Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/zzQMr7WCuwafFqqLdpfaPj45M4o.roa
File: zzQMr7WCuwafFqqLdpfaPj45M4o.roa (raw, json)
Hash identifier: RIXAYmyOQ5mxbIi2iOLd7aMKZeBWSyUD5weOpWOZs+U=
Subject key identifier: CF:34:0C:AF:B5:82:BB:06:9F:16:AA:8B:76:97:DA:3E:3E:39:33:8A
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0189DE8707BB961F10806BAD7713C31C1B6A
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/zzQMr7WCuwafFqqLdpfaPj45M4o.roa
Signing time: Thu 10 Aug 2023 08:18:58 +0000
ROA not before: Thu 10 Aug 2023 08:18:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.37.0/24 maxlen: 24
46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.40.0/24 maxlen: 24
46.34.41.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
46.34.60.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 10 Aug 2023 14:43:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:87:07:bb:96:1f:10:80:6b:ad:77:13:c3:1c:1b:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Aug 10 08:18:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf340cafb582bb069f16aa8b7697da3e3e39338a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5c:04:47:7e:e4:0c:43:b9:53:aa:d5:bb:d7:
0c:24:f8:9f:c8:0e:c5:30:0f:84:88:cc:38:29:c4:
a0:b2:5c:65:16:75:08:08:c7:4d:c6:b4:01:5b:90:
a5:a5:a0:ad:45:24:9f:c0:b0:fc:ba:6f:d8:a5:c0:
0f:69:57:7a:82:84:59:be:71:13:e0:e9:63:56:e4:
27:04:3e:b8:6b:62:4b:67:ba:ce:d7:90:e3:d2:e3:
47:b3:cc:ea:8b:1a:6b:19:58:81:7e:af:21:47:f2:
26:9e:7e:8c:7a:b4:3b:29:66:49:f1:82:6c:1d:d8:
03:b6:dd:9a:c3:e2:94:77:10:ec:fb:83:45:bc:28:
60:bf:fa:2c:55:77:69:1d:da:5e:10:df:86:93:ff:
6e:f4:c5:97:08:db:92:3b:7c:58:fe:f3:56:cf:a6:
ca:f6:03:ad:71:57:52:2b:27:35:56:e0:52:b1:08:
11:bf:67:26:ed:cf:cc:ae:15:00:7b:93:1a:59:ab:
c3:17:df:5b:28:42:2e:50:94:2d:52:22:2c:72:66:
67:94:95:18:3a:90:0a:59:be:4f:fb:1f:4c:98:8a:
68:eb:55:b1:f8:3a:07:ab:b4:dd:32:20:90:3c:02:
6c:75:61:70:b9:18:f1:3e:6a:f4:20:f6:66:8a:72:
8a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:34:0C:AF:B5:82:BB:06:9F:16:AA:8B:76:97:DA:3E:3E:39:33:8A
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/zzQMr7WCuwafFqqLdpfaPj45M4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.37.255
46.34.40.0/23
46.34.60.0/23
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
49:01:2d:07:ba:5b:c1:f3:a3:f2:a1:08:73:46:38:57:8f:16:
50:7d:e1:b2:ec:40:b5:2e:a2:a6:7a:f6:34:a6:91:4c:78:31:
1a:5d:0e:e6:c8:ff:29:87:30:db:b8:d7:47:e7:47:4a:63:95:
38:22:a4:8b:b3:a1:2b:1a:0d:1a:0b:ee:81:23:25:bb:8b:9c:
6c:12:b5:08:75:d7:6d:81:3f:fd:99:9f:23:0c:c1:59:c9:d9:
32:25:62:d9:fe:21:7e:f1:ac:73:8e:d4:a2:ee:ae:5c:ae:7e:
99:62:fa:10:75:73:72:3b:4a:04:6b:0e:39:8b:f6:0e:f7:5f:
fe:b3:7b:fa:44:bf:17:49:8f:2b:3c:eb:14:ea:24:38:ab:16:
16:20:e3:cd:46:a6:c8:a0:36:b2:6d:e7:8f:a8:3a:8f:36:02:
80:9e:12:2b:5c:f6:c6:91:43:95:04:b1:d6:90:52:55:13:9c:
e0:62:10:8e:cc:e0:82:77:3b:4b:be:d6:84:98:2b:57:9e:07:
bf:21:c7:7e:8e:18:a2:76:22:be:84:88:7b:8e:cf:dc:c9:cc:
46:ae:92:c1:62:bc:85:00:eb:c1:a5:a5:7c:6c:8e:37:d3:ab:
40:11:0a:4b:d0:95:82:cc:18:d2:61:3f:43:b7:39:61:de:a6:
e8:52:f7:7a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYnehwe7lh8QgGutdxPDHBtqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwODEwMDgxODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjM0MGNhZmI1ODJiYjA2OWYxNmFhOGI3Njk3ZGEzZTNlMzkzMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFwER37kDEO5U6rVu9cMJPifyA7F
MA+EiMw4KcSgslxlFnUICMdNxrQBW5ClpaCtRSSfwLD8um/YpcAPaVd6goRZvnET
4OljVuQnBD64a2JLZ7rO15Dj0uNHs8zqixprGViBfq8hR/Imnn6MerQ7KWZJ8YJs
HdgDtt2aw+KUdxDs+4NFvChgv/osVXdpHdpeEN+Gk/9u9MWXCNuSO3xY/vNWz6bK
9gOtcVdSKyc1VuBSsQgRv2cm7c/MrhUAe5MaWavDF99bKEIuUJQtUiIscmZnlJUY
OpAKWb5P+x9MmIpo61Wx+DoHq7TdMiCQPAJsdWFwuRjxPmr0IPZminKKqwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFM80DK+1grsGnxaqi3aX2j4+OTOKMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvenpRTXI3V0N1d2FmRnFxTGRwZmFQajQ1TTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAUuIiAD
BAEuIiQDBAEuIigDBAEuIjwDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBAEkBLQe6
W8Hzo/KhCHNGOFePFlB94bLsQLUuoqZ69jSmkUx4MRpdDubI/ymHMNu410fnR0pj
lTgipIuzoSsaDRoL7oEjJbuLnGwStQh1122BP/2ZnyMMwVnJ2TIlYtn+IX7xrHOO
1KLurlyufpli+hB1c3I7SgRrDjmL9g73X/6ze/pEvxdJjys86xTqJDirFhYg481G
psigNrJt54+oOo82AoCeEitc9saRQ5UEsdaQUlUTnOBiEI7M4IJ3O0u+1oSYK1ee
B78hx36OGKJ2Ir6EiHuOz9zJzEauksFivIUA68GlpXxsjjfTq0ARCkvQlYLMGNJh
P0O3OWHepuhS93o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org