Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/1m9pp8aRdKyma8kGtIze0Y2ntrQ.roa
File: 1m9pp8aRdKyma8kGtIze0Y2ntrQ.roa (raw, json)
Hash identifier: HNAaE+uOvTNQcIh+DQ5YWAUmNitOpreN1Gyro5Xorhc=
Subject key identifier: D6:6F:69:A7:C6:91:74:AC:A6:6B:C9:06:B4:8C:DE:D1:8D:A7:B6:B4
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 018745D9CE11200A98B9D87A763EB84AF06A
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/1m9pp8aRdKyma8kGtIze0Y2ntrQ.roa
Signing time: Mon 03 Apr 2023 06:41:54 +0000
ROA not before: Mon 03 Apr 2023 06:41:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.233.38.0/24 maxlen: 24
46.233.39.0/24 maxlen: 24
46.233.44.0/23 maxlen: 23
46.233.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Apr 2023 10:03:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:45:d9:ce:11:20:0a:98:b9:d8:7a:76:3e:b8:4a:f0:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Apr 3 06:41:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d66f69a7c69174aca66bc906b48cded18da7b6b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ac:fa:68:50:eb:86:c9:40:c4:10:55:af:1f:
45:c3:89:33:77:83:30:b7:66:a3:b8:97:34:d2:4f:
2c:79:24:34:c4:c2:fe:a9:95:1c:6c:9c:74:0b:01:
2d:56:8d:6e:11:1d:7d:c2:b0:5e:f2:d6:cc:8d:72:
de:69:a7:80:28:c2:64:da:20:3e:5c:86:d2:60:3e:
d8:71:d0:28:f9:a1:42:13:ec:e9:41:35:a2:8b:aa:
23:1d:5d:e9:bc:60:37:a5:27:43:d7:ef:cb:76:c0:
4b:28:64:09:5b:44:23:1e:a8:ed:23:f1:4f:97:38:
23:23:df:39:a2:57:22:a6:de:47:a1:4b:57:06:d3:
9a:35:a0:3c:99:ce:4c:45:5c:9b:97:c4:33:6e:6e:
af:6f:59:3e:b8:4b:6a:57:f3:63:92:f4:5e:d2:02:
c6:a7:00:18:fd:a7:d9:7d:62:6c:b4:94:92:c8:c1:
51:f7:52:da:61:ca:df:a8:42:f7:62:51:ac:b8:27:
54:55:ff:8b:0d:8b:a4:65:c5:1c:65:9f:30:be:04:
b8:f8:86:e4:ef:3b:36:91:ff:48:5f:4d:3d:4b:a3:
99:5c:65:a7:6d:f4:a5:e4:c5:2f:7c:98:46:31:f7:
c2:34:94:a2:22:85:75:2e:4a:4d:e3:f3:d8:af:cc:
a5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:6F:69:A7:C6:91:74:AC:A6:6B:C9:06:B4:8C:DE:D1:8D:A7:B6:B4
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/1m9pp8aRdKyma8kGtIze0Y2ntrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.38.0/23
46.233.44.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:ad:05:8d:7d:2c:2d:72:60:52:3e:68:04:fc:70:10:3a:32:
02:e3:52:a7:ea:dd:82:22:9d:37:a2:6b:e9:c5:35:98:48:34:
c3:45:f1:99:c1:6f:77:59:7f:3e:68:16:f0:99:fa:16:98:69:
27:a1:bd:17:cd:a0:4a:fa:83:34:e5:bc:42:a2:b6:73:22:69:
5e:1b:4e:74:a9:8f:16:5b:8e:c6:d6:eb:90:83:42:46:e5:d4:
b1:cf:9e:b7:67:9a:d1:d8:7a:1b:e3:2e:3b:2d:c2:b4:b0:70:
29:83:17:6c:c0:69:25:14:85:ca:3f:a4:b0:a1:ea:e3:8e:df:
c8:78:39:51:2a:e7:84:f4:cb:52:9d:21:94:76:2f:42:09:b1:
51:6f:f9:78:72:53:72:32:59:98:2a:b9:68:f3:a0:52:98:57:
e5:6b:38:9e:bc:aa:28:43:79:33:30:63:e8:e0:ba:27:39:e2:
72:9d:51:08:26:ef:f4:bc:d7:5f:6f:86:80:73:b5:cc:47:97:
50:c9:84:c2:45:ba:4f:f6:98:53:89:e3:c9:fe:c8:b5:00:0a:
55:92:ef:b6:23:0a:9f:8c:93:f9:6e:f6:5e:18:78:3c:0f:7e:
1e:53:f5:43:08:ce:c6:0b:74:b8:0c:64:36:28:4e:0f:6b:4b:
8b:d2:f4:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdF2c4RIAqYudh6dj64SvBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjMwNDAzMDY0MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjZmNjlhN2M2OTE3NGFjYTY2YmM5MDZiNDhjZGVkMThkYTdiNmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaz6aFDrhslAxBBVrx9Fw4kzd4Mw
t2ajuJc00k8seSQ0xML+qZUcbJx0CwEtVo1uER19wrBe8tbMjXLeaaeAKMJk2iA+
XIbSYD7YcdAo+aFCE+zpQTWii6ojHV3pvGA3pSdD1+/LdsBLKGQJW0QjHqjtI/FP
lzgjI985olcipt5HoUtXBtOaNaA8mc5MRVybl8Qzbm6vb1k+uEtqV/NjkvRe0gLG
pwAY/afZfWJstJSSyMFR91LaYcrfqEL3YlGsuCdUVf+LDYukZcUcZZ8wvgS4+Ibk
7zs2kf9IX009S6OZXGWnbfSl5MUvfJhGMffCNJSiIoV1LkpN4/PYr8yl7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNZvaafGkXSspmvJBrSM3tGNp7a0MB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvMW05cHA4YVJkS3ltYThrR3RJemUwWTJudHJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLukmAwQB
LuksMA0GCSqGSIb3DQEBCwUAA4IBAQAcrQWNfSwtcmBSPmgE/HAQOjIC41Kn6t2C
Ip03omvpxTWYSDTDRfGZwW93WX8+aBbwmfoWmGknob0XzaBK+oM05bxCorZzImle
G050qY8WW47G1uuQg0JG5dSxz563Z5rR2Hob4y47LcK0sHApgxdswGklFIXKP6Sw
oerjjt/IeDlRKueE9MtSnSGUdi9CCbFRb/l4clNyMlmYKrlo86BSmFflazievKoo
Q3kzMGPo4LonOeJynVEIJu/0vNdfb4aAc7XMR5dQyYTCRbpP9phTiePJ/si1AApV
ku+2IwqfjJP5bvZeGHg8D34eU/VDCM7GC3S4DGQ2KE4Pa0uL0vQa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:37 2024 by rpki-client on console-fra.rpki-client.org