Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/oDryLbJPNAMsd2K2h--99yiYwfg.roa
File: oDryLbJPNAMsd2K2h--99yiYwfg.roa (raw, json)
Hash identifier: /NpoJP2ntFtvKtxJMF77H+ufCUoqfN3h0Cm8NZsNTzE=
Subject key identifier: A0:3A:F2:2D:B2:4F:34:03:2C:77:62:B6:87:EF:BD:F7:28:98:C1:F8
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0186C24083ABE66AEB72444D2BF6763344BC
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/oDryLbJPNAMsd2K2h--99yiYwfg.roa
Signing time: Wed 08 Mar 2023 17:24:13 +0000
ROA not before: Wed 08 Mar 2023 17:24:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 46.34.42.0/23 maxlen: 23
46.34.38.0/23 maxlen: 23
46.34.48.0/24 maxlen: 24
46.34.49.0/24 maxlen: 24
46.34.55.0/24 maxlen: 24
46.34.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Mar 2023 18:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c2:40:83:ab:e6:6a:eb:72:44:4d:2b:f6:76:33:44:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Mar 8 17:24:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a03af22db24f34032c7762b687efbdf72898c1f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:af:78:d0:74:b4:29:f4:f7:f6:41:5e:fc:93:
41:ab:e6:33:31:08:b7:f9:b4:ff:4f:9f:83:cd:c7:
20:7d:91:34:1e:b3:48:54:7a:e0:44:2a:a0:9b:60:
3f:10:cc:56:2f:b3:42:5a:ab:e5:4a:52:de:96:47:
7e:ce:aa:f8:03:65:b6:c6:40:2a:91:bc:54:8a:4a:
0a:e3:39:37:ae:25:8a:23:23:1a:6d:e4:6d:30:77:
41:11:7d:ad:78:84:f0:26:34:65:10:6f:9f:33:50:
c0:e5:3a:ec:54:0d:45:cb:58:ef:39:97:06:36:94:
52:66:91:46:1c:02:e7:af:a3:fc:97:73:a2:25:28:
39:66:74:b0:8c:38:21:85:fb:68:ad:4a:cf:1e:6f:
34:e8:3f:39:f8:86:d8:3f:29:a7:94:d6:43:00:a8:
2d:cc:39:78:08:ac:8b:a7:4d:11:29:b7:30:51:9b:
39:27:bd:4c:cc:44:da:5c:cf:0c:db:8c:4e:2e:f2:
66:52:4c:44:df:04:27:69:c5:3f:8b:b3:42:73:f0:
2e:4e:3f:bc:6e:57:2b:35:f0:9a:2a:26:65:da:f4:
65:06:ee:7b:14:6b:46:ee:9a:bb:33:c3:0b:c7:7b:
47:44:c2:a2:9a:10:1b:1a:90:a9:a4:77:c0:0a:39:
9d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:3A:F2:2D:B2:4F:34:03:2C:77:62:B6:87:EF:BD:F7:28:98:C1:F8
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/oDryLbJPNAMsd2K2h--99yiYwfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.38.0/23
46.34.42.0/23
46.34.48.0/23
46.34.54.0/23
Signature Algorithm: sha256WithRSAEncryption
31:82:77:ef:ab:d7:26:c4:41:f5:ec:1e:3d:70:92:f1:99:10:
68:99:e4:8a:12:85:6d:8b:c6:12:2b:26:ab:0c:64:66:15:c0:
07:a7:7f:65:be:41:77:a8:c5:4e:f0:16:32:03:ad:fd:e3:23:
aa:80:95:10:de:a0:e5:69:d2:b6:6a:3e:07:3e:93:f1:95:0c:
a0:22:fc:4e:ee:f4:be:c8:d2:cb:29:99:f6:a8:27:a2:80:df:
94:7d:40:64:a8:f2:b0:e5:3f:8d:76:ab:26:c4:17:27:01:e2:
b0:82:ab:09:a9:ad:b1:59:3c:c5:11:ba:8c:d9:4b:cc:68:56:
34:79:3a:71:e5:d9:84:73:27:44:27:66:1a:74:05:9d:88:b3:
75:b5:25:45:8e:0f:1f:48:3e:a2:26:18:82:b7:8b:02:17:af:
45:e7:ec:40:ab:fa:25:d1:e0:33:85:6c:72:9b:c9:4b:4d:8a:
a6:1a:35:42:73:3b:bf:89:b8:74:72:23:eb:ca:ce:69:9d:d4:
02:42:21:9e:38:76:3c:18:0f:6c:47:a4:3c:22:40:75:0f:00:
07:d9:45:0a:c2:16:1e:44:e5:46:e2:12:59:f2:3f:e8:d3:88:
2b:21:f9:62:a8:a3:69:6b:5f:c8:ef:31:b3:46:51:2a:54:8f:
50:0b:81:b1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYbCQIOr5mrrckRNK/Z2M0S8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwMzA4MTcyNDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDNhZjIyZGIyNGYzNDAzMmM3NzYyYjY4N2VmYmRmNzI4OThjMWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgq940HS0KfT39kFe/JNBq+YzMQi3
+bT/T5+DzccgfZE0HrNIVHrgRCqgm2A/EMxWL7NCWqvlSlLelkd+zqr4A2W2xkAq
kbxUikoK4zk3riWKIyMabeRtMHdBEX2teITwJjRlEG+fM1DA5TrsVA1Fy1jvOZcG
NpRSZpFGHALnr6P8l3OiJSg5ZnSwjDghhftorUrPHm806D85+IbYPymnlNZDAKgt
zDl4CKyLp00RKbcwUZs5J71MzETaXM8M24xOLvJmUkxE3wQnacU/i7NCc/AuTj+8
blcrNfCaKiZl2vRlBu57FGtG7pq7M8MLx3tHRMKimhAbGpCppHfACjmdmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKA68i2yTzQDLHditofvvfcomMH4MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvb0RyeUxiSlBOQU1zZDJLMmgtLTk5eWlZd2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLiImAwQB
LiIqAwQBLiIwAwQBLiI2MA0GCSqGSIb3DQEBCwUAA4IBAQAxgnfvq9cmxEH17B49
cJLxmRBomeSKEoVti8YSKyarDGRmFcAHp39lvkF3qMVO8BYyA6394yOqgJUQ3qDl
adK2aj4HPpPxlQygIvxO7vS+yNLLKZn2qCeigN+UfUBkqPKw5T+NdqsmxBcnAeKw
gqsJqa2xWTzFEbqM2UvMaFY0eTpx5dmEcydEJ2YadAWdiLN1tSVFjg8fSD6iJhiC
t4sCF69F5+xAq/ol0eAzhWxym8lLTYqmGjVCczu/ibh0ciPrys5pndQCQiGeOHY8
GA9sR6Q8IkB1DwAH2UUKwhYeROVG4hJZ8j/o04grIfliqKNpa1/I7zGzRlEqVI9Q
C4Gx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org