Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/hMxwFbQt1037GSZcOxWhv49UF_I.roa
File: hMxwFbQt1037GSZcOxWhv49UF_I.roa (raw, json)
Hash identifier: WT9C/TFkCTrmuijoTIJtBuDTRXRoQgyw327CSB14KlM=
Subject key identifier: 84:CC:70:15:B4:2D:D7:4D:FB:19:26:5C:3B:15:A1:BF:8F:54:17:F2
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018CC9BBF1843CF48E0F8EC465085A223B88
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/hMxwFbQt1037GSZcOxWhv49UF_I.roa
Signing time: Tue 02 Jan 2024 10:33:06 +0000
ROA not before: Tue 02 Jan 2024 10:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 46.34.39.0/24 maxlen: 24
46.34.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 10:17:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:f1:84:3c:f4:8e:0f:8e:c4:65:08:5a:22:3b:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jan 2 10:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84cc7015b42dd74dfb19265c3b15a1bf8f5417f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a5:06:87:f1:55:70:68:b1:4d:ce:32:a1:2b:
91:33:d4:30:6a:41:3e:af:a6:76:b3:d7:4b:d7:eb:
cd:1a:15:e1:78:5d:67:36:9d:d5:a7:a6:83:8d:19:
a0:bd:af:4d:4f:81:e4:93:57:ca:c8:e9:87:60:c8:
32:66:7c:18:08:fe:fd:f1:34:86:7e:ad:b8:ed:9c:
72:e8:9f:39:8b:db:bc:a0:e2:fe:a8:c0:8e:92:52:
99:d8:c5:9a:50:8e:84:5d:26:36:6c:ba:4d:0c:56:
0b:9f:3d:99:29:8e:61:fc:ce:a4:c1:9b:68:5d:c9:
fc:1c:26:9d:9c:49:da:99:8c:55:39:1d:02:e6:40:
d9:7d:f5:1a:93:16:16:b1:4d:a8:9f:e7:05:6e:aa:
69:5c:1a:54:51:e6:21:d0:e4:bb:01:17:7f:2f:dc:
f4:39:e3:07:8d:72:5b:a0:03:44:76:cc:3e:f4:57:
fa:d8:a4:d9:85:65:54:61:c4:e7:a6:cf:3c:de:7f:
c8:48:fe:26:ba:ba:cd:49:c9:7a:b9:36:65:b3:50:
b6:a7:28:c0:0b:65:45:d5:49:02:f0:a8:66:89:6a:
93:6c:8d:1d:08:64:71:86:bb:56:48:13:4d:15:67:
ff:ba:68:eb:cc:0d:35:cc:c5:84:8a:d8:b4:a1:59:
b3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:CC:70:15:B4:2D:D7:4D:FB:19:26:5C:3B:15:A1:BF:8F:54:17:F2
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/hMxwFbQt1037GSZcOxWhv49UF_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.39.0/24
46.34.58.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:ac:71:8c:4b:59:28:28:b1:ee:43:5f:d8:31:ba:90:0c:13:
a9:25:c6:2b:09:de:42:9e:c8:f0:4c:10:2f:15:1a:43:64:db:
25:24:fd:64:1c:a8:5d:a5:60:46:92:41:96:0d:a5:dc:0e:0a:
21:6d:32:0c:71:26:e1:8f:5f:2c:f3:d8:a6:42:22:6c:d5:6c:
a2:a2:dc:59:45:77:0a:73:e4:31:c4:79:6e:f2:ba:7e:b5:f9:
a9:d5:1e:44:bc:f8:a9:9b:c4:d6:71:cc:9e:66:10:0d:8c:d0:
9e:75:4e:b6:fb:eb:eb:a7:e5:13:e2:8f:c8:c0:62:62:ac:9e:
f5:d2:6d:d6:ea:b9:85:b4:b9:d6:45:c5:48:cd:ff:91:a0:a3:
47:a8:b8:c6:7e:48:40:56:93:5d:69:39:ff:01:f1:d9:d6:fc:
54:e5:f5:1e:ac:15:50:1d:f9:69:17:df:88:37:2c:28:c3:bc:
79:e1:89:63:d7:37:e2:25:78:b3:46:34:f5:c3:1c:0f:df:8b:
e2:8a:23:9f:5f:c8:d9:3a:20:f4:ca:22:a1:13:35:c2:aa:11:
83:5c:dc:12:c1:e6:43:d7:7f:12:a9:e9:57:f6:53:e9:c5:e2:
61:82:fc:22:6b:1d:f3:a8:bf:bb:7e:f9:ab:b8:a1:7f:de:dd:
a7:9d:a0:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJu/GEPPSOD47EZQhaIjuIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjQwMTAyMTAzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGNjNzAxNWI0MmRkNzRkZmIxOTI2NWMzYjE1YTFiZjhmNTQxN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqUGh/FVcGixTc4yoSuRM9QwakE+
r6Z2s9dL1+vNGhXheF1nNp3Vp6aDjRmgva9NT4Hkk1fKyOmHYMgyZnwYCP798TSG
fq247Zxy6J85i9u8oOL+qMCOklKZ2MWaUI6EXSY2bLpNDFYLnz2ZKY5h/M6kwZto
Xcn8HCadnEnamYxVOR0C5kDZffUakxYWsU2on+cFbqppXBpUUeYh0OS7ARd/L9z0
OeMHjXJboANEdsw+9Ff62KTZhWVUYcTnps883n/ISP4murrNScl6uTZls1C2pyjA
C2VF1UkC8KhmiWqTbI0dCGRxhrtWSBNNFWf/umjrzA01zMWEiti0oVmz7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFITMcBW0LddN+xkmXDsVob+PVBfyMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvaE14d0ZiUXQxMDM3R1NaY094V2h2NDlVRl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiInAwQA
LiI6MA0GCSqGSIb3DQEBCwUAA4IBAQBLrHGMS1koKLHuQ1/YMbqQDBOpJcYrCd5C
nsjwTBAvFRpDZNslJP1kHKhdpWBGkkGWDaXcDgohbTIMcSbhj18s89imQiJs1Wyi
otxZRXcKc+QxxHlu8rp+tfmp1R5EvPipm8TWccyeZhANjNCedU62++vrp+UT4o/I
wGJirJ710m3W6rmFtLnWRcVIzf+RoKNHqLjGfkhAVpNdaTn/AfHZ1vxU5fUerBVQ
HflpF9+INywow7x54Ylj1zfiJXizRjT1wxwP34viiiOfX8jZOiD0yiKhEzXCqhGD
XNwSweZD138SqelX9lPpxeJhgvwiax3zqL+7fvmruKF/3t2nnaCJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org