Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/NChjQlpJv64hYkhUoKhhcrVkjDo.roa
File: NChjQlpJv64hYkhUoKhhcrVkjDo.roa (raw, json)
Hash identifier: EsKEaV54VEAU/II7qM9VViMha/NU4hsSgAJ9OsgNV0k=
Subject key identifier: 34:28:63:42:5A:49:BF:AE:21:62:48:54:A0:A8:61:72:B5:64:8C:3A
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018AF165713DBB510C8949AE3A5A4ED37E82
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/NChjQlpJv64hYkhUoKhhcrVkjDo.roa
Signing time: Mon 02 Oct 2023 17:17:51 +0000
ROA not before: Mon 02 Oct 2023 17:17:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 46.34.39.0/24 maxlen: 24
46.34.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Nov 2023 22:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f1:65:71:3d:bb:51:0c:89:49:ae:3a:5a:4e:d3:7e:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Oct 2 17:17:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=342863425a49bfae21624854a0a86172b5648c3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b1:52:d6:e4:47:4f:ca:03:f1:4c:26:a5:9e:
d3:a2:20:bc:ee:2d:04:d3:cf:08:3a:eb:a4:e7:da:
88:de:1b:f0:26:ab:72:96:2c:ea:b2:aa:d8:5f:1b:
b2:7a:9b:2a:0a:6b:db:42:fe:83:36:1a:fe:8d:35:
39:4c:95:dd:72:a2:a3:c2:53:2c:fa:cf:cb:f0:b0:
d5:dd:c4:e2:6c:5a:79:18:a4:4a:e2:27:7f:2a:31:
93:cd:be:9f:39:e4:21:fb:79:2e:fb:d4:f0:d0:40:
2d:2a:38:78:38:a7:61:f9:16:6d:ff:52:84:82:c6:
ad:34:12:2d:84:a3:ff:2b:cf:56:f5:61:d0:89:c5:
fc:b2:66:55:b3:a3:fb:41:0f:9c:94:f6:13:11:10:
54:ad:86:14:dc:29:2d:88:be:22:0c:7a:71:f4:ef:
88:79:f0:99:09:ae:a6:e3:6e:f8:eb:1d:06:50:44:
44:54:d7:8e:10:10:b3:24:19:a2:77:3c:60:ac:f0:
37:2d:5d:98:fd:82:3d:2c:25:9d:0e:6b:da:cf:8c:
52:db:8b:03:12:13:89:59:dc:b2:c5:77:96:eb:b2:
53:95:c1:d1:8c:e9:ba:3f:77:64:26:c6:1e:c0:ec:
6f:c4:63:27:34:e3:ff:99:1c:cf:c0:65:56:c1:a0:
03:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:28:63:42:5A:49:BF:AE:21:62:48:54:A0:A8:61:72:B5:64:8C:3A
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/NChjQlpJv64hYkhUoKhhcrVkjDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.39.0/24
46.34.58.0/24
Signature Algorithm: sha256WithRSAEncryption
57:33:9e:74:9d:16:8f:3d:ec:a2:d0:71:49:de:af:3d:bf:20:
cc:5c:7f:51:31:11:de:74:27:c7:db:a6:ec:23:76:29:ab:a7:
d4:8e:f7:a5:a5:b6:dc:75:a1:16:b3:af:c4:e3:65:72:da:37:
19:4a:8b:2d:94:a1:32:5a:63:5a:53:31:b0:3f:25:74:86:ca:
66:c0:16:cb:58:1a:80:98:10:fd:ae:7b:c5:8c:6b:c5:10:e5:
1d:8f:af:da:af:37:b5:cf:17:25:c7:2f:d7:34:af:f0:da:14:
a6:9b:4c:38:e6:b4:b4:be:56:87:8e:40:98:a2:cf:18:99:7d:
55:ba:44:c3:5b:71:71:fe:7b:7a:18:cc:6e:47:04:88:64:76:
30:28:25:18:18:f4:d2:6e:13:a2:c9:95:76:3e:ec:94:5e:00:
44:0d:f9:db:c3:bb:1b:27:d8:43:72:31:0e:1b:46:c9:e8:99:
43:fe:35:1c:2d:52:d7:6b:7e:39:a2:f4:f1:b2:83:df:c3:92:
3d:d2:83:3b:30:aa:72:e2:8a:7a:8d:31:ec:42:a7:ad:39:99:
e2:44:1a:84:89:6b:96:44:6c:40:92:fc:d0:9c:5a:9e:4c:bc:
df:1c:c8:97:af:3a:11:91:3f:18:9d:c5:47:14:ce:41:de:a5:
b1:60:47:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrxZXE9u1EMiUmuOlpO036CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMxMDAyMTcxNzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDI4NjM0MjVhNDliZmFlMjE2MjQ4NTRhMGE4NjE3MmI1NjQ4YzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7FS1uRHT8oD8UwmpZ7ToiC87i0E
088IOuuk59qI3hvwJqtylizqsqrYXxuyepsqCmvbQv6DNhr+jTU5TJXdcqKjwlMs
+s/L8LDV3cTibFp5GKRK4id/KjGTzb6fOeQh+3ku+9Tw0EAtKjh4OKdh+RZt/1KE
gsatNBIthKP/K89W9WHQicX8smZVs6P7QQ+clPYTERBUrYYU3CktiL4iDHpx9O+I
efCZCa6m42746x0GUEREVNeOEBCzJBmidzxgrPA3LV2Y/YI9LCWdDmvaz4xS24sD
EhOJWdyyxXeW67JTlcHRjOm6P3dkJsYewOxvxGMnNOP/mRzPwGVWwaADRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDQoY0JaSb+uIWJIVKCoYXK1ZIw6MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvTkNoalFscEp2NjRoWWtoVW9LaGhjclZrakRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiInAwQA
LiI6MA0GCSqGSIb3DQEBCwUAA4IBAQBXM550nRaPPeyi0HFJ3q89vyDMXH9RMRHe
dCfH26bsI3Ypq6fUjvelpbbcdaEWs6/E42Vy2jcZSostlKEyWmNaUzGwPyV0hspm
wBbLWBqAmBD9rnvFjGvFEOUdj6/arze1zxclxy/XNK/w2hSmm0w45rS0vlaHjkCY
os8YmX1VukTDW3Fx/nt6GMxuRwSIZHYwKCUYGPTSbhOiyZV2PuyUXgBEDfnbw7sb
J9hDcjEOG0bJ6JlD/jUcLVLXa345ovTxsoPfw5I90oM7MKpy4op6jTHsQqetOZni
RBqEiWuWRGxAkvzQnFqeTLzfHMiXrzoRkT8YncVHFM5B3qWxYEez
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org