Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/qYyidpPQSJ_fwZPloCDxY8VgYaM.roa
File: qYyidpPQSJ_fwZPloCDxY8VgYaM.roa (raw, json)
Hash identifier: QpMeWUbtp14CiQeEsHaGEo1yFl9Hhv+sd4YILe8cl9w=
Subject key identifier: A9:8C:A2:76:93:D0:48:9F:DF:C1:93:E5:A0:20:F1:63:C5:60:61:A3
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018C05BBC793186F5E33651BC6406C327E96
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/qYyidpPQSJ_fwZPloCDxY8VgYaM.roa
Signing time: Sat 25 Nov 2023 09:07:21 +0000
ROA not before: Sat 25 Nov 2023 09:07:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 46.34.38.0/24 maxlen: 24
46.34.42.0/23 maxlen: 23
46.34.49.0/24 maxlen: 24
46.34.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:05:bb:c7:93:18:6f:5e:33:65:1b:c6:40:6c:32:7e:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Nov 25 09:07:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a98ca27693d0489fdfc193e5a020f163c56061a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0b:24:cc:d4:07:99:79:00:4a:ec:9f:4a:a6:
bf:c7:14:7a:df:39:1c:2a:20:fa:1a:5a:02:f7:85:
ad:16:18:23:b5:40:40:a4:0b:02:0c:f2:61:84:6c:
45:b2:dc:82:28:49:5e:f7:b8:3d:42:bb:b7:8e:6a:
4b:63:36:86:d0:8d:2e:b3:7d:30:7d:cf:5b:ba:51:
94:52:8e:5c:c1:51:a8:08:84:90:24:46:f2:bc:e2:
8c:4e:3c:17:45:50:ea:f5:ed:f9:85:7a:3a:ce:b9:
68:8f:82:b6:64:1a:5c:ad:b2:0a:b0:cc:c4:01:13:
64:c4:40:07:3c:dd:06:85:13:d4:d7:67:f6:31:6b:
82:38:ca:fd:94:29:dc:9c:42:f6:ee:7c:f6:78:b1:
4c:88:61:3a:85:90:cb:14:61:c5:8b:32:0c:2b:d4:
bb:00:2c:0d:2a:f8:45:ff:41:be:33:38:81:d3:35:
91:21:34:22:e7:0d:ce:50:b5:9e:69:ee:92:2e:fb:
a1:97:76:66:1f:a8:f8:e2:09:2e:20:af:f7:5c:4c:
ae:92:6a:96:17:e7:20:72:2c:0c:5e:c8:08:73:8e:
37:69:b3:56:50:55:c0:05:f2:8b:63:97:f7:05:3c:
03:d3:7e:ba:57:d2:0c:ed:3f:9a:68:3d:44:4e:a4:
97:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8C:A2:76:93:D0:48:9F:DF:C1:93:E5:A0:20:F1:63:C5:60:61:A3
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/qYyidpPQSJ_fwZPloCDxY8VgYaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.38.0/24
46.34.42.0/23
46.34.49.0/24
46.34.55.0/24
Signature Algorithm: sha256WithRSAEncryption
19:9b:d4:0f:69:ca:6f:24:3d:a0:c7:de:f5:d0:d5:52:f0:be:
9a:68:fe:42:52:ce:1e:c9:8e:50:4f:d9:f9:d8:89:15:fe:8a:
ad:25:f5:bd:c2:83:fb:e8:3f:b3:88:61:de:54:d3:67:6b:0e:
e0:34:e2:e8:5e:83:1d:5f:4e:d5:27:99:49:f7:37:e1:a2:db:
de:d5:f9:d4:f1:59:98:f8:5f:39:5e:83:55:7d:98:35:c1:e6:
21:2e:e4:0b:bb:4f:f3:a0:42:93:fd:57:01:41:a1:8a:0a:f2:
61:20:70:e5:18:d6:1b:7b:f6:7c:42:e4:f4:ff:74:a1:57:78:
0f:99:59:dc:29:d7:50:4d:db:54:46:cc:7d:c3:1c:6b:f5:e3:
5f:01:27:d7:0b:c7:23:02:40:27:f9:39:c1:2d:80:d2:b2:35:
03:7e:1c:f1:2a:55:53:18:cc:a0:17:af:c6:ab:ed:48:2d:16:
97:65:49:82:df:f9:f7:42:f2:77:0e:70:53:15:40:d7:cd:25:
af:33:51:f8:99:a8:db:c4:f3:04:68:0f:6a:78:70:9c:e4:b3:
65:07:c0:2b:eb:00:83:6a:9e:6a:ae:44:d5:4a:6a:ab:c7:10:
64:3d:76:40:ee:71:0d:c0:48:f2:b8:24:5c:bd:31:2f:96:2e:
63:04:de:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwFu8eTGG9eM2UbxkBsMn6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMxMTI1MDkwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOThjYTI3NjkzZDA0ODlmZGZjMTkzZTVhMDIwZjE2M2M1NjA2MWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwskzNQHmXkASuyfSqa/xxR63zkc
KiD6GloC94WtFhgjtUBApAsCDPJhhGxFstyCKEle97g9Qru3jmpLYzaG0I0us30w
fc9bulGUUo5cwVGoCISQJEbyvOKMTjwXRVDq9e35hXo6zrloj4K2ZBpcrbIKsMzE
ARNkxEAHPN0GhRPU12f2MWuCOMr9lCncnEL27nz2eLFMiGE6hZDLFGHFizIMK9S7
ACwNKvhF/0G+MziB0zWRITQi5w3OULWeae6SLvuhl3ZmH6j44gkuIK/3XEyukmqW
F+cgciwMXsgIc443abNWUFXABfKLY5f3BTwD0366V9IM7T+aaD1ETqSXiQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKmMonaT0Eif38GT5aAg8WPFYGGjMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvcVl5aWRwUFFTSl9md1pQbG9DRHhZOFZnWWFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALiImAwQB
LiIqAwQALiIxAwQALiI3MA0GCSqGSIb3DQEBCwUAA4IBAQAZm9QPacpvJD2gx971
0NVS8L6aaP5CUs4eyY5QT9n52IkV/oqtJfW9woP76D+ziGHeVNNnaw7gNOLoXoMd
X07VJ5lJ9zfhotve1fnU8VmY+F85XoNVfZg1weYhLuQLu0/zoEKT/VcBQaGKCvJh
IHDlGNYbe/Z8QuT0/3ShV3gPmVncKddQTdtURsx9wxxr9eNfASfXC8cjAkAn+TnB
LYDSsjUDfhzxKlVTGMygF6/Gq+1ILRaXZUmC3/n3QvJ3DnBTFUDXzSWvM1H4majb
xPMEaA9qeHCc5LNlB8Ar6wCDap5qrkTVSmqrxxBkPXZA7nENwEjyuCRcvTEvli5j
BN6c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org