Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Qb7NBKcAlMGLHuFPgZzXLbd4gM8.roa
File: Qb7NBKcAlMGLHuFPgZzXLbd4gM8.roa (raw, json)
Hash identifier: QX9GbkauDdbCeBuKcdo163+onHhHy5HTNALHrDB9HLg=
Subject key identifier: 41:BE:CD:04:A7:00:94:C1:8B:1E:E1:4F:81:9C:D7:2D:B7:78:80:CF
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018CB1049BC16C6C9EE81001BCC9C1067442
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Qb7NBKcAlMGLHuFPgZzXLbd4gM8.roa
Signing time: Thu 28 Dec 2023 15:21:58 +0000
ROA not before: Thu 28 Dec 2023 15:21:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b1:04:9b:c1:6c:6c:9e:e8:10:01:bc:c9:c1:06:74:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Dec 28 15:21:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41becd04a70094c18b1ee14f819cd72db77880cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:24:f0:bf:c4:3c:fa:52:7d:1d:57:66:a1:8e:
d5:8f:63:53:e7:2f:23:14:72:92:e4:51:e6:70:81:
97:50:2a:39:63:25:4d:df:75:21:e0:f7:b5:80:21:
91:6b:3f:e2:49:ca:66:f9:88:a2:5b:14:5f:31:9d:
fb:94:ae:14:10:08:2d:e2:9f:ee:4b:2d:e4:42:dd:
5c:aa:9f:92:3e:6d:9f:22:84:6d:d6:5f:56:5a:cf:
35:6b:1b:6e:7a:44:72:d7:fa:73:39:09:08:5f:6e:
2f:5e:e3:88:39:18:fb:4f:f5:0a:ec:17:b9:b4:8b:
23:7a:7b:1c:ad:95:a6:f5:9f:c4:9e:fa:84:3b:18:
51:a3:b3:bd:52:46:71:20:df:51:ea:5c:3a:fa:ae:
f4:bf:65:50:51:fb:ad:33:01:47:9f:43:07:08:49:
a3:a0:d9:cd:fd:cc:33:0a:e0:73:7d:27:e8:23:fa:
7f:d4:86:ee:c0:c0:11:c2:3f:40:37:29:4d:36:3c:
61:b4:35:08:37:29:e0:11:32:c0:a9:e6:f7:87:d2:
da:35:32:0d:a4:3a:37:b5:59:6a:06:da:df:6b:bb:
78:da:05:c0:50:7a:76:9a:ae:02:4b:f8:13:b5:25:
8d:5f:ee:f6:e1:96:e7:0a:60:26:09:d4:3f:56:fc:
e0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:BE:CD:04:A7:00:94:C1:8B:1E:E1:4F:81:9C:D7:2D:B7:78:80:CF
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Qb7NBKcAlMGLHuFPgZzXLbd4gM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
06:e6:26:ce:61:ec:82:17:f9:ef:2b:3e:a2:24:7a:24:6d:c9:
78:3a:20:c9:4a:04:4a:f5:ad:15:16:bd:3c:49:3c:b8:c7:a1:
32:7d:5e:a9:a8:ef:a9:96:f5:32:e1:3c:9a:7f:6d:10:8d:0d:
a6:1f:5a:28:1f:89:1f:27:af:2b:90:52:57:29:02:51:04:c3:
f6:de:b4:1c:2e:09:e8:49:ba:f7:42:98:07:ba:3d:8d:c3:c1:
46:d8:03:2a:13:64:7c:8d:f2:66:3f:d2:98:26:ea:29:6f:70:
8d:43:95:74:69:f3:21:e5:fc:be:19:3e:51:c0:4a:9f:b4:cd:
f1:4c:13:52:7b:17:8f:46:d9:ff:38:8c:97:93:02:a3:b0:6e:
fa:66:a8:8a:0d:bf:6b:4f:65:e5:2e:a6:1d:8b:dd:c3:4a:e1:
01:b4:4e:29:0f:cd:a1:6c:b4:0f:cf:23:72:7b:8d:f3:ec:7b:
3a:43:dc:28:da:9b:a9:ae:e1:b3:7e:66:fe:aa:ad:b2:ba:c1:
42:93:ae:9c:4c:e7:67:7b:c4:ed:50:69:b8:f1:e9:03:ba:12:
57:7a:f6:ad:4a:34:c8:37:04:6f:89:58:32:31:24:c4:a3:f0:
5c:83:71:f8:ac:5a:f5:13:1b:a8:5b:b1:05:ba:b1:b6:6d:00:
63:a4:b8:98
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYyxBJvBbGye6BABvMnBBnRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMxMjI4MTUyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWJlY2QwNGE3MDA5NGMxOGIxZWUxNGY4MTljZDcyZGI3Nzg4MGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCTwv8Q8+lJ9HVdmoY7Vj2NT5y8j
FHKS5FHmcIGXUCo5YyVN33Uh4Pe1gCGRaz/iScpm+YiiWxRfMZ37lK4UEAgt4p/u
Sy3kQt1cqp+SPm2fIoRt1l9WWs81axtuekRy1/pzOQkIX24vXuOIORj7T/UK7Be5
tIsjenscrZWm9Z/EnvqEOxhRo7O9UkZxIN9R6lw6+q70v2VQUfutMwFHn0MHCEmj
oNnN/cwzCuBzfSfoI/p/1IbuwMARwj9ANylNNjxhtDUINyngETLAqeb3h9LaNTIN
pDo3tVlqBtrfa7t42gXAUHp2mq4CS/gTtSWNX+724ZbnCmAmCdQ/VvzgcQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEG+zQSnAJTBix7hT4Gc1y23eIDPMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvUWI3TkJLY0FsTUdMSHVGUGdaelhMYmQ0Z004LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBAAbmJs5h7IIX+e8r
PqIkeiRtyXg6IMlKBEr1rRUWvTxJPLjHoTJ9Xqmo76mW9TLhPJp/bRCNDaYfWigf
iR8nryuQUlcpAlEEw/betBwuCehJuvdCmAe6PY3DwUbYAyoTZHyN8mY/0pgm6ilv
cI1DlXRp8yHl/L4ZPlHASp+0zfFME1J7F49G2f84jJeTAqOwbvpmqIoNv2tPZeUu
ph2L3cNK4QG0TikPzaFstA/PI3J7jfPsezpD3Cjam6mu4bN+Zv6qrbK6wUKTrpxM
52d7xO1Qabjx6QO6Eld69q1KNMg3BG+JWDIxJMSj8FyDcfisWvUTG6hbsQW6sbZt
AGOkuJg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org