Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/RODIsOqQmKKQY6ACiR6Y3_d5FxQ.roa
File: RODIsOqQmKKQY6ACiR6Y3_d5FxQ.roa (raw, json)
Hash identifier: 3W0ux+FV8RqY4P+LCPmRa+TnbTJ+ZtFXeolsjxoIOMs=
Subject key identifier: 44:E0:C8:B0:EA:90:98:A2:90:63:A0:02:89:1E:98:DF:F7:79:17:14
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 0189AFB738479A8AC4403F2C61FEF16648E3
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/RODIsOqQmKKQY6ACiR6Y3_d5FxQ.roa
Signing time: Tue 01 Aug 2023 06:09:27 +0000
ROA not before: Tue 01 Aug 2023 06:09:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.233.38.0/24 maxlen: 24
46.233.42.0/24 maxlen: 24
46.233.42.0/23 maxlen: 23
46.233.43.0/24 maxlen: 24
46.233.44.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:af:b7:38:47:9a:8a:c4:40:3f:2c:61:fe:f1:66:48:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Aug 1 06:09:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44e0c8b0ea9098a29063a002891e98dff7791714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bb:8c:0e:cf:9e:d3:49:59:49:d6:3d:36:bb:
f5:34:ec:33:f4:9e:9a:db:2d:c4:9f:1e:3c:55:9f:
1a:de:53:50:e4:3f:59:28:13:1c:74:c6:6c:55:a5:
6b:4a:75:bd:67:93:f4:5c:ad:64:f5:95:b9:f9:46:
1f:12:84:01:ce:af:c1:3a:1d:27:5a:ae:28:a6:ca:
19:22:be:5a:53:06:c2:5d:a9:0e:4c:bc:dc:01:da:
97:03:1c:ca:7d:26:ae:04:7f:3c:df:7b:70:11:a3:
08:b0:ce:c4:24:20:c6:e5:53:5a:91:75:18:e6:ca:
0c:5b:91:07:86:75:57:d0:23:72:50:18:b8:87:de:
e8:8f:97:47:69:62:bb:82:ea:71:73:b7:81:35:fa:
c2:d7:e7:65:72:1c:1c:04:c4:73:84:6a:b8:20:a1:
2b:1b:c7:c4:d5:48:2d:d3:a4:73:d7:5e:6a:2b:30:
4d:24:47:52:af:5e:28:4a:0b:05:9f:d3:70:78:7d:
56:09:40:c6:67:c0:d2:f5:55:4f:75:45:7b:4d:15:
4d:00:81:fa:53:c7:bd:7a:51:0f:72:c6:6f:48:d5:
b8:fc:43:8e:a2:34:f1:8a:2f:d6:8d:fc:39:ef:e4:
52:de:60:ae:25:16:5d:7c:a2:69:a3:2a:cc:89:e5:
1e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:E0:C8:B0:EA:90:98:A2:90:63:A0:02:89:1E:98:DF:F7:79:17:14
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/RODIsOqQmKKQY6ACiR6Y3_d5FxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.38.0/24
46.233.42.0-46.233.45.255
Signature Algorithm: sha256WithRSAEncryption
73:bf:c0:df:5e:80:31:06:c4:ba:86:3a:95:be:ec:11:81:95:
67:ed:47:30:df:06:73:38:6b:cf:5f:77:f6:16:cd:31:4e:fb:
62:e8:e7:96:66:dc:b7:89:52:2e:9d:75:28:74:70:b0:14:cf:
5b:68:9a:0c:d3:1b:64:ac:e0:2c:28:54:7a:a7:24:f7:4e:62:
87:0e:8b:4a:c2:c1:75:88:c4:e9:76:a0:05:f7:75:16:2c:bb:
2e:4d:da:0b:44:d8:0b:3b:c7:3c:02:89:1d:25:0d:ba:44:7f:
f1:bf:86:c6:b1:ce:30:5f:71:be:ad:d8:27:86:60:f7:a3:24:
e3:87:cf:b1:47:97:c7:82:bb:e1:68:47:0e:ee:f4:30:e3:7e:
82:2c:45:32:2a:97:1f:b3:49:fe:c9:16:4f:67:1f:9e:9f:02:
cc:5b:0e:e7:9a:61:13:aa:26:d3:bd:e4:39:31:10:a4:8d:c1:
c3:25:4b:bc:b2:ca:5c:34:6d:d0:fb:1e:55:5a:91:65:e1:49:
f5:8c:11:e7:77:02:e9:18:bc:83:4d:f0:0d:cf:d2:09:b2:64:
8e:03:58:5c:22:9e:68:51:a1:b2:86:47:fe:08:0b:5d:e7:f2:
21:e5:25:ae:95:90:cf:ed:29:d2:fd:7a:ea:6a:84:d2:36:c7:
dd:1f:3f:89
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYmvtzhHmorEQD8sYf7xZkjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjMwODAxMDYwOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGUwYzhiMGVhOTA5OGEyOTA2M2EwMDI4OTFlOThkZmY3NzkxNzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiruMDs+e00lZSdY9Nrv1NOwz9J6a
2y3Enx48VZ8a3lNQ5D9ZKBMcdMZsVaVrSnW9Z5P0XK1k9ZW5+UYfEoQBzq/BOh0n
Wq4opsoZIr5aUwbCXakOTLzcAdqXAxzKfSauBH8833twEaMIsM7EJCDG5VNakXUY
5soMW5EHhnVX0CNyUBi4h97oj5dHaWK7gupxc7eBNfrC1+dlchwcBMRzhGq4IKEr
G8fE1Ugt06Rz115qKzBNJEdSr14oSgsFn9NweH1WCUDGZ8DS9VVPdUV7TRVNAIH6
U8e9elEPcsZvSNW4/EOOojTxii/Wjfw57+RS3mCuJRZdfKJpoyrMieUeXwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFETgyLDqkJiikGOgAokemN/3eRcUMB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvUk9ESXNPcVFtS0tRWTZBQ2lSNlkzX2Q1RnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALukmMAwD
BAEu6SoDBAEu6SwwDQYJKoZIhvcNAQELBQADggEBAHO/wN9egDEGxLqGOpW+7BGB
lWftRzDfBnM4a89fd/YWzTFO+2Lo55Zm3LeJUi6ddSh0cLAUz1tomgzTG2Ss4Cwo
VHqnJPdOYocOi0rCwXWIxOl2oAX3dRYsuy5N2gtE2As7xzwCiR0lDbpEf/G/hsax
zjBfcb6t2CeGYPejJOOHz7FHl8eCu+FoRw7u9DDjfoIsRTIqlx+zSf7JFk9nH56f
AsxbDueaYROqJtO95DkxEKSNwcMlS7yyylw0bdD7HlVakWXhSfWMEed3AukYvINN
8A3P0gmyZI4DWFwinmhRobKGR/4IC13n8iHlJa6VkM/tKdL9eupqhNI2x90fP4k=
Generated at Tue Aug 1 14:58:12 2023 by rpki-client on console-fra.rpki-client.org