Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/2WkZPi5JqALBSyydzepwPKMZ9YU.roa
File: 2WkZPi5JqALBSyydzepwPKMZ9YU.roa (raw, json)
Hash identifier: j+IKTQ06qCB8TqktMjWCkLxMWWmn54/zbiVFPpCuI5E=
Subject key identifier: D9:69:19:3E:2E:49:A8:02:C1:4B:2C:9D:CD:EA:70:3C:A3:19:F5:85
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0189E418806942E0F3EFBB9B707360D19E8F
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/2WkZPi5JqALBSyydzepwPKMZ9YU.roa
Signing time: Fri 11 Aug 2023 10:15:57 +0000
ROA not before: Fri 11 Aug 2023 10:15:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.37.0/24 maxlen: 24
46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.42.0/24 maxlen: 24
46.34.43.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.41.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Aug 2023 17:10:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e4:18:80:69:42:e0:f3:ef:bb:9b:70:73:60:d1:9e:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Aug 11 10:15:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d969193e2e49a802c14b2c9dcdea703ca319f585
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:11:18:b3:30:8a:58:60:0e:69:96:77:82:37:
10:e4:64:91:66:ef:9a:be:50:03:0a:8f:0f:90:85:
09:74:86:35:1a:86:bd:8d:01:fd:d0:fb:74:ab:1d:
fe:eb:5f:fc:1d:6a:8c:bd:cd:e9:9b:db:fb:be:ac:
d1:63:7e:ac:f7:31:ce:d9:5c:da:eb:4e:96:d0:d5:
e6:d8:dc:c8:1b:b6:b5:cb:83:7a:c8:da:10:0b:e6:
9e:0e:19:0c:b4:aa:0e:70:33:ff:82:60:81:6e:96:
b0:b3:c2:16:f6:b2:31:fc:a9:ab:bf:b2:b4:19:42:
82:ac:6d:79:c2:bc:42:bd:56:26:6e:43:87:a2:3b:
f2:f0:90:3c:ef:fc:87:b5:45:49:29:d8:23:cb:31:
9b:bb:27:8c:e7:15:3f:fd:7e:25:7e:db:11:f0:77:
80:26:51:e4:8c:ed:43:95:41:3f:a8:8a:b0:8c:12:
7d:6a:17:08:73:b6:64:67:0f:27:38:5d:52:a3:38:
70:9e:98:c3:dd:d1:5f:87:ee:cc:43:05:86:84:83:
9e:0d:b0:c3:91:9a:bd:e1:39:3e:98:e5:e0:dc:d3:
bb:92:59:ec:0d:2c:36:7e:f3:27:c2:1a:b8:78:09:
37:e6:c4:40:75:04:c3:6b:82:47:c2:71:c6:77:11:
71:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:69:19:3E:2E:49:A8:02:C1:4B:2C:9D:CD:EA:70:3C:A3:19:F5:85
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/2WkZPi5JqALBSyydzepwPKMZ9YU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.37.255
46.34.40.0/22
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
08:3a:6c:29:6c:4c:7b:01:0f:3b:d4:75:93:a6:2d:f0:31:59:
b7:15:ec:88:5e:17:aa:4b:c2:ab:35:0e:48:23:64:fb:89:54:
17:98:b9:8f:2d:51:9c:23:b7:0e:fd:d5:eb:6f:20:93:ed:fc:
36:30:c8:2e:a6:a6:5e:c2:d8:9b:3a:18:f7:6f:22:bf:7e:3c:
bf:59:c9:4a:01:1b:b3:b1:05:aa:f5:df:d1:0e:b0:ac:82:7a:
f3:d0:bc:ca:f2:b2:ac:17:fb:08:6a:af:6f:18:90:0b:49:b3:
73:7c:33:36:a2:09:c0:9f:d8:28:d7:9a:3c:bb:87:80:2c:9f:
6b:f9:97:be:a5:8a:dd:37:69:5b:2c:da:a8:8a:f8:b2:6a:08:
12:1d:2b:c6:e8:d4:18:52:41:e2:e2:75:e1:9f:37:2d:1b:35:
6d:0f:6c:48:6e:bb:ac:c3:94:fd:04:d1:11:af:11:93:95:82:
d9:80:85:1c:f2:b3:09:0a:ba:5e:80:7c:ea:d2:e8:a1:ee:c3:
63:fc:cf:71:24:ee:3f:17:f9:6c:d7:ac:55:e9:82:ab:ad:66:
0e:65:4a:f8:18:b5:ac:c5:d0:8b:84:a7:d1:bd:3a:52:fd:50:
8a:78:6e:af:bf:f8:1f:b6:58:33:09:57:e0:e5:84:6c:30:0c:
d8:45:96:1b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYnkGIBpQuDz77ubcHNg0Z6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwODExMTAxNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTY5MTkzZTJlNDlhODAyYzE0YjJjOWRjZGVhNzAzY2EzMTlmNTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnREYszCKWGAOaZZ3gjcQ5GSRZu+a
vlADCo8PkIUJdIY1Goa9jQH90Pt0qx3+61/8HWqMvc3pm9v7vqzRY36s9zHO2Vza
606W0NXm2NzIG7a1y4N6yNoQC+aeDhkMtKoOcDP/gmCBbpaws8IW9rIx/Kmrv7K0
GUKCrG15wrxCvVYmbkOHojvy8JA87/yHtUVJKdgjyzGbuyeM5xU//X4lftsR8HeA
JlHkjO1DlUE/qIqwjBJ9ahcIc7ZkZw8nOF1SozhwnpjD3dFfh+7MQwWGhIOeDbDD
kZq94Tk+mOXg3NO7klnsDSw2fvMnwhq4eAk35sRAdQTDa4JHwnHGdxFxQQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNlpGT4uSagCwUssnc3qcDyjGfWFMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvMldrWlBpNUpxQUxCU3l5ZHplcHdQS01aOVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAEuIiQDBAIuIigDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBAAg6bClsTHsBDzvU
dZOmLfAxWbcV7IheF6pLwqs1DkgjZPuJVBeYuY8tUZwjtw791etvIJPt/DYwyC6m
pl7C2Js6GPdvIr9+PL9ZyUoBG7OxBar139EOsKyCevPQvMrysqwX+whqr28YkAtJ
s3N8MzaiCcCf2CjXmjy7h4Asn2v5l76lit03aVss2qiK+LJqCBIdK8bo1BhSQeLi
deGfNy0bNW0PbEhuu6zDlP0E0RGvEZOVgtmAhRzyswkKul6AfOrS6KHuw2P8z3Ek
7j8X+WzXrFXpgqutZg5lSvgYtazF0IuEp9G9OlL9UIp4bq+/+B+2WDMJV+DlhGww
DNhFlhs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org