Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/wAYcxEQVYND-5kLzf_2046nl7t4.roa
File: wAYcxEQVYND-5kLzf_2046nl7t4.roa (raw, json)
Hash identifier: M4k+MI6Hs2gtXXVVDYPqmZVXDUCM83Ml0Otc8XF4CtU=
Subject key identifier: C0:06:1C:C4:44:15:60:D0:FE:E6:42:F3:7F:FD:B4:E3:A9:E5:EE:DE
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018E74C7A63B626047455D9C458B2955020C
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/wAYcxEQVYND-5kLzf_2046nl7t4.roa
Signing time: Mon 25 Mar 2024 08:43:45 +0000
ROA not before: Mon 25 Mar 2024 08:43:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Apr 2024 11:02:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:74:c7:a6:3b:62:60:47:45:5d:9c:45:8b:29:55:02:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Mar 25 08:43:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0061cc4441560d0fee642f37ffdb4e3a9e5eede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8c:85:5c:72:ec:e9:5f:e1:77:3c:74:98:b0:
ec:e1:cc:a6:66:96:a1:3f:d7:25:03:36:87:b4:68:
87:0e:fd:e3:dd:e4:bb:20:24:ff:09:84:ee:93:9b:
ff:3e:44:34:5c:d5:d7:e5:ec:6c:ed:05:1d:87:f0:
10:45:7e:fd:f2:61:d7:c1:e6:43:6c:dd:f7:5b:ec:
d5:84:e8:94:ff:89:29:f7:31:9a:48:7c:d9:80:22:
c9:40:4d:25:ed:ca:d2:f8:21:b8:1e:a3:23:5b:78:
52:8b:70:01:08:f1:ce:5f:ba:c2:bd:21:e2:09:81:
72:5a:27:6f:2c:22:9a:dc:30:5f:7d:b8:ff:35:90:
59:19:44:73:11:51:3c:da:de:de:ac:16:b7:1b:6e:
5b:99:2d:39:89:04:14:6a:e5:48:ca:be:57:d9:d2:
d3:11:e4:32:c3:63:b5:8f:2b:ca:04:58:6e:29:94:
ea:81:8e:90:9f:84:f4:62:9a:eb:0c:69:57:87:0e:
6c:19:c6:5d:ce:a8:b5:2a:07:53:c6:d4:3d:18:cc:
95:99:4b:75:f6:bb:fb:10:25:5e:0b:c7:d2:66:50:
23:d1:1b:a6:bf:e0:6d:90:d7:93:91:91:59:0b:2f:
f6:85:1e:f1:44:ed:5f:e2:8a:9c:fe:5a:d4:9e:ae:
b2:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:06:1C:C4:44:15:60:D0:FE:E6:42:F3:7F:FD:B4:E3:A9:E5:EE:DE
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/wAYcxEQVYND-5kLzf_2046nl7t4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
24:e3:ca:8d:8c:d7:38:95:1c:fd:f7:e7:e6:27:2d:22:7b:2d:
6b:01:81:0e:a8:92:b0:f6:a3:77:c0:83:46:4f:14:58:d3:bd:
6a:d8:30:da:2b:74:fa:be:d6:bc:86:14:e1:db:60:93:45:39:
96:6d:7d:d9:dc:75:b2:22:e2:23:6c:0d:4d:26:34:09:ef:8c:
67:8c:81:a3:b8:fd:f0:fd:24:9c:47:81:93:82:b9:c3:de:4d:
d7:9d:cb:64:6e:ca:95:f1:73:c4:98:c2:df:e3:7d:ca:79:26:
0b:ee:86:65:7b:f1:07:da:22:07:5c:2e:2f:c9:76:1b:cd:af:
e9:b6:2e:60:bd:a1:d1:d4:51:de:81:4b:b3:5a:2a:54:e1:24:
76:e7:cf:cc:a9:b7:88:af:a9:ce:b4:e4:d8:61:3e:8d:2b:4b:
e8:56:05:7e:0f:2f:67:2d:16:10:a5:09:b2:65:58:20:71:fa:
f6:31:d0:18:00:4e:94:12:a5:ed:85:08:3d:9f:ac:9a:7b:99:
d4:00:6c:21:4b:2a:db:27:b1:d7:1a:28:a4:bc:45:dc:67:64:
47:94:d1:8d:f7:93:6f:9d:00:6a:f9:63:a1:31:ae:6e:16:25:
06:fd:1a:51:c4:d5:3d:4e:28:9a:9b:c5:a4:e3:17:88:bb:26:
96:47:6a:d0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY50x6Y7YmBHRV2cRYspVQIMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjQwMzI1MDg0MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDA2MWNjNDQ0MTU2MGQwZmVlNjQyZjM3ZmZkYjRlM2E5ZTVlZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIyFXHLs6V/hdzx0mLDs4cymZpah
P9clAzaHtGiHDv3j3eS7ICT/CYTuk5v/PkQ0XNXX5exs7QUdh/AQRX798mHXweZD
bN33W+zVhOiU/4kp9zGaSHzZgCLJQE0l7crS+CG4HqMjW3hSi3ABCPHOX7rCvSHi
CYFyWidvLCKa3DBffbj/NZBZGURzEVE82t7erBa3G25bmS05iQQUauVIyr5X2dLT
EeQyw2O1jyvKBFhuKZTqgY6Qn4T0YprrDGlXhw5sGcZdzqi1KgdTxtQ9GMyVmUt1
9rv7ECVeC8fSZlAj0Rumv+BtkNeTkZFZCy/2hR7xRO1f4oqc/lrUnq6yNwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMAGHMREFWDQ/uZC83/9tOOp5e7eMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvd0FZY3hFUVZZTkQtNWtMemZfMjA0Nm5sN3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBACTjyo2M1ziVHP33
5+YnLSJ7LWsBgQ6okrD2o3fAg0ZPFFjTvWrYMNordPq+1ryGFOHbYJNFOZZtfdnc
dbIi4iNsDU0mNAnvjGeMgaO4/fD9JJxHgZOCucPeTdedy2RuypXxc8SYwt/jfcp5
JgvuhmV78QfaIgdcLi/JdhvNr+m2LmC9odHUUd6BS7NaKlThJHbnz8ypt4ivqc60
5NhhPo0rS+hWBX4PL2ctFhClCbJlWCBx+vYx0BgATpQSpe2FCD2frJp7mdQAbCFL
KtsnsdcaKKS8RdxnZEeU0Y33k2+dAGr5Y6Exrm4WJQb9GlHE1T1OKJqbxaTjF4i7
JpZHatA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org