Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/S3NZSUY4F3dADwRwWQZ9Al6hx3g.roa
File: S3NZSUY4F3dADwRwWQZ9Al6hx3g.roa (raw, json)
Hash identifier: UPyq4IZGou/j7cbMTTrVns4GRDTxzTGLItzp8qUvkx8=
Subject key identifier: 4B:73:59:49:46:38:17:77:40:0F:04:70:59:06:7D:02:5E:A1:C7:78
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018DA6FB46CA64EB2569529A53437FBE75A1
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/S3NZSUY4F3dADwRwWQZ9Al6hx3g.roa
Signing time: Wed 14 Feb 2024 09:38:21 +0000
ROA not before: Wed 14 Feb 2024 09:38:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 46.38.132.0/22 maxlen: 22
46.38.136.0/22 maxlen: 22
46.38.142.0/23 maxlen: 23
46.38.144.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 14 Feb 2024 12:44:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a6:fb:46:ca:64:eb:25:69:52:9a:53:43:7f:be:75:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Feb 14 09:38:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b73594946381777400f047059067d025ea1c778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:1d:73:5f:f5:4f:29:84:de:bd:fa:6e:b2:57:
20:8d:e7:a9:06:4a:77:5b:b4:99:eb:d9:bd:92:e0:
59:b6:bd:86:01:d1:10:c7:e6:de:c9:2f:a4:6a:96:
57:fd:87:8f:b1:d5:21:76:7f:c4:af:ac:8e:b6:0c:
29:42:0f:e1:95:8a:57:51:4b:df:87:a1:73:9c:a0:
f0:48:c4:16:00:dc:bf:81:c2:60:70:7e:42:89:bb:
c6:75:24:e0:cf:20:cd:39:f2:a3:b5:01:52:1f:0d:
f2:76:33:cb:7d:78:ed:01:a7:ff:d1:61:83:c0:9a:
97:8f:96:9e:db:84:0e:47:55:93:13:0d:95:a1:31:
89:bc:83:7d:ea:00:0c:9d:9b:d7:07:14:13:e7:47:
34:56:c5:af:9c:5a:a6:10:68:dd:be:95:cc:2a:3f:
8f:cb:c5:c9:33:4f:f9:06:d6:8d:6e:a1:10:a5:84:
19:71:86:41:45:58:6c:fc:52:04:71:44:7b:40:2e:
f6:60:f2:63:41:a5:0f:bc:38:bf:e2:f3:c3:08:8c:
41:a1:0a:e8:49:6e:b1:89:04:1a:de:51:62:44:4c:
c1:3b:7b:12:6b:c1:ad:93:76:06:be:d7:5f:33:0e:
40:97:0e:47:72:87:f8:53:4b:1c:c4:49:ae:d3:e6:
7d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:73:59:49:46:38:17:77:40:0F:04:70:59:06:7D:02:5E:A1:C7:78
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/S3NZSUY4F3dADwRwWQZ9Al6hx3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.132.0-46.38.139.255
46.38.142.0-46.38.151.255
Signature Algorithm: sha256WithRSAEncryption
02:ef:f4:d3:de:2f:f1:29:d1:87:a2:44:4d:7c:2c:7b:c7:93:
f6:7c:34:28:13:48:89:88:9e:cc:6e:d1:c1:1c:22:c0:cf:a4:
81:26:e4:8d:0c:68:82:5b:fc:21:ab:09:40:f1:e6:a8:02:0a:
ee:5a:ba:37:68:d2:d1:5b:81:cd:cb:8d:5d:15:21:dc:cf:6a:
b4:b2:26:e6:17:73:84:d5:db:3c:6d:7d:98:ad:74:80:94:38:
5e:33:38:9d:54:81:dd:5b:80:2a:1c:56:84:65:56:bd:61:f3:
11:11:54:17:e8:48:20:74:e6:92:c0:58:36:a5:60:61:d9:19:
8e:75:f3:28:ec:f3:75:0d:d8:51:99:43:13:0a:f3:3d:a7:96:
78:38:4a:7a:83:73:9c:9b:b8:71:72:11:4e:cb:71:f9:f0:ef:
07:cb:42:01:c6:2f:96:3d:4d:35:f5:82:45:9d:49:fc:64:13:
27:16:8b:25:8e:4e:1e:e6:06:4e:c7:54:73:ba:7f:b4:14:e0:
2f:c8:10:52:e6:d5:88:6f:46:e6:4f:c2:2e:b8:aa:61:48:e4:
cc:e6:e4:61:37:6b:27:34:a1:81:9d:fe:90:4c:5a:86:7d:e6:
0a:e0:e1:a1:e4:5d:9e:96:d8:01:75:09:ee:f7:62:75:51:7b:
8a:db:f9:a3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY2m+0bKZOslaVKaU0N/vnWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjE0MDkzODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjczNTk0OTQ2MzgxNzc3NDAwZjA0NzA1OTA2N2QwMjVlYTFjNzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkh1zX/VPKYTevfpuslcgjeepBkp3
W7SZ69m9kuBZtr2GAdEQx+beyS+kapZX/YePsdUhdn/Er6yOtgwpQg/hlYpXUUvf
h6FznKDwSMQWANy/gcJgcH5CibvGdSTgzyDNOfKjtQFSHw3ydjPLfXjtAaf/0WGD
wJqXj5ae24QOR1WTEw2VoTGJvIN96gAMnZvXBxQT50c0VsWvnFqmEGjdvpXMKj+P
y8XJM0/5BtaNbqEQpYQZcYZBRVhs/FIEcUR7QC72YPJjQaUPvDi/4vPDCIxBoQro
SW6xiQQa3lFiREzBO3sSa8Gtk3YGvtdfMw5Alw5Hcof4U0scxEmu0+Z9EwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEtzWUlGOBd3QA8EcFkGfQJeocd4MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvUzNOWlNVWTRGM2RBRHdSd1dRWjlBbDZoeDNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAIuJoQD
BAIuJogwDAMEAS4mjgMEAy4mkDANBgkqhkiG9w0BAQsFAAOCAQEAAu/0094v8SnR
h6JETXwse8eT9nw0KBNIiYiezG7RwRwiwM+kgSbkjQxoglv8IasJQPHmqAIK7lq6
N2jS0VuBzcuNXRUh3M9qtLIm5hdzhNXbPG19mK10gJQ4XjM4nVSB3VuAKhxWhGVW
vWHzERFUF+hIIHTmksBYNqVgYdkZjnXzKOzzdQ3YUZlDEwrzPaeWeDhKeoNznJu4
cXIRTstx+fDvB8tCAcYvlj1NNfWCRZ1J/GQTJxaLJY5OHuYGTsdUc7p/tBTgL8gQ
UubViG9G5k/CLriqYUjkzObkYTdrJzShgZ3+kExahn3mCuDhoeRdnpbYAXUJ7vdi
dVF7itv5ow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org