Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/_rl-pF7_vPUpK5acs0g-yL5i84A.roa
File: _rl-pF7_vPUpK5acs0g-yL5i84A.roa (raw, json)
Hash identifier: MjANxAYB5hPwrJOrq1SiW0SCT6gF1d8bMulnervSOUg=
Subject key identifier: FE:B9:7E:A4:5E:FF:BC:F5:29:2B:96:9C:B3:48:3E:C8:BE:62:F3:80
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018A40EA3226A00453C5B6435A313DC9FA8E
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/_rl-pF7_vPUpK5acs0g-yL5i84A.roa
Signing time: Tue 29 Aug 2023 10:50:04 +0000
ROA not before: Tue 29 Aug 2023 10:50:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.39.0/24 maxlen: 24
46.34.42.0/24 maxlen: 24
46.34.43.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.54.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Sep 2023 18:28:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:40:ea:32:26:a0:04:53:c5:b6:43:5a:31:3d:c9:fa:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Aug 29 10:50:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=feb97ea45effbcf5292b969cb3483ec8be62f380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7d:90:18:c6:4c:92:f5:01:ed:78:75:1f:86:
62:b2:f7:7b:26:14:ae:ed:88:e2:b8:54:99:c5:b7:
90:5d:55:c1:c1:07:f4:a8:39:73:4d:95:74:de:33:
92:e4:16:86:3a:cf:c2:a4:68:db:f6:d1:cd:56:c0:
32:b1:07:4c:ad:ab:cf:16:2b:47:0a:cb:3d:19:80:
f0:17:83:72:91:ea:14:32:4a:57:3c:02:ff:f6:1e:
d1:00:89:d7:d6:7d:26:8b:54:b0:89:32:a2:32:58:
d5:77:09:42:f7:f8:b8:53:df:43:66:90:fb:7a:2a:
a1:d4:f9:a0:d3:58:a0:70:e7:2e:35:2a:1e:41:3d:
25:31:c9:6b:6f:d6:b7:b8:e0:48:5f:1d:21:08:c7:
92:24:f4:9e:b5:dd:9b:9e:84:55:0f:9a:e8:74:33:
a2:bd:34:c0:6c:c1:3b:8f:f6:82:2e:83:24:73:92:
27:c6:82:dd:e4:50:7f:b3:56:8d:4c:f2:fb:40:34:
d9:ae:97:e9:51:f7:76:9d:16:a6:2a:e0:ed:b1:6d:
fd:67:80:24:47:e9:5d:06:92:6d:bc:99:4d:55:30:
66:17:04:2f:6f:c8:59:a2:2e:15:20:c4:e9:7b:c6:
82:7f:9f:81:5e:10:bf:cc:3e:97:9d:1d:f1:93:67:
b2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B9:7E:A4:5E:FF:BC:F5:29:2B:96:9C:B3:48:3E:C8:BE:62:F3:80
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/_rl-pF7_vPUpK5acs0g-yL5i84A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.39.0-46.34.40.255
46.34.42.0/23
46.34.54.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:b1:b8:ee:ea:e2:c9:6a:d6:fd:11:5b:a4:2e:7a:04:8a:d2:
a0:b2:0a:0d:45:f0:a9:e8:00:8e:18:a9:b1:0c:c5:32:02:ad:
c6:49:60:79:53:68:e5:5c:34:f6:50:7a:b6:63:66:22:bf:cf:
25:5a:3d:61:5c:77:25:86:ab:1d:08:60:e8:ec:cd:8c:94:77:
54:b5:38:57:8e:f4:d3:62:83:ce:da:c0:44:ae:bf:8b:77:fb:
09:e0:73:e3:19:f0:25:e2:16:1d:c1:97:7e:30:41:fc:6e:aa:
91:7b:40:0f:8b:1d:82:c5:a7:e1:e6:f5:6f:75:2e:fe:67:a5:
15:1e:86:5c:69:1d:d9:31:d6:36:b2:c3:02:d2:22:d6:7d:bc:
37:87:f4:c6:08:43:7b:de:90:e4:e0:8b:db:5a:8f:5a:dd:55:
80:b5:37:70:eb:6a:e9:41:78:74:7b:37:52:27:4c:5e:f8:b1:
68:5b:79:cf:94:40:3f:c7:00:5e:4a:0e:9c:46:56:60:83:7e:
83:45:21:00:e3:97:73:fa:f0:a2:34:4d:7a:97:ac:0b:e6:3a:
13:9c:6c:80:32:be:b0:52:85:4d:c4:b0:bd:10:0d:de:ff:84:
63:10:7c:8a:e5:6b:df:99:e8:16:79:3a:1e:14:37:db:35:23:
90:15:b7:76
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYpA6jImoARTxbZDWjE9yfqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwODI5MTA1MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWI5N2VhNDVlZmZiY2Y1MjkyYjk2OWNiMzQ4M2VjOGJlNjJmMzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkn2QGMZMkvUB7Xh1H4Zisvd7JhSu
7YjiuFSZxbeQXVXBwQf0qDlzTZV03jOS5BaGOs/CpGjb9tHNVsAysQdMravPFitH
Css9GYDwF4NykeoUMkpXPAL/9h7RAInX1n0mi1SwiTKiMljVdwlC9/i4U99DZpD7
eiqh1Pmg01igcOcuNSoeQT0lMclrb9a3uOBIXx0hCMeSJPSetd2bnoRVD5rodDOi
vTTAbME7j/aCLoMkc5InxoLd5FB/s1aNTPL7QDTZrpfpUfd2nRamKuDtsW39Z4Ak
R+ldBpJtvJlNVTBmFwQvb8hZoi4VIMTpe8aCf5+BXhC/zD6XnR3xk2eyXwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFP65fqRe/7z1KSuWnLNIPsi+YvOAMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvX3JsLXBGN192UFVwSzVhY3MwZy15TDVpODRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAUuIiAD
BAAuIiQwDAMEAC4iJwMEAC4iKAMEAS4iKgMEAC4iNgMEAC4iPzANBgkqhkiG9w0B
AQsFAAOCAQEAWrG47uriyWrW/RFbpC56BIrSoLIKDUXwqegAjhipsQzFMgKtxklg
eVNo5Vw09lB6tmNmIr/PJVo9YVx3JYarHQhg6OzNjJR3VLU4V47002KDztrARK6/
i3f7CeBz4xnwJeIWHcGXfjBB/G6qkXtAD4sdgsWn4eb1b3Uu/melFR6GXGkd2THW
NrLDAtIi1n28N4f0xghDe96Q5OCL21qPWt1VgLU3cOtq6UF4dHs3UidMXvixaFt5
z5RAP8cAXkoOnEZWYIN+g0UhAOOXc/rwojRNepesC+Y6E5xsgDK+sFKFTcSwvRAN
3v+EYxB8iuVr35noFnk6HhQ32zUjkBW3dg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org