Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/1-PdvpKhqAR6aVNAythYGWYe2TKo.roa
File: 1-PdvpKhqAR6aVNAythYGWYe2TKo.roa (raw, json)
Hash identifier: 8ZI16oVMsMO6S6T5PpEfVKTWN6cH4bflFqebckR9gzU=
Subject key identifier: F8:F7:6F:A4:A8:6A:01:1E:9A:54:D0:32:B6:16:06:59:87:B6:4C:AA
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0186826E12EACF093FE29919B2EAFB22B0DC
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/1-PdvpKhqAR6aVNAythYGWYe2TKo.roa
Signing time: Fri 24 Feb 2023 07:58:17 +0000
ROA not before: Fri 24 Feb 2023 07:58:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 46.34.45.0/24 maxlen: 24
46.34.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Mar 2023 23:26:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:6e:12:ea:cf:09:3f:e2:99:19:b2:ea:fb:22:b0:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Feb 24 07:58:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8f76fa4a86a011e9a54d032b616065987b64caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:20:a0:33:c8:71:2c:3c:72:d9:bb:48:b1:f4:
10:00:de:b3:b2:4c:17:8a:2d:2d:2f:ca:de:b0:e9:
2f:93:2d:49:5f:a4:b7:65:28:bc:ad:a3:1a:f2:7f:
9b:70:f9:c0:21:44:f7:ae:92:7a:33:eb:ae:44:6e:
62:83:16:d5:26:b0:d2:44:be:84:16:d7:f2:62:67:
11:a0:91:5e:bc:12:3f:c7:e4:2f:e0:4f:41:32:e6:
b6:a6:89:6c:ae:10:1a:8d:95:63:ba:1f:1d:75:ec:
91:89:16:c5:d7:fd:42:d2:58:ca:97:ba:61:8b:e2:
51:29:16:06:0b:69:65:33:30:e0:5b:95:ce:00:1b:
2e:bf:6f:7f:99:bd:8d:f6:f1:aa:e4:f5:c4:20:0a:
97:cf:5d:e5:1d:e0:32:fa:d2:6d:07:70:b0:16:fa:
b2:09:c9:9e:a4:bd:72:34:0c:07:44:6e:a0:a8:cc:
78:6f:c6:55:e0:ce:7b:c5:3f:d3:16:e0:f7:43:03:
ec:8b:f1:95:a5:62:fe:5e:3a:ca:bd:18:f8:52:d1:
ae:38:bd:dc:f4:e7:cd:46:77:10:04:46:c5:04:95:
30:30:9a:ed:31:11:75:b2:f8:b4:b9:35:65:bd:a4:
71:41:23:70:77:96:32:49:da:f1:d7:15:e0:45:f7:
9c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:F7:6F:A4:A8:6A:01:1E:9A:54:D0:32:B6:16:06:59:87:B6:4C:AA
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/1-PdvpKhqAR6aVNAythYGWYe2TKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.45.0/24
46.34.52.0/24
Signature Algorithm: sha256WithRSAEncryption
47:91:1d:70:c3:d4:04:ba:55:c1:b0:77:78:ac:94:a8:98:75:
4e:09:ba:9c:f4:a4:86:73:6d:41:10:f7:67:60:49:f6:63:84:
3e:eb:18:6b:48:98:c0:59:fc:8b:3c:58:dc:9d:27:d8:f6:06:
e6:ec:da:af:c6:fb:df:93:26:25:c8:10:25:d8:5f:97:e4:d3:
87:f8:24:28:17:ad:8d:b0:12:cb:d5:34:7d:0c:d0:fc:df:bf:
84:ce:d3:2f:b7:ae:4a:f9:c5:a4:c9:83:39:9b:ae:30:dc:c1:
0d:37:df:e9:fc:a7:d8:6f:b7:2c:64:d1:c7:44:57:87:73:21:
0b:30:e2:62:b5:a9:76:70:f6:00:77:17:8a:56:97:8e:1c:83:
57:c2:59:93:0f:54:54:8f:af:41:d1:c2:cc:4a:59:36:65:69:
b1:ac:72:0b:4b:6a:ea:dc:74:07:b3:2d:b6:6c:94:34:c5:8e:
f2:2e:4c:0a:e5:1b:8b:25:06:74:97:fe:b4:77:a7:3a:12:14:
15:56:fb:c4:d0:08:ed:36:bb:43:41:26:ed:01:aa:48:94:56:
1f:cc:a7:f9:b6:c1:c7:49:04:87:68:8f:3e:5b:1a:4e:43:a6:
42:15:f0:23:1b:8a:1f:dd:34:ef:de:25:53:03:02:b7:30:b1:
0b:46:f6:b8
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYaCbhLqzwk/4pkZsur7IrDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwMjI0MDc1ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGY3NmZhNGE4NmEwMTFlOWE1NGQwMzJiNjE2MDY1OTg3YjY0Y2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCCgM8hxLDxy2btIsfQQAN6zskwX
ii0tL8resOkvky1JX6S3ZSi8raMa8n+bcPnAIUT3rpJ6M+uuRG5igxbVJrDSRL6E
FtfyYmcRoJFevBI/x+Qv4E9BMua2polsrhAajZVjuh8ddeyRiRbF1/1C0ljKl7ph
i+JRKRYGC2llMzDgW5XOABsuv29/mb2N9vGq5PXEIAqXz13lHeAy+tJtB3CwFvqy
CcmepL1yNAwHRG6gqMx4b8ZV4M57xT/TFuD3QwPsi/GVpWL+XjrKvRj4UtGuOL3c
9OfNRncQBEbFBJUwMJrtMRF1svi0uTVlvaRxQSNwd5YySdrx1xXgRfec+wIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPj3b6SoagEemlTQMrYWBlmHtkyqMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvMS1QZHZwS2hxQVI2YVZOQXl0aFlHV1llMlRLby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTkvZTE3NzE0LTQ2N2ItNDQzMy05YjdkLWE2Yjk5MWY0ZmFm
OC8xL1NrY2MxczVncS0zWFIyS3hBYXBlYjBJSDc4NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC4iLQME
AC4iNDANBgkqhkiG9w0BAQsFAAOCAQEAR5EdcMPUBLpVwbB3eKyUqJh1Tgm6nPSk
hnNtQRD3Z2BJ9mOEPusYa0iYwFn8izxY3J0n2PYG5uzar8b735MmJcgQJdhfl+TT
h/gkKBetjbASy9U0fQzQ/N+/hM7TL7euSvnFpMmDOZuuMNzBDTff6fyn2G+3LGTR
x0RXh3MhCzDiYrWpdnD2AHcXilaXjhyDV8JZkw9UVI+vQdHCzEpZNmVpsaxyC0tq
6tx0B7MttmyUNMWO8i5MCuUbiyUGdJf+tHenOhIUFVb7xNAI7Ta7Q0Em7QGqSJRW
H8yn+bbBx0kEh2iPPlsaTkOmQhXwIxuKH900794lUwMCtzCxC0b2uA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org