0wQv9x/jg01bPDb2jxeDE6uCDofS8bqVhDz5dI9g/GMNFCCJQzeSAY/DBSZd
+l5zZmZ+G8mAv2K+szWxwN3TD1g+czq1jQtruYhw7LwitujpwLDFqsxtQ7sIGhTv
uAqFUN7sk6KgkaZn83kVxf98eDxEfFGy3rkOnlO839adxX9SryMnljs3jn449ghu
SVMZKsdKRhkWw1MOHz9OOzJoZJvKAsBykuCc4Udd/W7Usoi5bm0w0R/0N0WdWCuc
sAs3+I0NkbCuDIrFmSYHHpA/6NreZel6tkt05KmaSsKSo26AqzxXhpSfZwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFC8hStEVMhRcMeUTAfhgvdeYtln/MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvTHlGSzBSVXlGRnd4NVJNQi1HQzkxNWkyV2Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBAB6yp/mG+Pqihjx7
xjmTyxl1NnRtmU8MkvVyXCGQPPuu2YTlbXGl7p83k2yQSaJHYWKG0JWGD4JJS1Tb
hCUPHvPRUN2SwN4Jot8KtyYTFEk1bYV3zI3+gCzzjsjf0M0vsjGBf6aY9fawaInM
loJwhHWWi9Ezk6njxJyvc/TDx+gUIjanzwio54RRmq1Kd5IDApGK+YJ/z0TRe+aB
1nVSVk7mjt9WLYDTyBt+hn8Ehj9xISeR2YqXFCExZDsH00xOdAjWbz9t+kFVKr/e
KSYffo1Kvj15Abtm/LuXcaRqKFDhETNGiuxc0lREPgrmN96Qjg73oVd8SOa94xBO
p06dToI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org