Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/ytL-1G3mSXhnfB-G2jnN0V6LH-U.roa
File: ytL-1G3mSXhnfB-G2jnN0V6LH-U.roa (raw, json)
Hash identifier: JHtG1x1IqpfrgZQrBD9hbf3NH1cRDo5ZNGAxjRDt8Uo=
Subject key identifier: CA:D2:FE:D4:6D:E6:49:78:67:7C:1F:86:DA:39:CD:D1:5E:8B:1F:E5
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0189350C11D8D9F8AD4A2760541308603189
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/ytL-1G3mSXhnfB-G2jnN0V6LH-U.roa
Signing time: Sat 08 Jul 2023 10:28:50 +0000
ROA not before: Sat 08 Jul 2023 10:28:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.38.0/23 maxlen: 23
46.34.44.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jul 2023 07:58:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:35:0c:11:d8:d9:f8:ad:4a:27:60:54:13:08:60:31:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jul 8 10:28:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cad2fed46de64978677c1f86da39cdd15e8b1fe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0c:18:f8:cc:10:df:4e:11:d9:a5:05:33:2f:
0f:a3:8c:ab:d8:45:80:4b:c1:0e:f0:4c:8f:e4:da:
0a:df:4d:f8:43:92:f3:d1:f7:a2:fc:6f:8c:29:c9:
a6:da:52:ec:e1:a5:fd:8c:1a:ed:82:17:b0:b0:7a:
2d:9e:20:6b:97:83:be:0f:a0:c8:fa:a9:65:15:66:
ae:2b:c7:d0:a1:0f:93:de:e2:8a:3c:c2:71:7f:9d:
00:c6:a4:4c:45:27:48:80:59:4e:16:df:dc:90:24:
d1:6a:67:25:9f:e1:f5:83:08:a4:a7:eb:bc:85:3c:
0c:d9:47:80:71:74:8d:4d:8e:ce:17:f8:dd:75:ff:
39:0e:be:8f:7e:0f:ad:bc:96:21:38:7a:c0:77:3b:
5d:af:7c:3f:2b:80:e6:ac:ee:93:3a:59:d5:c1:d7:
00:c0:b0:97:8c:a9:ce:0e:e0:6d:36:fb:f2:80:16:
14:ea:e6:44:c9:5f:e9:9a:d4:7c:a7:b2:53:1e:b7:
ca:89:20:6b:7a:f7:9f:9f:bd:75:1f:c4:a1:32:42:
6c:76:97:93:af:bb:f5:4a:2a:a5:49:5f:fe:7f:62:
a2:ba:72:b6:56:fb:36:1f:bd:a0:8b:b2:19:25:a3:
37:9e:15:06:2a:3e:8a:87:01:22:cf:ac:03:bf:78:
1c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D2:FE:D4:6D:E6:49:78:67:7C:1F:86:DA:39:CD:D1:5E:8B:1F:E5
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/ytL-1G3mSXhnfB-G2jnN0V6LH-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.38.0-46.34.40.255
46.34.44.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:f6:0c:f4:49:e7:51:5f:c4:c1:f2:44:df:b6:9b:f7:0c:f6:
65:65:38:da:08:79:25:75:a5:51:a4:42:9b:2f:4c:a9:40:f7:
01:43:34:6a:bc:69:fe:f4:12:29:ea:66:2d:b8:f2:ca:b8:7c:
bf:a3:61:e0:4c:50:05:98:b3:0c:e4:e5:93:03:62:53:2b:e8:
b4:07:74:e6:80:95:a1:ad:f3:3d:d6:dc:ed:ed:ca:9c:3a:08:
11:0d:3a:de:72:6b:72:fe:49:d4:a3:1a:cd:73:0d:7a:a1:7a:
e6:f9:47:f9:57:34:0b:47:43:9a:36:76:f8:44:23:6e:77:93:
3c:47:37:4f:37:25:af:24:0e:c4:ec:c4:31:6c:db:c9:f7:c4:
0c:52:46:7e:94:41:77:58:92:25:bb:fd:c0:5f:71:c4:f1:58:
7e:3d:0d:84:e8:98:70:07:14:6c:74:64:47:00:91:8f:f5:82:
a9:53:bc:12:8a:8a:d9:00:47:dd:9c:5f:d5:bb:f9:9e:d7:21:
2d:0c:d5:df:76:f3:08:fe:15:e9:a2:61:c5:c2:88:04:b7:86:
15:25:41:a8:7a:c1:12:22:03:d2:3f:0c:f8:88:52:32:4b:d4:
e5:2d:e5:48:c1:aa:e2:6f:ce:45:1a:b6:c1:a9:88:c8:8d:e9:
24:81:32:d5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYk1DBHY2fitSidgVBMIYDGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwNzA4MTAyODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWQyZmVkNDZkZTY0OTc4Njc3YzFmODZkYTM5Y2RkMTVlOGIxZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogwY+MwQ304R2aUFMy8Po4yr2EWA
S8EO8EyP5NoK3034Q5Lz0fei/G+MKcmm2lLs4aX9jBrtghewsHotniBrl4O+D6DI
+qllFWauK8fQoQ+T3uKKPMJxf50AxqRMRSdIgFlOFt/ckCTRamcln+H1gwikp+u8
hTwM2UeAcXSNTY7OF/jddf85Dr6Pfg+tvJYhOHrAdztdr3w/K4DmrO6TOlnVwdcA
wLCXjKnODuBtNvvygBYU6uZEyV/pmtR8p7JTHrfKiSBrevefn711H8ShMkJsdpeT
r7v1SiqlSV/+f2KiunK2Vvs2H72gi7IZJaM3nhUGKj6KhwEiz6wDv3gc+QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMrS/tRt5kl4Z3wfhto5zdFeix/lMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEveXRMLTFHM21TWGhuZkItRzJqbk4wVjZMSC1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAUuIiAD
BAAuIiQwDAMEAS4iJgMEAC4iKAMEAC4iLAMEAC4iPzANBgkqhkiG9w0BAQsFAAOC
AQEAOvYM9EnnUV/EwfJE37ab9wz2ZWU42gh5JXWlUaRCmy9MqUD3AUM0arxp/vQS
KepmLbjyyrh8v6Nh4ExQBZizDOTlkwNiUyvotAd05oCVoa3zPdbc7e3KnDoIEQ06
3nJrcv5J1KMazXMNeqF65vlH+Vc0C0dDmjZ2+EQjbneTPEc3TzclryQOxOzEMWzb
yffEDFJGfpRBd1iSJbv9wF9xxPFYfj0NhOiYcAcUbHRkRwCRj/WCqVO8EoqK2QBH
3Zxf1bv5ntchLQzV33bzCP4V6aJhxcKIBLeGFSVBqHrBEiID0j8M+IhSMkvU5S3l
SMGq4m/ORRq2wamIyI3pJIEy1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org