Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/ffKnnvTO_43Du1EsQNgR8XooDjU.roa
File: ffKnnvTO_43Du1EsQNgR8XooDjU.roa (raw, json)
Hash identifier: 0/Uj/OfiNIjAE0CFMOcU3L1ELJqR8/sdqbFMY2mVYFw=
Subject key identifier: 7D:F2:A7:9E:F4:CE:FF:8D:C3:BB:51:2C:40:D8:11:F1:7A:28:0E:35
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 0187B2D737310CE18F802B374C5C0B57B6D0
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/ffKnnvTO_43Du1EsQNgR8XooDjU.roa
Signing time: Mon 24 Apr 2023 10:37:41 +0000
ROA not before: Mon 24 Apr 2023 10:37:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44077
IP address blocks: 46.233.40.0/23 maxlen: 24
46.233.40.0/22 maxlen: 22
46.233.47.0/24 maxlen: 24
46.233.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Apr 2023 12:07:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b2:d7:37:31:0c:e1:8f:80:2b:37:4c:5c:0b:57:b6:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Apr 24 10:37:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7df2a79ef4ceff8dc3bb512c40d811f17a280e35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d2:dc:d6:16:71:32:b0:e4:08:f8:a9:7a:28:
17:d9:59:2b:57:2e:3e:1d:eb:2b:ac:cc:f6:2b:a0:
3b:f9:b1:fb:e8:15:7f:67:65:d7:0f:78:7e:d1:46:
fd:95:e5:b4:62:0e:23:1c:9e:0a:24:79:13:48:3f:
9b:78:07:c5:ff:d0:27:34:fd:9a:b0:c0:46:76:74:
0c:29:32:e7:06:1b:c0:ab:e1:4e:48:7e:a1:76:5a:
33:11:26:ef:a8:ba:d7:f0:75:85:fa:f1:ca:70:b3:
2d:ad:6d:d8:d3:d8:5b:df:b1:7d:c1:72:84:4a:96:
53:53:ee:b3:af:59:c6:d7:51:97:d6:73:49:7f:c0:
45:a9:fd:a3:c2:82:29:08:b4:b9:ce:51:f4:90:8f:
12:3e:c7:e4:29:62:5a:0c:ae:f8:51:87:23:5e:02:
eb:83:95:64:78:f8:73:b9:e5:db:62:d8:c2:51:3f:
5a:5e:fb:23:4b:05:81:7e:77:6c:50:0e:5d:94:e9:
ef:9d:ed:4b:d9:73:7f:64:cf:f9:49:55:3d:fe:bb:
78:5b:09:84:99:78:d9:0f:05:e1:4d:1a:b5:5e:9c:
a1:eb:14:f5:fa:31:30:2b:29:00:c5:72:79:cc:df:
4e:96:7e:f1:8a:9d:34:f4:fc:4d:3e:25:ca:61:99:
d6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F2:A7:9E:F4:CE:FF:8D:C3:BB:51:2C:40:D8:11:F1:7A:28:0E:35
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/ffKnnvTO_43Du1EsQNgR8XooDjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.40.0/22
46.233.46.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:b8:56:89:86:d8:6f:a6:34:43:43:5d:12:1a:5e:80:cd:2d:
0c:b4:7e:ce:74:31:dd:2c:6e:5a:4f:9e:86:49:d0:b8:8e:00:
3a:f2:74:e3:32:16:72:ad:e7:33:35:a9:1c:df:47:e1:f2:8d:
d5:99:bd:d6:72:d6:3a:82:36:b3:13:96:24:d3:e9:81:6d:9f:
0f:90:50:a8:68:81:fd:5e:aa:f9:58:aa:a5:63:f2:46:03:15:
d3:45:89:fd:f9:c1:c5:1b:96:ee:ab:9e:cd:06:84:10:9c:85:
07:55:fc:f9:fe:4c:dc:1b:55:ae:10:c1:8a:b0:db:eb:e2:13:
53:da:23:fd:29:68:7c:80:40:9e:3f:8a:2c:25:1f:a8:27:04:
66:87:42:7b:b5:c0:1b:e1:57:e1:8a:fa:dc:0b:f7:64:0d:67:
d3:0b:3a:f1:ce:ad:a7:13:73:3d:5f:27:b0:92:dc:48:eb:e8:
b1:ef:74:62:76:78:98:4d:50:ae:d5:d7:f8:a9:f3:9a:aa:22:
dd:78:5b:bf:3a:e4:bb:75:70:26:c1:85:a4:34:12:ba:72:2f:
55:64:07:af:dd:00:02:bd:58:65:5e:08:12:52:64:ce:ff:6f:
c7:6a:d0:05:a9:02:51:ef:33:ea:40:2a:45:bb:68:43:84:4e:
0d:cd:03:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYey1zcxDOGPgCs3TFwLV7bQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjMwNDI0MTAzNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGYyYTc5ZWY0Y2VmZjhkYzNiYjUxMmM0MGQ4MTFmMTdhMjgwZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktLc1hZxMrDkCPipeigX2VkrVy4+
HesrrMz2K6A7+bH76BV/Z2XXD3h+0Ub9leW0Yg4jHJ4KJHkTSD+beAfF/9AnNP2a
sMBGdnQMKTLnBhvAq+FOSH6hdlozESbvqLrX8HWF+vHKcLMtrW3Y09hb37F9wXKE
SpZTU+6zr1nG11GX1nNJf8BFqf2jwoIpCLS5zlH0kI8SPsfkKWJaDK74UYcjXgLr
g5VkePhzueXbYtjCUT9aXvsjSwWBfndsUA5dlOnvne1L2XN/ZM/5SVU9/rt4WwmE
mXjZDwXhTRq1Xpyh6xT1+jEwKykAxXJ5zN9Oln7xip009PxNPiXKYZnWxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH3yp570zv+Nw7tRLEDYEfF6KA41MB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvZmZLbm52VE9fNDNEdTFFc1FOZ1I4WG9vRGpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLukoAwQB
LukuMA0GCSqGSIb3DQEBCwUAA4IBAQCluFaJhthvpjRDQ10SGl6AzS0MtH7OdDHd
LG5aT56GSdC4jgA68nTjMhZyreczNakc30fh8o3Vmb3WctY6gjazE5Yk0+mBbZ8P
kFCoaIH9Xqr5WKqlY/JGAxXTRYn9+cHFG5buq57NBoQQnIUHVfz5/kzcG1WuEMGK
sNvr4hNT2iP9KWh8gECeP4osJR+oJwRmh0J7tcAb4VfhivrcC/dkDWfTCzrxzq2n
E3M9XyewktxI6+ix73RidniYTVCu1df4qfOaqiLdeFu/OuS7dXAmwYWkNBK6ci9V
ZAev3QACvVhlXggSUmTO/2/HatAFqQJR7zPqQCpFu2hDhE4NzQMF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:37 2024 by rpki-client on console-fra.rpki-client.org