Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/oh0w8a0uBgd0VSVyBeBymv3XQK0.roa
File: oh0w8a0uBgd0VSVyBeBymv3XQK0.roa (raw, json)
Hash identifier: kF2lbSj6k5K1s/anaGUd+y6qAC0YIgN/EgD8vjfFKBM=
Subject key identifier: A2:1D:30:F1:AD:2E:06:07:74:55:25:72:05:E0:72:9A:FD:D7:40:AD
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018A7FE471D7C9F8DC515B04FE9397324DED
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/oh0w8a0uBgd0VSVyBeBymv3XQK0.roa
Signing time: Sun 10 Sep 2023 16:19:52 +0000
ROA not before: Sun 10 Sep 2023 16:19:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 46.34.37.0/24 maxlen: 24
46.34.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Sep 2023 10:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7f:e4:71:d7:c9:f8:dc:51:5b:04:fe:93:97:32:4d:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Sep 10 16:19:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a21d30f1ad2e06077455257205e0729afdd740ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e5:63:0c:28:51:ff:05:f1:7e:fb:1c:70:da:
3c:c5:b3:d6:75:b2:ba:55:d4:e7:94:3b:d6:5f:50:
5c:7d:82:1c:95:6e:e8:1d:0c:c2:8e:29:f0:46:88:
b8:fb:11:84:ef:6a:73:99:5b:db:ab:cf:e7:22:3b:
ff:dd:5c:04:e7:c1:e7:db:62:50:08:32:90:5d:75:
1f:ea:80:e7:4c:36:00:2d:2d:c4:0c:10:2a:e2:28:
ed:09:60:e3:81:0a:f6:e6:74:90:c7:d3:11:df:41:
e4:1e:56:2f:a8:05:81:37:dc:11:77:e9:f9:68:89:
1f:98:28:a7:8b:13:51:b9:bc:0a:b2:62:63:96:7f:
81:3f:2a:fe:0e:1d:6d:cd:c5:1a:75:61:71:f4:51:
a6:68:54:6c:09:5b:50:40:90:5e:71:cd:d3:02:2f:
45:7f:3d:bd:e4:48:d4:39:0d:ec:eb:56:bf:ca:37:
1c:37:cb:35:31:20:7d:88:d2:4d:23:e4:2d:f0:86:
0f:00:e6:e7:e8:70:22:47:46:7f:f4:fd:a6:f9:f0:
99:b3:5e:2a:d9:21:d9:5c:5d:07:f0:8d:df:6e:29:
07:9f:15:c0:6e:21:ab:6a:b3:d9:cc:49:b0:45:a7:
74:fa:e8:06:71:39:0b:a8:40:4c:c3:41:60:96:05:
5b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:1D:30:F1:AD:2E:06:07:74:55:25:72:05:E0:72:9A:FD:D7:40:AD
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/oh0w8a0uBgd0VSVyBeBymv3XQK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.37.0/24
46.34.61.0/24
Signature Algorithm: sha256WithRSAEncryption
18:24:4f:a0:25:f7:f5:9f:49:43:54:d3:7d:2d:90:68:97:4b:
98:58:b4:29:b0:6f:73:ff:94:90:62:6e:01:12:42:24:47:23:
79:3c:33:fb:07:5b:1a:af:17:d6:9e:76:ae:b1:f2:e9:02:44:
b8:fa:2f:f8:a9:01:4f:bd:a0:e4:7c:7a:3d:ea:5f:bd:87:65:
b5:99:47:a5:d6:ac:fa:94:07:18:df:74:25:bd:4c:00:57:d1:
36:90:ca:cc:d9:2d:97:23:99:5f:68:ec:78:67:75:8a:73:94:
f6:02:a3:3c:64:d7:40:40:c8:de:a2:60:37:d7:6e:8a:66:39:
be:71:ae:f1:44:d3:93:26:c9:d6:a7:44:7a:d3:ce:3b:bd:42:
8c:8d:4c:69:c3:8a:42:bb:a6:3e:cf:6f:4d:f7:eb:21:02:d3:
aa:79:31:54:62:6d:23:2e:ca:a6:1d:1c:23:b6:3a:76:ae:fd:
2a:8e:2e:16:78:bc:05:10:71:2d:f0:ef:fe:12:ce:f3:ce:10:
c3:c2:2d:21:3e:b1:fc:1d:a6:27:47:fc:06:0d:85:14:47:2f:
51:cd:40:6b:e0:79:4c:db:64:1e:67:a4:3f:5e:fe:a6:1b:91:
c0:56:8b:0c:a2:16:c0:68:68:ed:f7:1c:19:d5:48:c1:22:ab:
ac:75:c2:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYp/5HHXyfjcUVsE/pOXMk3tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwOTEwMTYxOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjFkMzBmMWFkMmUwNjA3NzQ1NTI1NzIwNWUwNzI5YWZkZDc0MGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguVjDChR/wXxfvsccNo8xbPWdbK6
VdTnlDvWX1BcfYIclW7oHQzCjinwRoi4+xGE72pzmVvbq8/nIjv/3VwE58Hn22JQ
CDKQXXUf6oDnTDYALS3EDBAq4ijtCWDjgQr25nSQx9MR30HkHlYvqAWBN9wRd+n5
aIkfmCinixNRubwKsmJjln+BPyr+Dh1tzcUadWFx9FGmaFRsCVtQQJBecc3TAi9F
fz295EjUOQ3s61a/yjccN8s1MSB9iNJNI+Qt8IYPAObn6HAiR0Z/9P2m+fCZs14q
2SHZXF0H8I3fbikHnxXAbiGrarPZzEmwRad0+ugGcTkLqEBMw0FglgVbUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKIdMPGtLgYHdFUlcgXgcpr910CtMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvb2gwdzhhMHVCZ2QwVlNWeUJlQnltdjNYUUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiIlAwQA
LiI9MA0GCSqGSIb3DQEBCwUAA4IBAQAYJE+gJff1n0lDVNN9LZBol0uYWLQpsG9z
/5SQYm4BEkIkRyN5PDP7B1sarxfWnnausfLpAkS4+i/4qQFPvaDkfHo96l+9h2W1
mUel1qz6lAcY33QlvUwAV9E2kMrM2S2XI5lfaOx4Z3WKc5T2AqM8ZNdAQMjeomA3
126KZjm+ca7xRNOTJsnWp0R60847vUKMjUxpw4pCu6Y+z29N9+shAtOqeTFUYm0j
LsqmHRwjtjp2rv0qji4WeLwFEHEt8O/+Es7zzhDDwi0hPrH8HaYnR/wGDYUURy9R
zUBr4HlM22QeZ6Q/Xv6mG5HAVosMohbAaGjt9xwZ1UjBIqusdcJT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org