Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/OKRxVV5kYSPJW1G-n7KBuQSXWvs.roa
File: OKRxVV5kYSPJW1G-n7KBuQSXWvs.roa (raw, json)
Hash identifier: lo1q5EWqQhDSQgdqf/DA/yvEEkqAt5+YQMrftXO3WMg=
Subject key identifier: 38:A4:71:55:5E:64:61:23:C9:5B:51:BE:9F:B2:81:B9:04:97:5A:FB
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018BF9892D696F8D40443662A876BD02AF01
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/OKRxVV5kYSPJW1G-n7KBuQSXWvs.roa
Signing time: Thu 23 Nov 2023 00:16:38 +0000
ROA not before: Thu 23 Nov 2023 00:16:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Nov 2023 11:41:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f9:89:2d:69:6f:8d:40:44:36:62:a8:76:bd:02:af:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Nov 23 00:16:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38a471555e646123c95b51be9fb281b904975afb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1f:03:e0:8d:f9:8f:46:96:8e:1d:df:44:34:
4d:e8:95:93:4b:b7:ba:c2:dd:35:79:62:62:e5:35:
b9:2d:16:67:72:b7:4f:15:e9:cb:84:b3:46:19:3e:
45:fc:1d:e5:a4:39:b4:2c:bb:e0:7e:78:a2:c7:b6:
c3:08:95:f9:c0:f8:b6:6b:da:10:a8:31:c9:7d:28:
e5:8c:4e:7d:a1:c9:05:91:2e:d7:39:e4:59:9e:c9:
4d:32:e3:99:d0:2c:08:22:76:14:10:9e:bb:fc:1e:
9d:2f:57:74:40:72:03:bf:80:a5:a0:47:ac:45:a4:
89:b5:3d:a0:53:97:a7:d6:98:ce:fa:20:cf:2c:67:
92:06:d8:3d:3b:78:1f:e1:d7:bf:c1:22:90:05:6d:
c5:0b:c9:53:5e:c3:99:84:4b:3e:cd:7e:05:18:7d:
73:e2:5a:93:06:87:e8:a3:52:95:59:1f:a3:55:03:
15:65:0d:54:ab:d6:47:2a:f3:39:31:ab:ce:fc:9a:
8f:73:5f:df:1b:34:a5:bd:14:cc:0d:a8:42:ff:a6:
46:a9:86:98:f3:b7:08:29:da:40:42:ff:8e:28:8b:
58:33:3d:02:9a:9d:71:bd:c6:cf:7a:4c:16:6b:ff:
11:85:de:b7:61:19:5d:c3:fd:2c:2e:e2:7f:6a:46:
3d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A4:71:55:5E:64:61:23:C9:5B:51:BE:9F:B2:81:B9:04:97:5A:FB
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/OKRxVV5kYSPJW1G-n7KBuQSXWvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:e2:3b:8a:d9:c0:bb:23:c6:53:f5:df:51:ac:cc:9f:48:01:
aa:44:da:c4:be:c6:a6:4e:b6:9f:27:5c:1a:45:0a:94:a0:de:
5a:cb:01:31:36:23:7d:b3:4d:c5:82:71:02:50:29:36:aa:1f:
a5:fb:82:c5:ab:78:ee:b2:f5:48:65:a3:68:a6:cb:bc:02:2f:
1a:25:59:d5:d2:1e:82:12:50:85:13:fd:9d:a8:45:80:7b:3c:
2d:c1:81:e0:76:32:57:06:0a:7e:60:77:bd:d3:ed:0b:10:28:
52:78:11:96:16:b4:7b:ef:09:86:4d:2e:08:32:99:ad:ca:dd:
b3:26:d2:10:99:54:46:77:a2:f0:f2:8c:bc:41:b4:a8:0e:c7:
26:e1:ad:6c:98:e3:d5:cd:6e:5f:c3:cd:b8:9a:25:35:99:ec:
56:01:bb:db:97:92:50:7a:19:72:a9:be:cd:87:b2:96:76:eb:
d7:c1:af:ca:fb:25:f5:96:d2:d6:aa:24:61:a9:6c:50:94:8d:
0c:95:83:b5:64:1f:66:a1:56:66:2d:0d:a3:0d:2c:61:11:bf:
16:6a:12:b3:01:40:3c:ff:9d:39:e4:c5:97:ee:56:70:6d:30:
9f:99:94:d8:18:f5:22:8b:73:11:aa:fa:e0:71:e0:21:dc:6e:
e8:92:af:60
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYv5iS1pb41ARDZiqHa9Aq8BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMxMTIzMDAxNjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGE0NzE1NTVlNjQ2MTIzYzk1YjUxYmU5ZmIyODFiOTA0OTc1YWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjB8D4I35j0aWjh3fRDRN6JWTS7e6
wt01eWJi5TW5LRZncrdPFenLhLNGGT5F/B3lpDm0LLvgfniix7bDCJX5wPi2a9oQ
qDHJfSjljE59ockFkS7XOeRZnslNMuOZ0CwIInYUEJ67/B6dL1d0QHIDv4CloEes
RaSJtT2gU5en1pjO+iDPLGeSBtg9O3gf4de/wSKQBW3FC8lTXsOZhEs+zX4FGH1z
4lqTBofoo1KVWR+jVQMVZQ1Uq9ZHKvM5MavO/JqPc1/fGzSlvRTMDahC/6ZGqYaY
87cIKdpAQv+OKItYMz0Cmp1xvcbPekwWa/8Rhd63YRldw/0sLuJ/akY9xwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDikcVVeZGEjyVtRvp+ygbkEl1r7MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvT0tSeFZWNWtZU1BKVzFHLW43S0J1UVNYV3ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBAE7iO4rZwLsjxlP1
31GszJ9IAapE2sS+xqZOtp8nXBpFCpSg3lrLATE2I32zTcWCcQJQKTaqH6X7gsWr
eO6y9Uhlo2imy7wCLxolWdXSHoISUIUT/Z2oRYB7PC3BgeB2MlcGCn5gd73T7QsQ
KFJ4EZYWtHvvCYZNLggyma3K3bMm0hCZVEZ3ovDyjLxBtKgOxybhrWyY49XNbl/D
zbiaJTWZ7FYBu9uXklB6GXKpvs2HspZ269fBr8r7JfWW0taqJGGpbFCUjQyVg7Vk
H2ahVmYtDaMNLGERvxZqErMBQDz/nTnkxZfuVnBtMJ+ZlNgY9SKLcxGq+uBx4CHc
buiSr2A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org