Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/gVawBHipRlEiK1gnIBRsl9u9DTc.roa
File: gVawBHipRlEiK1gnIBRsl9u9DTc.roa (raw, json)
Hash identifier: XEn4WNk3bwFfE5DB+elfi3NqnJMQHUoDTzbEWv13Lz8=
Subject key identifier: 81:56:B0:04:78:A9:46:51:22:2B:58:27:20:14:6C:97:DB:BD:0D:37
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0186EF8578116FBDE200787A56B72CB610BE
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/gVawBHipRlEiK1gnIBRsl9u9DTc.roa
Signing time: Fri 17 Mar 2023 12:22:26 +0000
ROA not before: Fri 17 Mar 2023 12:22:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/23 maxlen: 23
46.34.40.0/23 maxlen: 23
46.34.47.0/24 maxlen: 24
46.34.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 24 Mar 2023 13:54:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:85:78:11:6f:bd:e2:00:78:7a:56:b7:2c:b6:10:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Mar 17 12:22:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8156b00478a94651222b582720146c97dbbd0d37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e3:f0:03:b8:ab:23:aa:e3:70:4e:0a:eb:92:
04:44:07:79:42:38:f0:18:19:84:fb:40:d7:49:c4:
56:27:af:e0:df:d3:6d:29:d1:e2:eb:32:b8:cc:fa:
47:f4:2b:d2:57:52:41:3d:04:cd:e0:ea:5a:2a:da:
e1:2a:c8:3c:e9:1a:b4:fb:37:7a:b4:34:6b:ac:75:
b0:58:b1:55:fe:d2:1d:8a:d2:da:91:4b:bd:10:a4:
b9:fb:16:57:61:bf:41:ed:0d:8b:40:69:d7:17:e0:
87:f9:3a:51:b8:64:a4:45:e0:6e:a8:5e:43:d2:0a:
d2:c4:34:f4:5b:38:7f:79:45:fd:d2:49:18:d5:a0:
c3:7a:a7:dc:34:51:bb:9f:71:a8:fe:69:e1:18:89:
6c:51:dc:4b:97:e3:bb:71:c3:9f:ac:05:8b:e0:db:
50:f8:8d:b6:1c:53:f5:3f:9d:3a:14:1e:0a:e5:47:
78:ed:32:15:3b:6d:4f:28:d7:4e:45:c4:5f:e4:0d:
d9:1d:d7:6f:e6:28:f4:55:2d:ba:55:8e:6b:6c:03:
fa:2a:bf:b4:8c:d8:15:bc:12:5c:67:30:ad:e8:05:
4b:18:fd:9a:ef:6e:da:08:89:6b:9a:89:1e:2c:e4:
da:21:ce:89:bd:fc:84:dc:f7:32:3a:e6:f6:69:ae:
30:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:56:B0:04:78:A9:46:51:22:2B:58:27:20:14:6C:97:DB:BD:0D:37
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/gVawBHipRlEiK1gnIBRsl9u9DTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.37.255
46.34.40.0/23
46.34.47.0/24
46.34.60.0/22
Signature Algorithm: sha256WithRSAEncryption
18:ae:0d:d3:69:e8:c9:23:00:e9:15:20:32:d4:b4:11:24:8c:
ef:cc:82:fc:0b:45:96:71:4c:75:bf:b3:ab:d7:6d:f2:06:2e:
76:2d:52:84:c5:4b:4d:02:78:3e:2f:1d:80:87:24:11:71:38:
d8:0d:73:e7:09:eb:d6:3b:b1:ef:07:70:91:f7:8a:b9:b4:c7:
b9:db:6d:3d:d0:c5:06:67:0f:a7:6f:43:92:d5:62:f8:ef:ea:
67:4d:89:5f:0e:4e:8f:e5:e0:f3:f1:c7:ba:da:ea:62:8d:62:
d1:2e:f0:e1:ac:e7:c7:d2:04:7b:15:57:d6:16:28:15:76:f2:
fb:6c:c2:d9:fc:a7:8b:5c:cd:f5:b6:44:ac:1b:65:52:63:ab:
21:3d:03:49:fc:85:b0:91:1f:c5:ed:a7:a8:54:16:f4:26:61:
7c:b9:78:75:40:6e:1d:da:dc:02:35:d3:45:fd:4d:9e:c4:ac:
79:c3:31:96:ff:42:fc:31:bb:52:86:c5:63:bb:13:c2:2a:fa:
c2:71:99:2b:b4:71:49:ed:be:fc:8b:12:c7:f0:51:0e:de:cb:
f3:56:06:71:a5:53:69:0b:73:76:7d:da:de:99:af:00:59:f4:
22:3f:9d:17:0f:35:d8:df:14:68:45:20:57:e5:cd:66:42:b1:
a1:05:fb:20
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYbvhXgRb73iAHh6VrcsthC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwMzE3MTIyMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTU2YjAwNDc4YTk0NjUxMjIyYjU4MjcyMDE0NmM5N2RiYmQwZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuPwA7irI6rjcE4K65IERAd5Qjjw
GBmE+0DXScRWJ6/g39NtKdHi6zK4zPpH9CvSV1JBPQTN4OpaKtrhKsg86Rq0+zd6
tDRrrHWwWLFV/tIditLakUu9EKS5+xZXYb9B7Q2LQGnXF+CH+TpRuGSkReBuqF5D
0grSxDT0Wzh/eUX90kkY1aDDeqfcNFG7n3Go/mnhGIlsUdxLl+O7ccOfrAWL4NtQ
+I22HFP1P506FB4K5Ud47TIVO21PKNdORcRf5A3ZHddv5ij0VS26VY5rbAP6Kr+0
jNgVvBJcZzCt6AVLGP2a727aCIlrmokeLOTaIc6JvfyE3PcyOub2aa4wyQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIFWsAR4qUZRIitYJyAUbJfbvQ03MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvZ1Zhd0JIaXBSbEVpSzFnbklCUnNsOXU5RFRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAUuIiAD
BAEuIiQDBAEuIigDBAAuIi8DBAIuIjwwDQYJKoZIhvcNAQELBQADggEBABiuDdNp
6MkjAOkVIDLUtBEkjO/MgvwLRZZxTHW/s6vXbfIGLnYtUoTFS00CeD4vHYCHJBFx
ONgNc+cJ69Y7se8HcJH3irm0x7nbbT3QxQZnD6dvQ5LVYvjv6mdNiV8OTo/l4PPx
x7ra6mKNYtEu8OGs58fSBHsVV9YWKBV28vtswtn8p4tczfW2RKwbZVJjqyE9A0n8
hbCRH8Xtp6hUFvQmYXy5eHVAbh3a3AI100X9TZ7ErHnDMZb/Qvwxu1KGxWO7E8Iq
+sJxmSu0cUntvvyLEsfwUQ7ey/NWBnGlU2kLc3Z92t6ZrwBZ9CI/nRcPNdjfFGhF
IFflzWZCsaEF+yA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org