Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/zHVAo4PHyiIPYnMuZEMJZzvqXHo.roa
File: zHVAo4PHyiIPYnMuZEMJZzvqXHo.roa (raw, json)
Hash identifier: Qt6aKpkavVkyH5eRsLPzoFk4xmvu1EQt+HwLdvnDbP0=
Subject key identifier: CC:75:40:A3:83:C7:CA:22:0F:62:73:2E:64:43:09:67:3B:EA:5C:7A
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0189E594731BEA4BC24479F14B08E3936949
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/zHVAo4PHyiIPYnMuZEMJZzvqXHo.roa
Signing time: Fri 11 Aug 2023 17:10:58 +0000
ROA not before: Fri 11 Aug 2023 17:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.37.0/24 maxlen: 24
46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.39.0/24 maxlen: 24
46.34.42.0/24 maxlen: 24
46.34.43.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.41.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 19 Aug 2023 17:06:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e5:94:73:1b:ea:4b:c2:44:79:f1:4b:08:e3:93:69:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Aug 11 17:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc7540a383c7ca220f62732e644309673bea5c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:dc:b3:34:d4:2a:0a:5d:db:60:81:1a:dd:c7:
28:20:ae:29:ef:9c:37:14:32:d6:fc:08:28:6b:5e:
2e:64:fd:bc:85:b3:49:cd:22:74:66:84:a5:a6:fc:
cf:ec:cb:82:f7:e3:70:a0:94:28:8b:20:1c:46:c2:
34:24:65:ef:be:96:c1:3b:3c:05:c5:75:d4:c2:33:
39:52:ab:ff:08:32:79:ca:7b:a4:29:79:02:84:01:
2e:fb:27:f6:ff:51:71:56:ab:12:4f:40:8e:c7:f2:
28:26:3e:de:57:95:bb:bb:2a:36:9c:95:7b:1c:a6:
2f:42:d1:a7:c9:a9:06:1d:52:c1:3e:d7:85:6e:0e:
ed:5b:07:54:9d:95:c1:e3:6b:90:07:0d:cb:53:d9:
31:e7:6a:4b:52:09:1c:62:05:b3:8d:62:82:bd:9e:
9a:17:b0:57:ab:1c:5f:c9:aa:86:11:9d:bc:72:60:
20:c7:a0:74:f3:89:2e:05:e7:4b:a7:6c:1c:48:bb:
f2:06:e2:fa:cf:ef:45:07:e2:90:8f:18:9e:12:b6:
79:12:b7:bd:2b:60:ca:7f:be:cd:d2:98:de:04:ba:
f6:b1:15:ee:70:ae:83:61:3b:27:f0:99:2e:3c:00:
47:7e:62:92:3b:c5:89:9b:f9:ac:50:c6:02:0b:43:
69:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:75:40:A3:83:C7:CA:22:0F:62:73:2E:64:43:09:67:3B:EA:5C:7A
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/zHVAo4PHyiIPYnMuZEMJZzvqXHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.37.255
46.34.39.0-46.34.43.255
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:8e:38:37:b3:22:45:3a:d6:17:f9:85:3c:15:47:de:f4:51:
c5:9d:d9:ea:fc:c1:ed:1d:b0:88:8d:fc:cf:c3:96:a9:9d:1b:
f4:bc:70:5a:99:6d:c3:bd:ea:54:02:12:09:bf:c1:89:ec:21:
b1:2f:1b:30:32:ee:75:f4:45:77:13:31:27:13:18:34:3b:b0:
fd:53:5c:43:52:57:c0:e6:e9:91:a7:91:24:ee:07:3f:ea:f9:
5b:03:b9:89:8a:50:1d:27:ed:9c:18:61:ff:e8:cc:2e:0c:6e:
b5:ad:6e:04:a2:71:51:61:0c:64:dc:c7:5f:27:69:2f:25:3c:
db:b5:08:08:72:c2:81:3a:b1:8f:dc:c1:98:f3:e7:5c:b8:65:
28:04:14:69:98:ef:52:9a:fd:c3:ab:64:ec:c5:aa:2d:d1:19:
4a:e8:1b:c0:f1:66:49:e3:a1:c4:4d:3b:9c:ff:f2:96:a2:4a:
f3:82:df:db:4a:08:db:47:21:75:f9:d1:ce:74:6a:0b:73:11:
f0:d8:84:18:90:94:d5:89:d8:62:8c:a4:22:5e:c4:35:43:0f:
49:36:85:8d:a4:ad:02:58:d6:2f:14:97:c8:70:23:9f:c6:8e:
1b:f9:fd:60:7f:e0:55:c0:21:df:27:e4:61:f3:76:5b:85:42:
b4:cd:41:95
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYnllHMb6kvCRHnxSwjjk2lJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwODExMTcxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzc1NDBhMzgzYzdjYTIyMGY2MjczMmU2NDQzMDk2NzNiZWE1YzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9yzNNQqCl3bYIEa3ccoIK4p75w3
FDLW/Agoa14uZP28hbNJzSJ0ZoSlpvzP7MuC9+NwoJQoiyAcRsI0JGXvvpbBOzwF
xXXUwjM5Uqv/CDJ5ynukKXkChAEu+yf2/1FxVqsST0COx/IoJj7eV5W7uyo2nJV7
HKYvQtGnyakGHVLBPteFbg7tWwdUnZXB42uQBw3LU9kx52pLUgkcYgWzjWKCvZ6a
F7BXqxxfyaqGEZ28cmAgx6B084kuBedLp2wcSLvyBuL6z+9FB+KQjxieErZ5Ere9
K2DKf77N0pjeBLr2sRXucK6DYTsn8JkuPABHfmKSO8WJm/msUMYCC0NpZwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMx1QKODx8oiD2JzLmRDCWc76lx6MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvekhWQW80UEh5aUlQWW5NdVpFTUpaenZxWEhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAUuIiAD
BAEuIiQwDAMEAC4iJwMEAi4iKAMEAC4iPzANBgkqhkiG9w0BAQsFAAOCAQEAf444
N7MiRTrWF/mFPBVH3vRRxZ3Z6vzB7R2wiI38z8OWqZ0b9LxwWpltw73qVAISCb/B
iewhsS8bMDLudfRFdxMxJxMYNDuw/VNcQ1JXwObpkaeRJO4HP+r5WwO5iYpQHSft
nBhh/+jMLgxuta1uBKJxUWEMZNzHXydpLyU827UICHLCgTqxj9zBmPPnXLhlKAQU
aZjvUpr9w6tk7MWqLdEZSugbwPFmSeOhxE07nP/ylqJK84Lf20oI20chdfnRznRq
C3MR8NiEGJCU1YnYYoykIl7ENUMPSTaFjaStAljWLxSXyHAjn8aOG/n9YH/gVcAh
3yfkYfN2W4VCtM1BlQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org