Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/z5MGZcX5XnA27iBGK-L1y9F_qTI.roa
File: z5MGZcX5XnA27iBGK-L1y9F_qTI.roa (raw, json)
Hash identifier: b4GRzTB7l6gsGyCRLS7ts1GHSJm+AerMFgk29RXJUbs=
Subject key identifier: CF:93:06:65:C5:F9:5E:70:36:EE:20:46:2B:E2:F5:CB:D1:7F:A9:32
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018B458A31C246D4196386D3E9BEAAD241F3
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/z5MGZcX5XnA27iBGK-L1y9F_qTI.roa
Signing time: Thu 19 Oct 2023 01:26:06 +0000
ROA not before: Thu 19 Oct 2023 01:26:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
46.34.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Oct 2023 14:18:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:45:8a:31:c2:46:d4:19:63:86:d3:e9:be:aa:d2:41:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Oct 19 01:26:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf930665c5f95e7036ee20462be2f5cbd17fa932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:4a:78:d4:b4:9e:c7:cb:4f:6a:3c:e1:1d:c5:
5c:91:40:f8:d0:c5:a9:a3:32:06:69:1e:a5:3a:d0:
3b:fd:97:84:33:e5:3f:e8:d6:d3:14:d2:8c:86:2a:
53:c0:a0:09:fc:10:7d:05:66:6a:f9:b3:f7:26:5e:
cf:04:fd:68:11:7b:d4:dc:06:23:f2:40:27:5e:77:
6e:be:27:a9:9e:9d:7e:2d:dc:42:7a:a9:7e:1a:18:
de:4a:d5:da:22:a1:9f:32:ae:5c:10:eb:54:eb:ea:
0d:9f:c7:ca:65:c1:93:50:db:df:3f:38:78:ff:b8:
4b:92:c5:04:ba:99:01:35:54:e8:ce:95:4d:6b:a3:
2e:80:74:66:bc:1a:8c:b3:50:d1:c0:23:77:99:06:
f1:a3:16:9c:07:7a:22:c1:b7:5c:16:77:56:17:51:
f6:74:fe:60:cd:c0:57:56:ad:96:a9:dd:f5:de:93:
3e:68:5c:2e:09:79:d7:a8:50:b4:25:ef:37:ac:11:
0a:02:35:19:cb:d2:94:1d:f7:11:b3:f2:31:f4:90:
69:4a:5f:d5:ce:6c:8b:1b:cf:bc:de:18:ae:f2:d9:
0c:7b:5b:5e:6d:6f:ea:64:88:77:3d:ed:eb:ae:64:
e5:3f:49:15:e6:18:73:87:4b:91:51:99:f4:9e:53:
9e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:93:06:65:C5:F9:5E:70:36:EE:20:46:2B:E2:F5:CB:D1:7F:A9:32
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/z5MGZcX5XnA27iBGK-L1y9F_qTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.62.0/23
Signature Algorithm: sha256WithRSAEncryption
63:3b:20:35:06:d4:5c:93:40:7a:5b:f6:58:6c:9a:cb:93:04:
d2:fd:06:02:ed:0e:85:89:b7:c1:3f:be:49:80:3d:3f:85:49:
29:e7:c4:fc:9a:ad:d3:d9:23:92:0b:b1:e5:c4:14:a5:04:9c:
20:64:6a:cf:a8:18:1c:07:43:94:2c:4a:61:82:ac:fd:bc:af:
48:b7:4f:9e:76:3c:20:11:7a:9a:7d:5e:3b:69:63:b9:01:18:
a8:cb:f7:2e:40:6d:b3:9b:67:2b:31:ba:23:85:23:ca:3a:60:
f7:a5:89:f1:1c:3d:fd:03:43:6e:49:dc:3c:68:65:89:33:14:
00:de:2a:18:bc:f8:75:68:ab:00:ae:cf:df:ab:47:92:3b:e6:
30:92:04:c6:9d:f7:3f:08:b6:8e:cc:a0:7d:18:43:dc:87:26:
52:4c:88:9b:76:a1:5d:8e:79:e1:11:7c:92:3e:9a:90:ff:f7:
86:94:cd:97:9e:f8:a1:dc:bf:70:a2:b2:32:29:99:b4:72:23:
22:5e:b3:ff:7d:f3:03:73:52:84:b1:a9:fe:c4:d6:86:c7:db:
c2:ae:22:5f:3a:45:49:eb:07:7a:bb:fc:0c:7a:b3:4c:dd:da:
91:b1:c9:e4:18:ec:65:7a:ee:4c:7e:bc:af:d9:e8:cc:90:f0:
ad:81:49:a1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYtFijHCRtQZY4bT6b6q0kHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMxMDE5MDEyNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjkzMDY2NWM1Zjk1ZTcwMzZlZTIwNDYyYmUyZjVjYmQxN2ZhOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Ep41LSex8tPajzhHcVckUD40MWp
ozIGaR6lOtA7/ZeEM+U/6NbTFNKMhipTwKAJ/BB9BWZq+bP3Jl7PBP1oEXvU3AYj
8kAnXnduviepnp1+LdxCeql+GhjeStXaIqGfMq5cEOtU6+oNn8fKZcGTUNvfPzh4
/7hLksUEupkBNVTozpVNa6MugHRmvBqMs1DRwCN3mQbxoxacB3oiwbdcFndWF1H2
dP5gzcBXVq2Wqd313pM+aFwuCXnXqFC0Je83rBEKAjUZy9KUHfcRs/Ix9JBpSl/V
zmyLG8+83hiu8tkMe1tebW/qZIh3Pe3rrmTlP0kV5hhzh0uRUZn0nlOeHQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFM+TBmXF+V5wNu4gRivi9cvRf6kyMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvejVNR1pjWDVYbkEyN2lCR0stTDF5OUZfcVRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAEuIj4wDQYJKoZIhvcNAQELBQADggEBAGM7IDUG1FyTQHpb
9lhsmsuTBNL9BgLtDoWJt8E/vkmAPT+FSSnnxPyardPZI5ILseXEFKUEnCBkas+o
GBwHQ5QsSmGCrP28r0i3T552PCARepp9XjtpY7kBGKjL9y5AbbObZysxuiOFI8o6
YPelifEcPf0DQ25J3DxoZYkzFADeKhi8+HVoqwCuz9+rR5I75jCSBMad9z8Ito7M
oH0YQ9yHJlJMiJt2oV2OeeERfJI+mpD/94aUzZee+KHcv3CisjIpmbRyIyJes/99
8wNzUoSxqf7E1obH28KuIl86RUnrB3q7/Ax6s0zd2pGxyeQY7GV67kx+vK/Z6MyQ
8K2BSaE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org