Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/pwMl6b4ve-kPvfXi1p568tNJ_Y0.roa
File: pwMl6b4ve-kPvfXi1p568tNJ_Y0.roa (raw, json)
Hash identifier: ybAr6ltN0wl6EU8rrGkdSITlH+KariVZuIPbVp9Kbyk=
Subject key identifier: A7:03:25:E9:BE:2F:7B:E9:0F:BD:F5:E2:D6:9E:7A:F2:D3:49:FD:8D
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018B092F6AA5461EDD2790AA275EF03A8AA0
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/pwMl6b4ve-kPvfXi1p568tNJ_Y0.roa
Signing time: Sat 07 Oct 2023 08:09:44 +0000
ROA not before: Sat 07 Oct 2023 08:09:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.37.0/24 maxlen: 24
46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.40.0/24 maxlen: 24
46.34.54.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Oct 2023 14:39:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:09:2f:6a:a5:46:1e:dd:27:90:aa:27:5e:f0:3a:8a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Oct 7 08:09:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a70325e9be2f7be90fbdf5e2d69e7af2d349fd8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:27:8e:bd:c2:b6:1f:2a:d8:5e:49:7c:c1:91:
a3:29:ec:16:3c:52:46:76:10:e3:81:0c:fd:60:5d:
e8:89:2e:71:89:07:38:a3:d5:03:36:ac:8b:a5:99:
86:be:b9:fc:bf:eb:51:16:4d:e6:bc:61:ce:76:03:
b0:83:d2:95:f3:41:9a:f1:68:96:0f:0f:02:99:e4:
a4:75:87:25:33:a7:4b:73:56:49:13:cc:ef:70:66:
6d:82:4f:ef:32:0d:0e:91:e3:f5:8c:cc:b6:4e:0f:
e6:13:0e:a4:ff:46:98:64:2e:5a:9e:c3:a0:47:72:
e6:0d:0a:4a:2f:54:e6:cb:cd:72:d9:34:77:82:94:
b9:bf:ca:7f:8b:18:1d:4f:d9:0a:86:01:a9:f0:c6:
56:a1:b9:94:d2:72:dd:28:c2:45:eb:27:80:b3:42:
b7:cc:8a:45:a4:18:d6:4b:aa:49:3b:89:48:70:87:
b7:a4:0b:d6:0f:21:fe:da:48:2c:8e:a1:92:d5:af:
8c:0b:49:1c:b7:09:99:14:fe:78:81:11:12:db:c9:
8b:8f:55:66:a8:fa:d3:54:9c:1c:46:15:73:2a:e9:
df:02:dd:56:7a:ae:7d:51:f6:3c:13:eb:6c:17:58:
d9:00:80:c9:d1:d1:5f:ea:f8:71:fa:a8:24:7d:44:
93:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:03:25:E9:BE:2F:7B:E9:0F:BD:F5:E2:D6:9E:7A:F2:D3:49:FD:8D
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/pwMl6b4ve-kPvfXi1p568tNJ_Y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.37.255
46.34.40.0/24
46.34.54.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
32:d6:47:ad:6b:65:26:fb:1e:33:69:8d:74:b0:df:8f:66:a7:
fa:92:c4:d4:43:44:35:f4:51:73:da:5e:a6:56:a7:11:04:aa:
b2:b9:22:fd:da:40:9f:0c:5b:bb:53:a8:49:b7:46:e5:b8:7a:
e4:8f:8d:e2:6f:ac:50:8c:e0:26:1d:f2:2d:e9:15:b7:97:5c:
20:11:13:4e:95:6b:b9:d4:ea:b0:08:2c:de:5e:de:4c:73:bb:
5d:76:15:6f:63:34:ea:3d:dd:1d:5f:3f:b1:de:63:eb:c2:b1:
64:b5:ea:6a:28:d0:25:13:9d:dd:7c:ca:61:24:95:f1:53:2a:
b6:6d:6f:c1:a4:6a:0f:4f:33:2b:a0:fd:b7:7c:48:1a:6e:db:
33:3f:88:27:5d:6a:b9:18:59:98:4d:db:67:0a:c4:b0:8d:ae:
2f:10:d8:46:8c:ec:5a:8e:6f:3c:ae:f6:e9:e6:07:9a:c4:df:
ce:d3:00:71:b4:4b:5b:fb:62:01:8f:4b:42:f0:97:db:9b:e7:
f0:a6:8a:23:77:12:46:4e:5d:c3:a2:71:8d:ee:2d:dc:fb:b6:
41:e6:e5:53:cc:4e:fa:d0:0a:cc:17:90:81:3a:29:42:33:74:
21:e3:1a:81:fd:ef:1e:6d:37:85:72:a3:86:6c:6f:89:12:24:
d8:34:d3:e2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYsJL2qlRh7dJ5CqJ17wOoqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMxMDA3MDgwOTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzAzMjVlOWJlMmY3YmU5MGZiZGY1ZTJkNjllN2FmMmQzNDlmZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCeOvcK2HyrYXkl8wZGjKewWPFJG
dhDjgQz9YF3oiS5xiQc4o9UDNqyLpZmGvrn8v+tRFk3mvGHOdgOwg9KV80Ga8WiW
Dw8CmeSkdYclM6dLc1ZJE8zvcGZtgk/vMg0OkeP1jMy2Tg/mEw6k/0aYZC5ansOg
R3LmDQpKL1Tmy81y2TR3gpS5v8p/ixgdT9kKhgGp8MZWobmU0nLdKMJF6yeAs0K3
zIpFpBjWS6pJO4lIcIe3pAvWDyH+2kgsjqGS1a+MC0kctwmZFP54gRES28mLj1Vm
qPrTVJwcRhVzKunfAt1Weq59UfY8E+tsF1jZAIDJ0dFf6vhx+qgkfUSTsQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKcDJem+L3vpD7314taeevLTSf2NMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvcHdNbDZiNHZlLWtQdmZYaTFwNTY4dE5KX1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAUuIiAD
BAEuIiQDBAAuIigDBAAuIjYDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBADLWR61r
ZSb7HjNpjXSw349mp/qSxNRDRDX0UXPaXqZWpxEEqrK5Iv3aQJ8MW7tTqEm3RuW4
euSPjeJvrFCM4CYd8i3pFbeXXCARE06Va7nU6rAILN5e3kxzu112FW9jNOo93R1f
P7HeY+vCsWS16moo0CUTnd18ymEklfFTKrZtb8Gkag9PMyug/bd8SBpu2zM/iCdd
arkYWZhN22cKxLCNri8Q2EaM7FqObzyu9unmB5rE387TAHG0S1v7YgGPS0Lwl9ub
5/CmiiN3EkZOXcOicY3uLdz7tkHm5VPMTvrQCswXkIE6KUIzdCHjGoH97x5tN4Vy
o4Zsb4kSJNg00+I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org