Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/U7xrTg_runEvL5mwGo0TVEi_oxM.roa
File: U7xrTg_runEvL5mwGo0TVEi_oxM.roa (raw, json)
Hash identifier: FbdgEm3ZBmK/BXPGk5raOMkK/4CDRSnVlPW4sLkKQI8=
Subject key identifier: 53:BC:6B:4E:0F:EB:BA:71:2F:2F:99:B0:1A:8D:13:54:48:BF:A3:13
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 0192A8DBE793F59A6ACD426F9E1E9FF264E2
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/U7xrTg_runEvL5mwGo0TVEi_oxM.roa
Signing time: Sun 20 Oct 2024 07:37:16 +0000
ROA not before: Sun 20 Oct 2024 07:37:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.233.32.0/22 maxlen: 24
46.233.42.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 01 Nov 2024 07:17:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a8:db:e7:93:f5:9a:6a:cd:42:6f:9e:1e:9f:f2:64:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Oct 20 07:37:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53bc6b4e0febba712f2f99b01a8d135448bfa313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:e0:f7:f1:6e:a6:62:52:74:6d:ce:27:86:17:
28:0c:1b:dd:ef:fa:23:b6:d3:cd:1d:69:49:4e:a3:
bf:e8:80:f0:5f:81:db:6e:41:18:11:34:8f:b7:d7:
06:7c:8f:db:39:82:2b:44:f4:f0:47:25:f8:61:a1:
93:77:f1:97:97:c5:fc:3c:23:75:f8:25:a4:fe:22:
1d:a1:53:c4:3a:de:2a:78:6e:6d:b1:e3:5f:e0:d6:
6e:50:fc:78:f7:7c:de:d9:5f:5d:b9:35:44:0c:d5:
49:10:0a:7e:7b:45:59:ab:d9:b7:35:0b:0b:f7:88:
99:e7:0b:18:04:f7:d1:e6:f3:17:93:62:73:20:62:
c6:39:b8:09:d0:c4:e6:7f:0c:26:19:08:9d:a1:23:
b6:d9:6b:12:e7:34:dd:3c:44:6f:5f:de:9f:79:68:
73:fa:fc:a4:7f:bc:2e:4d:0c:78:3f:2d:99:24:82:
31:39:22:c1:dc:95:f4:28:cf:72:2d:f9:e1:a6:41:
39:82:73:ee:0a:41:ca:b7:90:5c:c0:a0:57:34:ca:
d5:25:5a:9b:b6:eb:09:bf:c2:49:29:68:12:58:ec:
eb:14:98:0c:dd:ab:b6:3c:48:5a:4d:5e:63:2c:36:
d5:40:1e:92:ff:e4:16:7d:74:e5:89:54:93:c3:65:
10:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:BC:6B:4E:0F:EB:BA:71:2F:2F:99:B0:1A:8D:13:54:48:BF:A3:13
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/U7xrTg_runEvL5mwGo0TVEi_oxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.32.0/22
46.233.42.0/23
Signature Algorithm: sha256WithRSAEncryption
18:98:06:4b:c4:83:39:6f:a4:9b:32:58:75:e8:d4:91:37:6a:
02:de:f1:33:84:48:d7:8d:02:61:88:3c:ec:1d:48:4c:28:3d:
98:68:75:a0:7d:57:f2:c4:fc:cf:13:75:27:b1:1d:28:d3:ee:
c3:77:c9:fc:d7:59:f5:ac:be:ec:c3:ca:9e:d8:2d:5e:01:59:
16:79:26:fc:56:b3:0a:27:17:95:b6:3c:f2:5e:d6:97:6d:93:
01:8a:e8:cc:95:63:66:2d:cf:a1:4f:12:38:fe:04:e8:1b:e0:
f4:bc:21:25:21:3c:99:bd:15:8f:f7:16:4f:31:08:11:67:21:
26:7a:5d:ba:2d:89:50:e7:03:fe:85:f8:54:a2:eb:a4:3a:03:
7f:64:26:02:ec:8f:e9:63:da:93:1c:81:e9:50:76:7c:9a:34:
ea:a7:e5:57:a3:4a:a0:1a:5a:dc:e3:df:65:7c:72:0a:a9:37:
51:20:61:47:d6:08:47:2b:39:eb:06:d7:16:44:58:81:a6:b6:
54:b5:3a:e0:af:0b:dc:e1:29:22:d6:c2:96:04:28:d4:46:53:
19:67:e0:20:41:41:fb:db:e3:6c:d0:fa:2f:50:20:84:41:c9:
dc:c9:b0:df:86:8d:9b:1f:25:6b:2f:50:09:20:c1:b0:7d:ca:
fe:3f:bd:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKo2+eT9ZpqzUJvnh6f8mTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjQxMDIwMDczNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2JjNmI0ZTBmZWJiYTcxMmYyZjk5YjAxYThkMTM1NDQ4YmZhMzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8+D38W6mYlJ0bc4nhhcoDBvd7/oj
ttPNHWlJTqO/6IDwX4HbbkEYETSPt9cGfI/bOYIrRPTwRyX4YaGTd/GXl8X8PCN1
+CWk/iIdoVPEOt4qeG5tseNf4NZuUPx493ze2V9duTVEDNVJEAp+e0VZq9m3NQsL
94iZ5wsYBPfR5vMXk2JzIGLGObgJ0MTmfwwmGQidoSO22WsS5zTdPERvX96feWhz
+vykf7wuTQx4Py2ZJIIxOSLB3JX0KM9yLfnhpkE5gnPuCkHKt5BcwKBXNMrVJVqb
tusJv8JJKWgSWOzrFJgM3au2PEhaTV5jLDbVQB6S/+QWfXTliVSTw2UQwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFO8a04P67pxLy+ZsBqNE1RIv6MTMB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvVTd4clRnX3J1bkV2TDVtd0dvMFRWRWlfb3hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLukgAwQB
LukqMA0GCSqGSIb3DQEBCwUAA4IBAQAYmAZLxIM5b6SbMlh16NSRN2oC3vEzhEjX
jQJhiDzsHUhMKD2YaHWgfVfyxPzPE3UnsR0o0+7Dd8n811n1rL7sw8qe2C1eAVkW
eSb8VrMKJxeVtjzyXtaXbZMBiujMlWNmLc+hTxI4/gToG+D0vCElITyZvRWP9xZP
MQgRZyEmel26LYlQ5wP+hfhUouukOgN/ZCYC7I/pY9qTHIHpUHZ8mjTqp+VXo0qg
Glrc499lfHIKqTdRIGFH1ghHKznrBtcWRFiBprZUtTrgrwvc4Ski1sKWBCjURlMZ
Z+AgQUH72+Ns0PovUCCEQcncybDfho2bHyVrL1AJIMGwfcr+P71c
-----END CERTIFICATE-----
Generated at Fri Nov 1 09:06:26 2024 by rpki-client on console-fra.rpki-client.org