Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/hfm2z8l7tSjpVO_sIB5PQIXZvmY.roa
File: hfm2z8l7tSjpVO_sIB5PQIXZvmY.roa (raw, json)
Hash identifier: NTKrhRqf0wS7iKk+6rSv2lOvmJPMzcI6/x2QM8r7u0Q=
Subject key identifier: 85:F9:B6:CF:C9:7B:B5:28:E9:54:EF:EC:20:1E:4F:40:85:D9:BE:66
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018949179B23F8242260F7AEE618D67CEC90
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/hfm2z8l7tSjpVO_sIB5PQIXZvmY.roa
Signing time: Wed 12 Jul 2023 07:53:51 +0000
ROA not before: Wed 12 Jul 2023 07:53:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.38.0/24 maxlen: 24
46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.44.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Jul 2023 09:51:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:49:17:9b:23:f8:24:22:60:f7:ae:e6:18:d6:7c:ec:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jul 12 07:53:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85f9b6cfc97bb528e954efec201e4f4085d9be66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8d:40:cf:04:70:51:12:d4:f9:92:e8:9c:5b:
25:98:b6:31:cf:76:2b:b1:75:18:00:c6:e5:c5:25:
b7:9d:aa:96:ab:d0:31:32:8a:b8:ab:c6:9d:b5:49:
39:4f:91:00:2e:b1:d8:4a:ac:db:d4:52:9c:22:b1:
41:b2:09:85:0e:6c:52:1d:66:7a:cb:49:68:42:e1:
37:b6:d7:2e:cd:07:4b:df:d9:bd:44:c9:1f:2e:4d:
96:b8:5c:b6:8d:a7:06:19:4b:4a:19:c1:57:28:b1:
03:a8:6e:dc:1f:07:d1:ee:c4:c4:7a:cc:e2:c9:4c:
2f:53:ce:ed:7a:ed:06:b6:e2:a1:40:af:f6:c8:65:
e0:bb:70:8e:e3:68:ca:23:5f:a3:63:55:60:4e:9c:
8b:f1:2c:fe:54:94:cc:22:fc:c3:c5:8d:cf:1e:54:
4a:54:3d:bb:dc:a7:19:cf:a5:82:13:23:7d:ba:2d:
46:17:5e:a9:37:2f:36:65:d8:69:e9:0a:88:26:2e:
6b:0b:8a:6f:1b:ca:77:dc:71:a7:7f:c6:50:f5:7b:
00:ee:5e:cf:20:07:21:cb:ee:9b:2b:89:58:0c:01:
b8:8c:9a:a6:08:d8:ca:8b:b1:32:64:47:81:60:9e:
7f:16:e7:96:68:8a:62:f7:73:35:b2:6d:a0:f0:22:
f1:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F9:B6:CF:C9:7B:B5:28:E9:54:EF:EC:20:1E:4F:40:85:D9:BE:66
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/hfm2z8l7tSjpVO_sIB5PQIXZvmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.38.0/24
46.34.40.0/24
46.34.44.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:f6:8d:80:1d:08:17:ab:d2:6c:a0:46:a6:49:0c:c0:4f:a5:
42:99:cf:34:65:00:23:c7:4d:1d:2d:03:d5:b3:ee:95:5f:c6:
62:46:21:ef:17:12:f8:fc:ee:dd:19:45:18:e7:ed:3e:73:43:
2b:d9:be:4a:a4:9e:42:8e:33:99:77:d9:6f:de:08:18:51:c2:
5c:00:d2:3e:06:84:72:64:8b:d0:ca:3a:ad:50:21:92:df:8d:
e7:ad:bf:e2:ae:1d:6a:22:0e:c5:23:0d:5c:4a:66:87:ae:9d:
79:21:04:ff:f7:d0:94:0e:69:60:d8:9d:61:65:37:cc:ba:3d:
f6:65:65:90:f1:a9:cf:e9:4c:c1:2d:18:0c:77:c9:34:36:d4:
37:ce:6d:19:09:cb:2e:09:ca:ef:aa:45:bd:94:44:42:50:be:
c9:0a:8c:b8:c4:d1:78:8c:ef:72:38:ab:e1:65:eb:b7:61:3a:
11:bd:ce:1e:01:54:5a:10:bb:05:46:e4:1c:9b:0f:b9:2d:12:
01:49:8d:60:bc:aa:56:58:23:c5:c9:82:91:af:dd:48:d4:cd:
3f:60:de:bd:60:3a:04:0e:74:1b:e2:81:62:1f:13:83:6a:2b:
16:2e:4c:ce:aa:1f:c8:a9:a1:3e:cc:dd:af:53:d3:c3:af:38:
8e:b3:6d:32
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYlJF5sj+CQiYPeu5hjWfOyQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwNzEyMDc1MzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWY5YjZjZmM5N2JiNTI4ZTk1NGVmZWMyMDFlNGY0MDg1ZDliZTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY1AzwRwURLU+ZLonFslmLYxz3Yr
sXUYAMblxSW3naqWq9AxMoq4q8adtUk5T5EALrHYSqzb1FKcIrFBsgmFDmxSHWZ6
y0loQuE3ttcuzQdL39m9RMkfLk2WuFy2jacGGUtKGcFXKLEDqG7cHwfR7sTEeszi
yUwvU87teu0GtuKhQK/2yGXgu3CO42jKI1+jY1VgTpyL8Sz+VJTMIvzDxY3PHlRK
VD273KcZz6WCEyN9ui1GF16pNy82Zdhp6QqIJi5rC4pvG8p33HGnf8ZQ9XsA7l7P
IAchy+6bK4lYDAG4jJqmCNjKi7EyZEeBYJ5/FueWaIpi93M1sm2g8CLxCQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIX5ts/Je7Uo6VTv7CAeT0CF2b5mMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvaGZtMno4bDd0U2pwVk9fc0lCNVBRSVhadm1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAUuIiAD
BAAuIiQDBAAuIiYDBAAuIigDBAAuIiwDBAAuIj8wDQYJKoZIhvcNAQELBQADggEB
AGr2jYAdCBer0mygRqZJDMBPpUKZzzRlACPHTR0tA9Wz7pVfxmJGIe8XEvj87t0Z
RRjn7T5zQyvZvkqknkKOM5l32W/eCBhRwlwA0j4GhHJki9DKOq1QIZLfjeetv+Ku
HWoiDsUjDVxKZoeunXkhBP/30JQOaWDYnWFlN8y6PfZlZZDxqc/pTMEtGAx3yTQ2
1DfObRkJyy4Jyu+qRb2UREJQvskKjLjE0XiM73I4q+Fl67dhOhG9zh4BVFoQuwVG
5BybD7ktEgFJjWC8qlZYI8XJgpGv3UjUzT9g3r1gOgQOdBvigWIfE4NqKxYuTM6q
H8ipoT7M3a9T08OvOI6zbTI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org