Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/k97TMRfg28qtGBxqD-mf2kMR97s.roa
File: k97TMRfg28qtGBxqD-mf2kMR97s.roa (raw, json)
Hash identifier: n5Ea/sBDM2n2VcCKsBs+8VBVCzd8yLTr/QnOTZVL9as=
Subject key identifier: 93:DE:D3:31:17:E0:DB:CA:AD:18:1C:6A:0F:E9:9F:DA:43:11:F7:BB
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0189ACF72DDFB563DCE9A518C34AEE059A2D
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/k97TMRfg28qtGBxqD-mf2kMR97s.roa
Signing time: Mon 31 Jul 2023 17:20:27 +0000
ROA not before: Mon 31 Jul 2023 17:20:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.37.0/24 maxlen: 24
46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 06 Aug 2023 08:55:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ac:f7:2d:df:b5:63:dc:e9:a5:18:c3:4a:ee:05:9a:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jul 31 17:20:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93ded33117e0dbcaad181c6a0fe99fda4311f7bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bd:a7:c9:d8:1e:b4:33:32:66:ec:31:d5:d2:
8f:6d:d4:84:55:24:6e:24:ad:a3:92:b4:7e:81:c6:
85:41:fb:99:c2:46:bd:b9:1d:13:9a:6c:24:2b:32:
6b:c9:7f:a4:47:89:92:c8:74:8f:c3:a7:25:52:29:
a4:08:a8:19:74:a0:a9:c1:9c:27:d0:90:ab:87:f6:
a3:82:8a:d9:6b:1e:83:c8:62:30:63:42:a6:c5:89:
56:cd:be:26:b4:14:eb:78:84:a0:bb:38:15:23:cf:
ec:0a:81:d4:77:12:b6:81:45:10:20:b6:bb:a7:b4:
34:8c:95:09:9d:7a:6e:66:04:4a:58:27:fd:2d:a6:
dc:6e:54:5b:65:11:3c:30:a7:6e:2e:fc:f1:24:68:
0f:8a:bc:35:f0:ec:f3:e0:6c:ee:5a:95:d9:fa:76:
95:35:4f:0e:96:b7:55:9f:08:a2:2c:21:dc:06:83:
00:eb:e8:7c:e0:71:f1:cb:67:48:98:e7:34:15:c2:
2e:c8:b1:00:15:4b:2d:f6:39:0b:7c:a0:25:e4:78:
33:da:c2:76:6a:44:4b:b3:a2:70:dd:86:34:c3:38:
41:26:4a:e6:97:9d:8d:e0:93:6b:6f:01:95:3c:62:
02:45:1e:a2:d0:30:f5:5d:f3:14:49:aa:8a:48:96:
18:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:DE:D3:31:17:E0:DB:CA:AD:18:1C:6A:0F:E9:9F:DA:43:11:F7:BB
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/k97TMRfg28qtGBxqD-mf2kMR97s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.37.255
46.34.40.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
19:56:f4:f4:29:47:cf:38:ff:5f:24:26:1d:75:17:0b:b7:45:
58:3d:49:9b:18:69:3e:ba:4c:f8:bc:a4:53:e8:18:da:ce:da:
d0:ec:ca:41:30:c1:dc:5a:c2:1c:e7:a6:06:c0:34:0a:19:97:
31:0d:c5:35:af:55:a9:e8:49:11:00:bb:e0:64:4c:f7:40:9b:
cf:36:f9:40:68:cf:fa:58:9b:f1:0b:10:a7:69:82:00:79:4e:
3c:f3:6a:b5:ff:6b:24:b8:04:a6:4a:d3:d8:b8:65:0f:f3:67:
99:30:3b:2d:ca:7c:27:97:bb:d0:1e:5d:85:d8:e4:74:8e:71:
39:02:32:a7:35:6a:bc:79:8b:c5:70:0b:fe:e5:f8:31:14:68:
c1:9d:db:2e:17:51:03:af:fa:9a:42:47:e0:ab:c8:4e:51:1c:
eb:4b:db:c0:5e:0f:7d:c3:be:6d:81:01:31:4b:63:15:86:b0:
be:2e:2e:d6:38:f0:95:ec:83:6a:8c:11:83:ce:91:11:7c:4a:
64:a0:6f:79:53:0d:27:c9:24:87:a3:ea:33:27:4b:4f:a1:6c:
1c:01:dc:84:9e:49:05:97:42:7e:2a:cd:66:7e:78:6e:85:74:
e3:17:be:56:64:b0:2e:b8:c1:56:52:c5:bd:c9:64:91:9a:d5:
61:2d:c2:0c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYms9y3ftWPc6aUYw0ruBZotMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwNzMxMTcyMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2RlZDMzMTE3ZTBkYmNhYWQxODFjNmEwZmU5OWZkYTQzMTFmN2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkb2nydgetDMyZuwx1dKPbdSEVSRu
JK2jkrR+gcaFQfuZwka9uR0TmmwkKzJryX+kR4mSyHSPw6clUimkCKgZdKCpwZwn
0JCrh/ajgorZax6DyGIwY0KmxYlWzb4mtBTreISguzgVI8/sCoHUdxK2gUUQILa7
p7Q0jJUJnXpuZgRKWCf9LabcblRbZRE8MKduLvzxJGgPirw18Ozz4GzuWpXZ+naV
NU8OlrdVnwiiLCHcBoMA6+h84HHxy2dImOc0FcIuyLEAFUst9jkLfKAl5Hgz2sJ2
akRLs6Jw3YY0wzhBJkrml52N4JNrbwGVPGICRR6i0DD1XfMUSaqKSJYYfQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJPe0zEX4NvKrRgcag/pn9pDEfe7MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvazk3VE1SZmcyOHF0R0J4cUQtbWYya01SOTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAEuIiQDBAAuIigDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBABlW9PQpR884/18k
Jh11Fwu3RVg9SZsYaT66TPi8pFPoGNrO2tDsykEwwdxawhznpgbANAoZlzENxTWv
VanoSREAu+BkTPdAm882+UBoz/pYm/ELEKdpggB5TjzzarX/ayS4BKZK09i4ZQ/z
Z5kwOy3KfCeXu9AeXYXY5HSOcTkCMqc1arx5i8VwC/7l+DEUaMGd2y4XUQOv+ppC
R+CryE5RHOtL28BeD33Dvm2BATFLYxWGsL4uLtY48JXsg2qMEYPOkRF8SmSgb3lT
DSfJJIej6jMnS0+hbBwB3ISeSQWXQn4qzWZ+eG6FdOMXvlZksC64wVZSxb3JZJGa
1WEtwgw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org