Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/zlvJs1lckG8FV4SsHOtpdoiipgM.roa
File: zlvJs1lckG8FV4SsHOtpdoiipgM.roa (raw, json)
Hash identifier: mBVDNQqMfNz8Cy6+9fwpxfw09bX9OpwJGK2TM5J11AI=
Subject key identifier: CE:5B:C9:B3:59:5C:90:6F:05:57:84:AC:1C:EB:69:76:88:A2:A6:03
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018732CE9F5F7915E2B4647C588A86C735E9
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/zlvJs1lckG8FV4SsHOtpdoiipgM.roa
Signing time: Thu 30 Mar 2023 13:56:54 +0000
ROA not before: Thu 30 Mar 2023 13:56:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.40.0/23 maxlen: 23
46.34.47.0/24 maxlen: 24
46.34.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 30 Mar 2023 17:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:32:ce:9f:5f:79:15:e2:b4:64:7c:58:8a:86:c7:35:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Mar 30 13:56:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce5bc9b3595c906f055784ac1ceb697688a2a603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bb:d5:ac:89:ec:e4:6c:65:c2:79:af:8a:65:
74:71:1f:cf:80:ca:ac:c6:0f:94:4f:9a:e4:c2:2c:
33:45:6e:e4:82:78:45:94:63:5d:99:86:68:8f:f5:
18:a2:1d:c7:3c:f6:ed:1f:65:c6:b5:da:e5:06:96:
b4:95:66:19:bf:92:46:70:fa:b8:78:87:b9:73:3e:
70:df:be:98:e4:6c:b0:45:d7:cc:d5:29:d3:cd:62:
b3:09:af:a8:99:14:44:6f:b0:cb:a0:74:8c:9d:71:
98:56:ad:8a:70:a9:f0:8a:e5:85:e2:95:8d:33:07:
dc:82:f1:56:9e:77:53:05:f5:a1:65:ce:06:98:3b:
7a:ff:c1:f6:d9:07:5e:b7:fb:8b:93:c9:61:81:8e:
0b:11:d0:56:0c:d3:84:78:1e:07:dd:49:0a:f5:c8:
3b:4a:bb:3b:67:5f:cc:02:34:31:ab:aa:80:c1:c7:
11:96:e0:e9:36:12:17:6d:c2:ea:5b:c0:bb:c6:ea:
d2:0b:d5:89:9d:83:3b:01:76:04:62:4d:02:0c:e1:
41:59:04:61:61:d2:0f:e1:6d:ab:06:2a:50:90:81:
f5:82:53:13:d3:b9:85:ba:39:83:9c:d2:2b:f6:f6:
d1:f4:d3:81:3d:b8:4d:18:b6:a3:fa:50:92:11:23:
21:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:5B:C9:B3:59:5C:90:6F:05:57:84:AC:1C:EB:69:76:88:A2:A6:03
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/zlvJs1lckG8FV4SsHOtpdoiipgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/23
46.34.47.0/24
46.34.60.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:e3:6c:30:21:69:e5:7f:d9:2b:39:ac:51:5f:e1:ad:d9:eb:
b5:f3:1c:a0:54:87:b8:3b:55:ce:e2:77:32:76:ae:f4:9e:94:
8b:b2:0f:34:cf:a3:3a:37:32:4d:21:0f:b2:6c:e0:60:b6:12:
fc:d9:7f:1c:cb:15:ab:95:e3:f9:01:04:f4:b3:dc:ee:86:52:
01:19:24:11:71:9c:0f:86:09:15:0b:dd:56:50:2e:1f:99:1d:
01:c3:27:f7:4a:2c:38:04:b5:c4:81:32:a3:8c:c9:c3:4f:b5:
24:dd:97:d1:80:f7:65:97:e1:17:f5:4e:11:f4:0e:ce:7b:cc:
b9:5d:d7:09:b6:25:a8:5f:d5:67:e5:ca:81:41:5e:c7:b2:7b:
1d:f6:ee:d7:79:a3:ce:f4:27:a9:a4:e6:04:6e:70:a7:ae:3d:
43:57:90:c7:42:ad:91:7e:d9:d3:a4:ba:39:b6:f8:75:33:f4:
54:8d:e0:34:c6:b6:eb:fc:da:2d:8f:1b:b4:1d:f4:12:f1:96:
20:31:9d:9c:2e:bd:9a:9f:d5:a1:c2:8b:93:1e:2e:aa:5e:66:
00:85:d1:4a:04:54:41:fe:59:2b:93:41:17:dd:89:47:16:ae:
1f:68:1f:95:4b:bf:0d:d9:94:20:f2:0b:54:82:06:0f:0b:a4:
70:9b:2d:e9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYcyzp9feRXitGR8WIqGxzXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwMzMwMTM1NjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTViYzliMzU5NWM5MDZmMDU1Nzg0YWMxY2ViNjk3Njg4YTJhNjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLvVrIns5GxlwnmvimV0cR/PgMqs
xg+UT5rkwiwzRW7kgnhFlGNdmYZoj/UYoh3HPPbtH2XGtdrlBpa0lWYZv5JGcPq4
eIe5cz5w376Y5GywRdfM1SnTzWKzCa+omRREb7DLoHSMnXGYVq2KcKnwiuWF4pWN
MwfcgvFWnndTBfWhZc4GmDt6/8H22Qdet/uLk8lhgY4LEdBWDNOEeB4H3UkK9cg7
Srs7Z1/MAjQxq6qAwccRluDpNhIXbcLqW8C7xurSC9WJnYM7AXYEYk0CDOFBWQRh
YdIP4W2rBipQkIH1glMT07mFujmDnNIr9vbR9NOBPbhNGLaj+lCSESMhrQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFM5bybNZXJBvBVeErBzraXaIoqYDMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvemx2SnMxbGNrRzhGVjRTc0hPdHBkb2lpcGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAUuIiAD
BAAuIiQDBAEuIigDBAAuIi8DBAIuIjwwDQYJKoZIhvcNAQELBQADggEBAA/jbDAh
aeV/2Ss5rFFf4a3Z67XzHKBUh7g7Vc7idzJ2rvSelIuyDzTPozo3Mk0hD7Js4GC2
EvzZfxzLFauV4/kBBPSz3O6GUgEZJBFxnA+GCRUL3VZQLh+ZHQHDJ/dKLDgEtcSB
MqOMycNPtSTdl9GA92WX4Rf1ThH0Ds57zLld1wm2Jahf1WflyoFBXseyex327td5
o870J6mk5gRucKeuPUNXkMdCrZF+2dOkujm2+HUz9FSN4DTGtuv82i2PG7Qd9BLx
liAxnZwuvZqf1aHCi5MeLqpeZgCF0UoEVEH+WSuTQRfdiUcWrh9oH5VLvw3ZlCDy
C1SCBg8LpHCbLek=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org