Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/CdNpBPkwq2LWTBSZZZNlJtqm-aY.roa
File: CdNpBPkwq2LWTBSZZZNlJtqm-aY.roa (raw, json)
Hash identifier: iQ6HqO7SMbDg0prmlsgyi2o9tK1VvN7vHgFYWb43AYY=
Subject key identifier: 09:D3:69:04:F9:30:AB:62:D6:4C:14:99:65:93:65:26:DA:A6:F9:A6
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 01875B2BFD6B8C67163D4A991F1EA9448E31
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/CdNpBPkwq2LWTBSZZZNlJtqm-aY.roa
Signing time: Fri 07 Apr 2023 10:03:42 +0000
ROA not before: Fri 07 Apr 2023 10:03:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.233.38.0/24 maxlen: 24
46.233.39.0/24 maxlen: 24
46.233.44.0/23 maxlen: 23
46.233.44.0/24 maxlen: 24
46.233.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Apr 2023 20:24:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5b:2b:fd:6b:8c:67:16:3d:4a:99:1f:1e:a9:44:8e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Apr 7 10:03:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09d36904f930ab62d64c149965936526daa6f9a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d9:68:e4:d0:39:e3:d6:3e:ff:de:7f:f0:36:
be:e1:fc:f6:aa:ab:93:41:d7:da:5e:86:65:4b:49:
5b:8d:31:83:90:1f:67:bd:3b:aa:48:e0:12:a2:91:
72:3c:53:65:db:ea:44:ef:49:44:ad:35:a6:d0:aa:
96:c3:3b:73:f3:48:fe:ee:89:96:35:ee:35:08:b2:
36:5a:ae:2c:99:98:10:07:7c:e1:24:e3:43:5e:54:
fc:e2:21:65:63:1d:17:68:ea:69:b8:0e:b0:74:3d:
25:68:34:9c:15:3a:08:2e:cc:47:ab:bc:b1:47:10:
99:f9:1d:6c:37:8a:59:18:0b:a6:60:e6:54:3f:43:
3c:6b:d0:b8:8f:7d:77:fa:e6:58:48:2c:dc:89:b0:
31:97:fc:87:da:26:ac:78:99:92:08:b9:29:85:d9:
96:8d:d0:b1:a3:8a:f2:33:0c:bc:92:3c:3f:5e:8e:
9f:37:53:a7:37:57:b0:16:65:ab:23:b8:97:1b:81:
e5:3d:99:7f:60:fe:a9:37:13:3b:6d:47:43:15:4c:
ee:91:c8:84:c2:ac:c1:43:06:fa:e1:00:a6:bb:86:
64:df:8c:64:6d:7e:99:c9:3b:d5:fb:a5:7d:f8:49:
b0:70:79:97:46:cf:61:dd:5e:9c:27:37:6b:ff:56:
ef:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D3:69:04:F9:30:AB:62:D6:4C:14:99:65:93:65:26:DA:A6:F9:A6
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/CdNpBPkwq2LWTBSZZZNlJtqm-aY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.38.0/23
46.233.44.0/23
Signature Algorithm: sha256WithRSAEncryption
68:fe:86:e6:a4:27:28:12:76:8e:dd:00:02:8c:28:f4:bb:78:
a2:70:7c:e5:5a:2e:86:60:ff:75:59:d8:66:f0:0e:bf:e8:ba:
15:be:dc:7f:a7:ab:9e:c4:72:73:fb:c0:4d:46:16:ab:a7:38:
a6:58:23:ca:b1:94:d9:7b:d8:92:83:eb:fb:f9:78:c0:ec:71:
d8:e7:23:0a:ac:dc:69:17:65:d7:f5:6f:51:06:ec:1a:27:d7:
96:4d:ae:f3:65:c1:ee:76:47:d0:92:e1:03:1f:9e:e0:be:11:
9a:de:31:3c:79:cd:ff:86:72:da:7a:eb:e4:9e:e5:86:63:0f:
30:d8:e1:e7:b7:f2:fb:2b:ec:5b:2b:4a:e9:72:b1:b1:af:47:
9a:5e:fd:a4:66:c8:35:cb:5f:b2:ba:43:83:9e:1e:4e:7c:c9:
e5:c9:97:e5:18:28:4a:52:80:cb:aa:3f:61:f7:5e:91:af:4f:
5c:4f:9e:e5:42:c2:09:a1:44:26:12:b6:83:18:61:6f:a5:da:
e4:29:7d:b8:04:18:94:43:88:cb:24:b0:f5:31:21:3e:90:9e:
dc:32:3b:9a:fb:96:f8:d3:b3:07:19:74:71:f8:08:2d:d6:e7:
3e:de:46:d6:3f:38:89:81:0d:73:b3:3e:c4:e3:14:75:86:72:
4b:b8:d1:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdbK/1rjGcWPUqZHx6pRI4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjMwNDA3MTAwMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQzNjkwNGY5MzBhYjYyZDY0YzE0OTk2NTkzNjUyNmRhYTZmOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9lo5NA549Y+/95/8Da+4fz2qquT
QdfaXoZlS0lbjTGDkB9nvTuqSOASopFyPFNl2+pE70lErTWm0KqWwztz80j+7omW
Ne41CLI2Wq4smZgQB3zhJONDXlT84iFlYx0XaOppuA6wdD0laDScFToILsxHq7yx
RxCZ+R1sN4pZGAumYOZUP0M8a9C4j313+uZYSCzcibAxl/yH2iaseJmSCLkphdmW
jdCxo4ryMwy8kjw/Xo6fN1OnN1ewFmWrI7iXG4HlPZl/YP6pNxM7bUdDFUzukciE
wqzBQwb64QCmu4Zk34xkbX6ZyTvV+6V9+EmwcHmXRs9h3V6cJzdr/1bvwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAnTaQT5MKti1kwUmWWTZSbapvmmMB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvQ2ROcEJQa3dxMkxXVEJTWlpaTmxKdHFtLWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLukmAwQB
LuksMA0GCSqGSIb3DQEBCwUAA4IBAQBo/obmpCcoEnaO3QACjCj0u3iicHzlWi6G
YP91Wdhm8A6/6LoVvtx/p6uexHJz+8BNRharpzimWCPKsZTZe9iSg+v7+XjA7HHY
5yMKrNxpF2XX9W9RBuwaJ9eWTa7zZcHudkfQkuEDH57gvhGa3jE8ec3/hnLaeuvk
nuWGYw8w2OHnt/L7K+xbK0rpcrGxr0eaXv2kZsg1y1+yukODnh5OfMnlyZflGChK
UoDLqj9h916Rr09cT57lQsIJoUQmEraDGGFvpdrkKX24BBiUQ4jLJLD1MSE+kJ7c
Mjua+5b407MHGXRx+Agt1uc+3kbWPziJgQ1zsz7E4xR1hnJLuNFf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:37 2024 by rpki-client on console-fra.rpki-client.org