Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/XlbtVb1bLYO-UiOtySWTCH9RogI.roa
File: XlbtVb1bLYO-UiOtySWTCH9RogI.roa (raw, json)
Hash identifier: XTu24d5J3YpP2q9GZ6qY8cLR601/ldmSP/ttjeQAHuo=
Subject key identifier: 5E:56:ED:55:BD:5B:2D:83:BE:52:23:AD:C9:25:93:08:7F:51:A2:02
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018AF4926E6D9D0F3B6967F652AAFE1B210F
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/XlbtVb1bLYO-UiOtySWTCH9RogI.roa
Signing time: Tue 03 Oct 2023 08:05:51 +0000
ROA not before: Tue 03 Oct 2023 08:05:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 46.34.39.0/24 maxlen: 24
46.34.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:92:6e:6d:9d:0f:3b:69:67:f6:52:aa:fe:1b:21:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Oct 3 08:05:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e56ed55bd5b2d83be5223adc92593087f51a202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:01:e2:e8:ff:ee:76:21:66:3e:17:16:dd:9a:
54:b0:08:30:c3:a0:de:6d:5f:d7:23:01:ac:0b:9a:
44:70:43:cd:4d:b5:20:bd:2a:26:0b:e8:fd:81:ba:
02:7b:0c:25:30:98:56:8e:0a:0f:07:01:51:4b:81:
23:d0:23:90:04:c7:7a:ae:01:6d:2f:59:02:d2:02:
f4:ac:ab:a9:d4:d2:d9:86:ba:e6:89:c6:9f:cb:d5:
d6:d7:97:00:f4:fe:fa:0e:57:3d:07:6c:a1:2c:c6:
a5:1b:b9:06:6e:3a:62:ae:aa:d9:e0:7a:f5:1a:17:
fe:6b:71:a3:63:34:1a:d7:ac:6e:1d:b9:bc:83:6e:
e7:9b:2d:b8:cb:7e:1c:c4:b1:d5:d2:f7:11:0e:ab:
03:61:8a:1e:8f:23:f7:57:0b:93:c8:12:8c:ad:50:
4f:80:59:82:aa:14:5e:11:ca:48:9f:f9:4b:c3:0b:
e3:d4:50:ad:13:b3:a6:7d:f0:9a:e3:c2:d2:f9:97:
81:3e:3d:db:55:ec:32:ff:e2:77:99:05:d7:a7:a7:
63:50:88:d5:f7:13:37:7d:8a:d4:7d:ee:96:5a:ed:
c6:06:33:9a:c4:b4:db:ed:eb:96:7d:15:58:b3:02:
4f:28:58:51:cc:da:5a:93:cf:cb:86:76:91:03:4b:
fa:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:56:ED:55:BD:5B:2D:83:BE:52:23:AD:C9:25:93:08:7F:51:A2:02
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/XlbtVb1bLYO-UiOtySWTCH9RogI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.39.0/24
46.34.58.0/24
Signature Algorithm: sha256WithRSAEncryption
52:68:bb:09:ca:ca:a5:23:4c:cf:e6:c2:71:a3:c4:11:a0:d4:
3a:dd:37:96:14:f4:9e:2d:c4:3a:5e:03:4e:fb:12:71:16:b8:
f5:4f:a0:84:9b:c9:15:b5:a2:78:66:3b:dd:80:2a:95:6d:2b:
8e:b6:b8:2c:8f:1b:c4:e6:54:12:ca:74:b2:a4:29:a4:e0:73:
ba:2f:d8:38:3f:a9:b9:06:6d:a1:1c:f2:b6:21:4c:b9:4c:94:
6e:26:6a:41:17:27:86:5b:35:c8:2a:3c:ba:75:b5:92:a5:b8:
46:85:b9:91:bd:19:58:dc:2c:94:6a:28:13:53:fb:74:4d:8a:
3c:ad:aa:56:0a:f3:31:64:5d:56:9a:07:ff:2d:16:3f:e1:de:
93:c5:dc:05:87:98:fa:aa:74:47:d4:ee:1b:f1:d4:8e:c2:94:
34:71:fe:08:1e:6a:5d:36:29:f0:09:c8:e9:3f:b0:9c:3e:67:
a1:06:6d:d9:4e:57:5c:26:e4:cb:67:f8:ca:30:97:01:75:6b:
6e:6d:7b:16:69:4c:34:8b:86:c4:d3:e2:f2:6e:3f:3f:de:ad:
3b:92:72:c1:43:b5:c3:66:44:62:a3:6f:f5:2b:b3:97:1c:cb:
53:5a:8e:79:55:05:93:12:a8:6c:1b:65:d0:fe:30:0f:c7:46:
3c:1f:49:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYr0km5tnQ87aWf2Uqr+GyEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMxMDAzMDgwNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTU2ZWQ1NWJkNWIyZDgzYmU1MjIzYWRjOTI1OTMwODdmNTFhMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswHi6P/udiFmPhcW3ZpUsAgww6De
bV/XIwGsC5pEcEPNTbUgvSomC+j9gboCewwlMJhWjgoPBwFRS4Ej0COQBMd6rgFt
L1kC0gL0rKup1NLZhrrmicafy9XW15cA9P76Dlc9B2yhLMalG7kGbjpirqrZ4Hr1
Ghf+a3GjYzQa16xuHbm8g27nmy24y34cxLHV0vcRDqsDYYoejyP3VwuTyBKMrVBP
gFmCqhReEcpIn/lLwwvj1FCtE7OmffCa48LS+ZeBPj3bVewy/+J3mQXXp6djUIjV
9xM3fYrUfe6WWu3GBjOaxLTb7euWfRVYswJPKFhRzNpak8/LhnaRA0v6iwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF5W7VW9Wy2DvlIjrcklkwh/UaICMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvWGxidFZiMWJMWU8tVWlPdHlTV1RDSDlSb2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiInAwQA
LiI6MA0GCSqGSIb3DQEBCwUAA4IBAQBSaLsJysqlI0zP5sJxo8QRoNQ63TeWFPSe
LcQ6XgNO+xJxFrj1T6CEm8kVtaJ4ZjvdgCqVbSuOtrgsjxvE5lQSynSypCmk4HO6
L9g4P6m5Bm2hHPK2IUy5TJRuJmpBFyeGWzXIKjy6dbWSpbhGhbmRvRlY3CyUaigT
U/t0TYo8rapWCvMxZF1Wmgf/LRY/4d6TxdwFh5j6qnRH1O4b8dSOwpQ0cf4IHmpd
NinwCcjpP7CcPmehBm3ZTldcJuTLZ/jKMJcBdWtubXsWaUw0i4bE0+Lybj8/3q07
knLBQ7XDZkRio2/1K7OXHMtTWo55VQWTEqhsG2XQ/jAPx0Y8H0mA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org