Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/RyCpL3HXNT5hpfhL3s1ArWsHVwo.roa
File: RyCpL3HXNT5hpfhL3s1ArWsHVwo.roa (raw, json)
Hash identifier: nelAHMjYzIUUqH6yINb3iDljte7iOo7LUC6kE+RKRZs=
Subject key identifier: 47:20:A9:2F:71:D7:35:3E:61:A5:F8:4B:DE:CD:40:AD:6B:07:57:0A
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 01874CC46D9A5480605DAE505E064E735DAB
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/RyCpL3HXNT5hpfhL3s1ArWsHVwo.roa
Signing time: Tue 04 Apr 2023 14:55:54 +0000
ROA not before: Tue 04 Apr 2023 14:55:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 10 Apr 2023 10:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4c:c4:6d:9a:54:80:60:5d:ae:50:5e:06:4e:73:5d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Apr 4 14:55:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4720a92f71d7353e61a5f84bdecd40ad6b07570a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:46:ac:0e:d3:38:fd:0a:d3:c2:9e:5c:a1:6f:
2a:d3:a0:23:d0:02:0f:50:60:01:02:27:40:82:3d:
d5:6c:87:4d:9d:60:b0:0a:b9:58:b7:56:f5:46:72:
f8:d4:d5:9e:4c:e2:a0:0e:99:ef:6a:e2:16:e2:82:
11:68:a5:d0:07:d7:98:5a:b5:e9:0d:41:d0:38:94:
25:52:24:6a:61:ad:b3:7a:78:17:13:01:ff:e3:15:
83:a2:79:be:62:a4:b3:7a:e4:9e:a4:bb:80:c6:17:
4d:ec:60:c5:d6:2a:08:57:99:a0:98:4e:20:e9:e2:
66:83:e4:19:cf:e4:aa:4a:da:ce:8d:6e:f8:fa:94:
fb:98:0b:c1:7a:f8:3b:a4:da:56:05:53:91:19:a3:
27:06:33:d7:f2:73:43:9e:8a:ff:5e:a4:51:71:90:
60:91:3f:3d:0f:ce:5f:0d:c1:5c:23:26:64:e5:7b:
76:99:87:a1:29:0d:26:1d:d7:40:0e:f2:5c:e2:35:
5b:e4:20:75:31:23:d9:0b:95:cd:4f:29:dd:ce:1c:
c2:85:c1:fc:dc:c2:96:f3:01:26:e7:dc:d5:b2:fc:
46:bf:a9:4d:90:1f:0c:0f:03:f2:2e:e8:36:16:81:
77:3c:79:a1:83:74:46:1a:16:8a:c1:6b:c9:69:50:
73:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:20:A9:2F:71:D7:35:3E:61:A5:F8:4B:DE:CD:40:AD:6B:07:57:0A
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/RyCpL3HXNT5hpfhL3s1ArWsHVwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.60.0/22
Signature Algorithm: sha256WithRSAEncryption
62:e8:56:62:fb:71:33:f6:b7:b9:3d:86:c9:a4:72:fd:1a:1f:
07:40:65:49:e7:50:5c:59:6d:82:6f:0c:31:1c:0c:50:7a:dc:
c2:2b:1d:95:5e:b5:54:5c:ba:60:4b:af:2b:e1:8c:73:73:af:
ab:34:2f:94:e7:42:e3:6f:77:b8:53:1e:f5:62:fe:7c:db:4b:
03:45:15:1a:2e:5f:6c:a0:1a:19:6b:98:25:00:93:05:a5:82:
46:e4:7d:24:d4:84:ab:7a:64:1e:25:ae:d8:1a:ef:f9:f1:81:
fb:d4:df:1a:33:1f:a8:9b:2e:97:ad:a1:c9:6d:b1:d7:ba:16:
23:60:0e:5c:ef:08:72:af:ff:17:c7:d3:2a:2a:b0:47:52:ea:
9b:1c:57:52:63:a6:dc:16:1f:87:a5:30:84:bb:76:f1:03:1b:
3f:b1:f3:91:9f:b4:0d:cc:72:a0:60:12:ee:90:1b:66:f0:70:
85:c0:9a:37:f7:f9:b0:d4:32:d0:3a:05:c5:7f:32:5b:b5:a0:
f7:f6:e2:08:95:31:8b:12:99:cd:4c:a8:66:7d:1b:46:a9:7b:
49:04:f5:7b:18:8e:3d:e5:24:b4:35:16:6f:72:d4:3a:59:f0:
d8:eb:fe:84:72:67:3b:79:45:f5:16:bf:49:88:d1:ce:b7:8a:
30:c2:59:ac
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYdMxG2aVIBgXa5QXgZOc12rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwNDA0MTQ1NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzIwYTkyZjcxZDczNTNlNjFhNWY4NGJkZWNkNDBhZDZiMDc1NzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkasDtM4/QrTwp5coW8q06Aj0AIP
UGABAidAgj3VbIdNnWCwCrlYt1b1RnL41NWeTOKgDpnvauIW4oIRaKXQB9eYWrXp
DUHQOJQlUiRqYa2zengXEwH/4xWDonm+YqSzeuSepLuAxhdN7GDF1ioIV5mgmE4g
6eJmg+QZz+SqStrOjW74+pT7mAvBevg7pNpWBVORGaMnBjPX8nNDnor/XqRRcZBg
kT89D85fDcFcIyZk5Xt2mYehKQ0mHddADvJc4jVb5CB1MSPZC5XNTyndzhzChcH8
3MKW8wEm59zVsvxGv6lNkB8MDwPyLug2FoF3PHmhg3RGGhaKwWvJaVBzfQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEcgqS9x1zU+YaX4S97NQK1rB1cKMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvUnlDcEwzSFhOVDVocGZoTDNzMUFyV3NIVndvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAIuIjwwDQYJKoZIhvcNAQELBQADggEBAGLoVmL7cTP2t7k9
hsmkcv0aHwdAZUnnUFxZbYJvDDEcDFB63MIrHZVetVRcumBLryvhjHNzr6s0L5Tn
QuNvd7hTHvVi/nzbSwNFFRouX2ygGhlrmCUAkwWlgkbkfSTUhKt6ZB4lrtga7/nx
gfvU3xozH6ibLpetocltsde6FiNgDlzvCHKv/xfH0yoqsEdS6pscV1JjptwWH4el
MIS7dvEDGz+x85GftA3McqBgEu6QG2bwcIXAmjf3+bDUMtA6BcV/Mlu1oPf24giV
MYsSmc1MqGZ9G0ape0kE9XsYjj3lJLQ1Fm9y1DpZ8Njr/oRyZzt5RfUWv0mI0c63
ijDCWaw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org