Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/kcwIEMZDjqu2JKHY9CBpbaY3hZ0.roa
File: kcwIEMZDjqu2JKHY9CBpbaY3hZ0.roa (raw, json)
Hash identifier: kRhFpyRvak5FSK+I43jWUmKu7anMZSqTsGIjggyxnJE=
Subject key identifier: 91:CC:08:10:C6:43:8E:AB:B6:24:A1:D8:F4:20:69:6D:A6:37:85:9D
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018943F5D5D9AEB5543A72B4CAC2094A7642
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/kcwIEMZDjqu2JKHY9CBpbaY3hZ0.roa
Signing time: Tue 11 Jul 2023 07:58:51 +0000
ROA not before: Tue 11 Jul 2023 07:58:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 46.34.42.0/23 maxlen: 23
46.34.55.0/24 maxlen: 24
46.34.54.0/24 maxlen: 24
46.34.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Jul 2023 09:51:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:43:f5:d5:d9:ae:b5:54:3a:72:b4:ca:c2:09:4a:76:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jul 11 07:58:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91cc0810c6438eabb624a1d8f420696da637859d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:89:d0:97:ce:fd:a1:d6:23:4a:14:17:a6:3a:
4c:6d:d5:a7:29:d0:ac:ea:5c:98:ff:df:b8:18:93:
29:c3:de:ca:c1:49:85:57:41:1a:d1:2c:80:53:3c:
ce:e2:58:44:bc:0f:bf:23:18:07:f5:e8:ca:f1:e4:
0d:77:be:e9:2e:80:02:91:21:57:67:42:36:31:4e:
47:02:3e:8b:64:e4:79:f2:87:31:5c:8f:ae:2d:5b:
ec:61:58:80:4d:cc:ee:69:d3:48:82:64:99:98:f4:
ab:84:e0:ed:07:f2:16:04:f1:32:fd:7e:1b:ca:23:
ec:84:a7:96:e8:64:ad:00:07:a7:bc:4b:1f:78:a9:
ee:d9:a3:be:8b:a8:f9:37:74:16:b9:a2:94:43:60:
2b:d3:f0:35:1e:c5:ea:47:a7:e2:92:01:71:76:63:
23:d6:f6:da:80:c4:9c:c6:0f:4b:28:ba:1f:6f:bb:
db:22:61:5f:b8:0d:74:01:b9:a6:f3:b9:d5:e1:b5:
0b:3e:c7:b2:84:87:fe:d7:39:4b:3b:9b:8a:c4:8a:
85:81:a1:a2:55:2b:b7:3a:f2:dd:11:ce:d8:2e:90:
cc:9b:d5:f8:14:1f:f0:c1:1f:f7:16:7d:a5:f4:bf:
c9:a4:34:60:44:ba:d7:39:19:29:a8:8a:10:68:d0:
0a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:CC:08:10:C6:43:8E:AB:B6:24:A1:D8:F4:20:69:6D:A6:37:85:9D
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/kcwIEMZDjqu2JKHY9CBpbaY3hZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.42.0/23
46.34.54.0/23
46.34.62.0/24
Signature Algorithm: sha256WithRSAEncryption
11:21:56:76:ad:8f:b4:2c:dd:b3:7f:f7:68:8f:de:8a:47:08:
b6:5d:99:09:73:ee:bc:d2:2f:76:cb:43:d1:b0:8d:1d:d8:25:
1e:0c:ee:35:7f:c4:b7:63:ec:28:c9:6a:d6:16:92:50:87:bb:
6b:b1:01:f7:47:9f:88:bb:ca:de:7c:e2:ea:95:1d:42:3f:ae:
30:e9:d0:ad:c2:79:7a:44:c0:6b:8a:40:e7:8d:35:b6:87:0f:
12:5a:36:fe:5a:20:82:2d:a7:70:8f:0c:3f:f5:0d:0b:70:15:
92:43:3f:61:d3:ea:34:9a:ad:d4:0c:b0:15:b7:4f:9a:38:36:
27:7c:5f:f7:d5:73:95:8f:9c:dd:d2:0d:95:27:1d:0c:89:bb:
64:d9:36:ff:c9:16:d1:01:96:e5:1a:d4:23:81:a5:d4:99:19:
45:85:f5:2f:a9:6d:80:1f:f8:66:d1:47:10:5b:e4:6d:28:8c:
98:9f:1e:3e:22:ae:a9:b7:e8:ba:9a:d6:ba:87:d5:41:6c:e8:
18:98:10:3a:46:e8:1a:36:18:a1:44:89:9d:37:f2:25:45:13:
ea:fe:60:b8:01:7e:81:af:6b:34:1e:24:ce:fb:f3:bc:a8:b6:
05:65:e1:cd:be:ca:ef:e6:0c:90:08:d9:37:15:95:a3:ac:f5:
1f:4e:82:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlD9dXZrrVUOnK0ysIJSnZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwNzExMDc1ODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWNjMDgxMGM2NDM4ZWFiYjYyNGExZDhmNDIwNjk2ZGE2Mzc4NTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYnQl879odYjShQXpjpMbdWnKdCs
6lyY/9+4GJMpw97KwUmFV0Ea0SyAUzzO4lhEvA+/IxgH9ejK8eQNd77pLoACkSFX
Z0I2MU5HAj6LZOR58ocxXI+uLVvsYViATczuadNIgmSZmPSrhODtB/IWBPEy/X4b
yiPshKeW6GStAAenvEsfeKnu2aO+i6j5N3QWuaKUQ2Ar0/A1HsXqR6fikgFxdmMj
1vbagMScxg9LKLofb7vbImFfuA10Abmm87nV4bULPseyhIf+1zlLO5uKxIqFgaGi
VSu3OvLdEc7YLpDMm9X4FB/wwR/3Fn2l9L/JpDRgRLrXORkpqIoQaNAKzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJHMCBDGQ46rtiSh2PQgaW2mN4WdMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEva2N3SUVNWkRqcXUySktIWTlDQnBiYVkzaFowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLiIqAwQB
LiI2AwQALiI+MA0GCSqGSIb3DQEBCwUAA4IBAQARIVZ2rY+0LN2zf/doj96KRwi2
XZkJc+680i92y0PRsI0d2CUeDO41f8S3Y+woyWrWFpJQh7trsQH3R5+Iu8refOLq
lR1CP64w6dCtwnl6RMBrikDnjTW2hw8SWjb+WiCCLadwjww/9Q0LcBWSQz9h0+o0
mq3UDLAVt0+aODYnfF/31XOVj5zd0g2VJx0Mibtk2Tb/yRbRAZblGtQjgaXUmRlF
hfUvqW2AH/hm0UcQW+RtKIyYnx4+Iq6pt+i6mta6h9VBbOgYmBA6RugaNhihRImd
N/IlRRPq/mC4AX6Br2s0HiTO+/O8qLYFZeHNvsrv5gyQCNk3FZWjrPUfToIV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org