Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/oxPPleg4kR-CFVFUgJ4gE9Tlyfk.roa
File: oxPPleg4kR-CFVFUgJ4gE9Tlyfk.roa (raw, json)
Hash identifier: NLQ/eKdULTISBirLlDwcJJBql6P33LVb+HTU+i7M3w4=
Subject key identifier: A3:13:CF:95:E8:38:91:1F:82:15:51:54:80:9E:20:13:D4:E5:C9:F9
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 01889A99840B1519BCE8879BBE236846C559
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/oxPPleg4kR-CFVFUgJ4gE9Tlyfk.roa
Signing time: Thu 08 Jun 2023 10:42:12 +0000
ROA not before: Thu 08 Jun 2023 10:42:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.45.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Jun 2023 16:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:99:84:0b:15:19:bc:e8:87:9b:be:23:68:46:c5:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jun 8 10:42:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a313cf95e838911f82155154809e2013d4e5c9f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c9:44:df:e7:bd:ac:50:c4:18:ba:0d:82:64:
13:e8:48:40:2a:2b:5c:c2:cf:93:e3:e2:60:3b:78:
ca:e7:d7:7c:1b:1e:d8:ba:9b:71:9c:80:8f:1a:06:
47:f5:dc:bb:40:ac:02:c9:6c:c5:59:2a:ec:36:f4:
c4:fb:f3:38:dc:98:ee:74:e4:6d:0d:86:ac:56:75:
54:37:96:c0:4a:97:3c:81:98:ab:69:f7:61:22:df:
d9:ee:39:5f:eb:45:31:61:02:9a:ee:b9:7a:f9:30:
e6:57:26:94:3f:be:89:f5:38:8c:2e:96:e8:03:6e:
50:3e:c8:e3:3b:f4:c2:f2:a7:ee:10:01:12:66:d3:
31:72:bf:5b:49:a7:90:f7:db:a4:25:af:4b:9a:48:
55:85:38:f7:01:b6:fc:12:07:c2:63:0d:7c:57:c0:
d0:dd:2c:27:11:fb:d1:a2:3f:09:61:bb:f2:4d:74:
08:0d:73:bb:45:84:f8:77:46:85:13:14:30:de:fe:
73:cc:1d:6e:20:6a:2b:30:3e:4e:72:24:21:48:77:
12:ae:42:a7:eb:ba:07:52:09:ce:0a:62:07:57:2e:
62:fb:9e:68:e2:36:15:62:ae:d8:fb:59:7f:95:c7:
98:90:92:d9:d0:91:22:5c:c8:7e:0b:a4:c3:d6:3f:
88:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:13:CF:95:E8:38:91:1F:82:15:51:54:80:9E:20:13:D4:E5:C9:F9
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/oxPPleg4kR-CFVFUgJ4gE9Tlyfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.45.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:c6:53:9d:86:08:92:a0:e1:23:c5:1b:06:03:01:a1:20:88:
a2:d4:3a:c1:26:ed:42:98:4b:aa:91:09:60:56:ad:42:72:83:
e1:98:cb:6e:bc:6d:b0:6b:83:ec:5c:b2:49:d5:18:06:1a:95:
a0:9b:0e:01:97:a2:da:a6:03:02:a9:70:a4:f0:30:46:0e:d6:
1b:40:8c:35:9f:79:f5:62:0c:ff:bb:e3:66:1c:9b:a3:c0:56:
32:ae:9c:71:52:97:08:e7:bd:bd:a4:97:e4:42:1d:92:56:64:
45:d2:8e:74:b5:d2:14:37:90:b9:c4:19:32:19:6b:7c:6a:24:
73:cd:31:13:f9:1b:59:6a:7b:b7:6f:73:59:65:c6:2f:47:ed:
67:c3:a6:b5:15:71:27:29:8b:ba:d4:65:84:32:0a:97:39:b2:
99:e0:07:ae:09:0a:78:80:df:1f:75:16:ab:1d:c9:d6:24:10:
ab:06:d0:45:fb:a3:27:37:c4:c1:95:04:74:fe:1b:e8:82:4d:
ed:00:e7:0f:35:70:aa:21:64:52:52:6d:04:75:ba:df:79:fc:
35:ea:89:dd:73:a5:95:8b:98:fe:5d:39:a2:40:cc:3c:8c:c8:
c0:c6:ae:8d:2c:2f:74:01:73:c8:f2:42:45:a9:eb:82:f1:2a:
6e:d4:d7:b8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYiamYQLFRm86IebviNoRsVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwNjA4MTA0MjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzEzY2Y5NWU4Mzg5MTFmODIxNTUxNTQ4MDllMjAxM2Q0ZTVjOWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnslE3+e9rFDEGLoNgmQT6EhAKitc
ws+T4+JgO3jK59d8Gx7YuptxnICPGgZH9dy7QKwCyWzFWSrsNvTE+/M43JjudORt
DYasVnVUN5bASpc8gZirafdhIt/Z7jlf60UxYQKa7rl6+TDmVyaUP76J9TiMLpbo
A25QPsjjO/TC8qfuEAESZtMxcr9bSaeQ99ukJa9LmkhVhTj3Abb8EgfCYw18V8DQ
3SwnEfvRoj8JYbvyTXQIDXO7RYT4d0aFExQw3v5zzB1uIGorMD5OciQhSHcSrkKn
67oHUgnOCmIHVy5i+55o4jYVYq7Y+1l/lceYkJLZ0JEiXMh+C6TD1j+IXwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKMTz5XoOJEfghVRVICeIBPU5cn5MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvb3hQUGxlZzRrUi1DRlZGVWdKNGdFOVRseWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAAuIi0DBAAuIj8wDQYJKoZIhvcNAQELBQADggEBAH7GU52G
CJKg4SPFGwYDAaEgiKLUOsEm7UKYS6qRCWBWrUJyg+GYy268bbBrg+xcsknVGAYa
laCbDgGXotqmAwKpcKTwMEYO1htAjDWfefViDP+742Ycm6PAVjKunHFSlwjnvb2k
l+RCHZJWZEXSjnS10hQ3kLnEGTIZa3xqJHPNMRP5G1lqe7dvc1llxi9H7WfDprUV
cScpi7rUZYQyCpc5spngB64JCniA3x91FqsdydYkEKsG0EX7oyc3xMGVBHT+G+iC
Te0A5w81cKohZFJSbQR1ut95/DXqid1zpZWLmP5dOaJAzDyMyMDGro0sL3QBc8jy
QkWp64LxKm7U17g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org