Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/s72JMVjai1nZSKsoBxdC_CHJ5Bk.roa
File: s72JMVjai1nZSKsoBxdC_CHJ5Bk.roa (raw, json)
Hash identifier: MaW6EMbG5E64Z2GsrmEc3wj1eRPg0nuOgtmqF913txM=
Subject key identifier: B3:BD:89:31:58:DA:8B:59:D9:48:AB:28:07:17:42:FC:21:C9:E4:19
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0186E1442E2B6A8E650C61C01ED6AA312947
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/s72JMVjai1nZSKsoBxdC_CHJ5Bk.roa
Signing time: Tue 14 Mar 2023 17:56:27 +0000
ROA not before: Tue 14 Mar 2023 17:56:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/23 maxlen: 23
46.34.47.0/24 maxlen: 24
46.34.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 17 Mar 2023 12:22:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e1:44:2e:2b:6a:8e:65:0c:61:c0:1e:d6:aa:31:29:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Mar 14 17:56:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3bd893158da8b59d948ab28071742fc21c9e419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a8:cf:aa:c2:0e:21:95:42:11:b9:a2:46:04:
48:e7:ef:d0:b9:f2:f9:58:9e:35:1f:47:c4:48:e5:
cb:72:cf:e8:75:12:bf:0b:8f:04:35:8f:5b:a0:1c:
eb:60:cc:e8:8d:01:d4:12:c8:4c:d3:20:46:88:74:
51:28:42:9b:e7:e7:96:37:4f:8b:29:b1:0b:f2:88:
d4:17:3e:8b:f7:e6:c0:0f:7b:3d:86:d2:f7:4f:e4:
d4:8c:1a:c9:9e:af:e0:60:18:40:94:91:bf:fc:6f:
bc:27:8e:c6:13:f6:20:bb:75:97:bb:e2:43:ce:4e:
f5:45:29:1c:58:1c:17:79:9d:9d:56:b1:47:75:91:
be:5a:a7:aa:6b:c1:ad:0c:e0:87:60:d2:0c:94:7c:
56:60:ab:ac:80:8a:52:d8:09:56:b6:27:fd:b6:fd:
cb:76:87:68:06:bd:b8:13:7f:40:3a:2b:63:2d:0d:
1f:ee:f4:23:3e:cf:07:0d:9b:cc:e6:9e:da:ff:cc:
2b:ce:f0:85:19:ae:0b:04:8c:44:61:14:b0:70:aa:
7b:21:5a:4c:08:72:39:c1:0a:53:20:27:34:63:24:
b2:92:42:d6:6c:8e:b7:c7:a8:b1:01:61:44:e4:ef:
b9:cd:fa:79:1f:56:12:33:0d:fc:4c:2b:bb:10:93:
01:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:BD:89:31:58:DA:8B:59:D9:48:AB:28:07:17:42:FC:21:C9:E4:19
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/s72JMVjai1nZSKsoBxdC_CHJ5Bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.37.255
46.34.47.0/24
46.34.60.0/22
Signature Algorithm: sha256WithRSAEncryption
50:a5:18:a5:fd:7c:76:41:22:d8:34:cd:f6:e9:0e:5e:59:f4:
ad:0f:93:51:3f:3c:4c:f9:ec:5d:ac:66:b7:c2:ec:f1:d7:c8:
12:20:ff:59:05:8c:4a:25:24:9e:dd:ca:73:27:8f:ed:e5:10:
c4:2c:75:68:31:19:3b:ba:8c:a4:cf:22:ff:cd:80:c8:7f:4f:
d3:e7:0e:88:75:f1:3a:17:44:03:70:6f:ce:c3:d2:4f:6e:04:
97:4c:77:7d:9a:ca:67:df:78:78:97:8e:80:ca:01:52:a9:f5:
33:7d:d0:2c:1a:70:4d:0d:2e:94:57:8c:d6:bb:1f:8b:85:5a:
73:e8:6d:ca:a8:7d:b1:36:f6:4e:6a:7b:1a:e8:b7:bf:86:1d:
07:71:cb:cf:ca:bf:a2:4b:3e:5f:c5:14:7a:cf:fb:fb:d6:09:
b0:1b:7a:ca:0f:3a:19:46:eb:77:3f:50:5c:a2:b2:ae:f0:69:
3c:ab:4f:93:c1:68:b8:39:14:c4:0d:d2:33:47:df:df:cb:c4:
26:d4:d6:a5:20:ef:4d:99:d8:59:fd:a2:fc:9e:a7:55:65:26:
56:2f:84:3a:5b:72:89:d4:be:8f:93:6b:13:4f:43:3a:a5:95:
bd:a7:fe:e8:ce:ca:96:f7:14:dc:6e:7d:3a:14:29:a5:af:2f:
8d:a1:34:d0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYbhRC4rao5lDGHAHtaqMSlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwMzE0MTc1NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2JkODkzMTU4ZGE4YjU5ZDk0OGFiMjgwNzE3NDJmYzIxYzllNDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKjPqsIOIZVCEbmiRgRI5+/QufL5
WJ41H0fESOXLcs/odRK/C48ENY9boBzrYMzojQHUEshM0yBGiHRRKEKb5+eWN0+L
KbEL8ojUFz6L9+bAD3s9htL3T+TUjBrJnq/gYBhAlJG//G+8J47GE/Ygu3WXu+JD
zk71RSkcWBwXeZ2dVrFHdZG+Wqeqa8GtDOCHYNIMlHxWYKusgIpS2AlWtif9tv3L
dodoBr24E39AOitjLQ0f7vQjPs8HDZvM5p7a/8wrzvCFGa4LBIxEYRSwcKp7IVpM
CHI5wQpTICc0YySykkLWbI63x6ixAWFE5O+5zfp5H1YSMw38TCu7EJMB5QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLO9iTFY2otZ2UirKAcXQvwhyeQZMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvczcySk1WamFpMW5aU0tzb0J4ZENfQ0hKNUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAEuIiQDBAAuIi8DBAIuIjwwDQYJKoZIhvcNAQELBQADggEBAFClGKX9fHZBItg0
zfbpDl5Z9K0Pk1E/PEz57F2sZrfC7PHXyBIg/1kFjEolJJ7dynMnj+3lEMQsdWgx
GTu6jKTPIv/NgMh/T9PnDoh18ToXRANwb87D0k9uBJdMd32aymffeHiXjoDKAVKp
9TN90CwacE0NLpRXjNa7H4uFWnPobcqofbE29k5qexrot7+GHQdxy8/Kv6JLPl/F
FHrP+/vWCbAbesoPOhlG63c/UFyisq7waTyrT5PBaLg5FMQN0jNH39/LxCbU1qUg
702Z2Fn9ovyep1VlJlYvhDpbconUvo+TaxNPQzqllb2n/ujOypb3FNxufToUKaWv
L42hNNA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org