Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/nXPyeZVnYCEPC1XhlmJo7a328R4.roa
File: nXPyeZVnYCEPC1XhlmJo7a328R4.roa (raw, json)
Hash identifier: HWFpJIyQCPw8MPqXrcTkdidDLN2AJmF86oS/xd15wXE=
Subject key identifier: 9D:73:F2:79:95:67:60:21:0F:0B:55:E1:96:62:68:ED:AD:F6:F1:1E
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018B8655DE0E2A9DD24AF321179AA20BDCBA
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/nXPyeZVnYCEPC1XhlmJo7a328R4.roa
Signing time: Tue 31 Oct 2023 15:24:16 +0000
ROA not before: Tue 31 Oct 2023 15:24:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.38.0/24 maxlen: 24
46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Nov 2023 12:54:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:86:55:de:0e:2a:9d:d2:4a:f3:21:17:9a:a2:0b:dc:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Oct 31 15:24:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d73f279956760210f0b55e1966268edadf6f11e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fd:af:fd:31:51:aa:84:52:2e:03:82:98:8a:
3f:0c:1b:12:50:19:09:49:b2:a8:c0:e4:e0:b5:bb:
56:0b:55:14:6d:07:a3:38:7c:7a:75:73:5f:ce:73:
07:d9:bb:60:f6:e0:ca:89:32:5c:60:94:f6:58:14:
45:48:03:95:c1:b7:3e:7b:d6:04:48:aa:ce:6a:11:
ec:62:80:76:1a:06:65:13:d7:fb:67:69:29:f3:ef:
cd:4e:62:23:09:63:e6:82:47:52:6e:90:7a:f7:d9:
d0:70:5e:f3:e7:03:fd:3e:20:0e:49:12:25:d1:13:
e3:d0:29:87:79:33:d7:83:bf:7c:3c:5f:de:9b:16:
8d:32:f5:00:30:e2:8b:54:4c:28:8d:04:ac:63:6d:
21:86:34:7d:d7:fa:d5:73:36:77:37:15:ce:ec:5e:
2e:0d:ce:10:b4:80:ca:5f:46:ac:77:fe:0e:5a:54:
60:4f:46:a0:3c:b5:34:9d:d2:9a:76:a3:34:e6:98:
64:e3:49:39:76:13:86:b7:4a:2f:ec:9e:a1:e8:b0:
98:e3:25:76:ab:fe:5e:e2:70:7e:32:40:6d:ef:ba:
33:9a:35:72:f9:71:c9:8d:10:29:ff:f9:cf:be:57:
c6:ea:7d:97:14:53:bd:26:fe:92:70:ae:80:6c:c9:
c9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:73:F2:79:95:67:60:21:0F:0B:55:E1:96:62:68:ED:AD:F6:F1:1E
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/nXPyeZVnYCEPC1XhlmJo7a328R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.38.0/24
46.34.40.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
75:0d:4d:01:6b:58:df:51:7c:bc:a9:e1:68:29:bc:18:37:a4:
bd:74:a4:c0:fa:10:19:4d:c1:43:c1:d7:7f:3e:e0:17:99:26:
ed:eb:d1:9e:ac:83:43:c2:8a:03:90:fc:39:6b:8c:32:97:2c:
69:28:9b:2b:66:b0:3d:60:bb:68:8f:f5:42:b5:0b:c5:88:bb:
fb:2b:6a:09:0a:04:3b:17:fe:b1:bd:ab:da:7b:fc:80:4a:31:
3a:b8:50:34:59:93:6d:f2:cb:d3:c0:0b:93:c1:cf:b3:6c:4c:
cd:05:cc:ef:02:11:1d:8b:0d:e7:77:e2:47:90:7c:b7:bf:b6:
ab:c2:66:3e:81:ff:e9:bd:52:fc:2e:0c:12:5a:bd:ad:b4:72:
c3:84:4a:66:3e:a3:8f:b6:ea:c4:7b:b0:0e:9b:5f:1a:05:4b:
a5:7b:25:3c:12:6e:79:35:0c:10:a7:9c:e2:89:e3:9e:3d:f9:
dd:c1:b8:bb:6c:c0:23:32:5b:f4:cb:7a:91:0e:74:41:8e:8b:
51:6c:5f:f8:2d:d8:a7:23:a9:cb:5e:5a:3f:bc:ba:df:b2:17:
d3:8a:3c:ce:fc:4b:2a:2f:eb:21:04:5a:1d:9a:eb:a0:3b:68:
9b:22:0a:20:73:ea:70:58:1f:2f:12:37:e7:df:a8:fd:f7:c0:
ba:a1:40:70
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYuGVd4OKp3SSvMhF5qiC9y6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMxMDMxMTUyNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDczZjI3OTk1Njc2MDIxMGYwYjU1ZTE5NjYyNjhlZGFkZjZmMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmP2v/TFRqoRSLgOCmIo/DBsSUBkJ
SbKowOTgtbtWC1UUbQejOHx6dXNfznMH2btg9uDKiTJcYJT2WBRFSAOVwbc+e9YE
SKrOahHsYoB2GgZlE9f7Z2kp8+/NTmIjCWPmgkdSbpB699nQcF7z5wP9PiAOSRIl
0RPj0CmHeTPXg798PF/emxaNMvUAMOKLVEwojQSsY20hhjR91/rVczZ3NxXO7F4u
Dc4QtIDKX0asd/4OWlRgT0agPLU0ndKadqM05phk40k5dhOGt0ov7J6h6LCY4yV2
q/5e4nB+MkBt77ozmjVy+XHJjRAp//nPvlfG6n2XFFO9Jv6ScK6AbMnJrQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJ1z8nmVZ2AhDwtV4ZZiaO2t9vEeMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvblhQeWVaVm5ZQ0VQQzFYaGxtSm83YTMyOFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAUuIiAD
BAAuIiQDBAAuIiYDBAAuIigDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBAHUNTQFr
WN9RfLyp4WgpvBg3pL10pMD6EBlNwUPB138+4BeZJu3r0Z6sg0PCigOQ/DlrjDKX
LGkomytmsD1gu2iP9UK1C8WIu/sragkKBDsX/rG9q9p7/IBKMTq4UDRZk23yy9PA
C5PBz7NsTM0FzO8CER2LDed34keQfLe/tqvCZj6B/+m9UvwuDBJava20csOESmY+
o4+26sR7sA6bXxoFS6V7JTwSbnk1DBCnnOKJ4549+d3BuLtswCMyW/TLepEOdEGO
i1FsX/gt2KcjqcteWj+8ut+yF9OKPM78Syov6yEEWh2a66A7aJsiCiBz6nBYHy8S
N+ffqP33wLqhQHA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org