Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/kFbvGRx-vk8hnM5v6ZVvsvMGmoM.roa
File: kFbvGRx-vk8hnM5v6ZVvsvMGmoM.roa (raw, json)
Hash identifier: khqpdu9wCYtgL3CqZe/c6Dw+oI+KSioTSYm8SfqUFk8=
Subject key identifier: 90:56:EF:19:1C:7E:BE:4F:21:9C:CE:6F:E9:95:6F:B2:F3:06:9A:83
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 018CC9BC25BBCECDB5DFE559A49BA4775361
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/kFbvGRx-vk8hnM5v6ZVvsvMGmoM.roa
Signing time: Tue 02 Jan 2024 10:33:19 +0000
ROA not before: Tue 02 Jan 2024 10:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.233.38.0/24 maxlen: 24
46.233.42.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 29 Jun 2024 15:27:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:25:bb:ce:cd:b5:df:e5:59:a4:9b:a4:77:53:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Jan 2 10:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9056ef191c7ebe4f219cce6fe9956fb2f3069a83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a6:c1:4d:5a:e3:f9:39:41:8b:ce:27:a7:8b:
c8:8d:17:a8:f4:de:99:98:e8:11:bb:be:24:68:ae:
8d:68:eb:0d:ab:c1:92:1e:42:58:58:cd:b0:4f:3c:
46:ef:3d:7e:8b:56:bf:e1:b7:8d:5b:94:b3:2c:5e:
31:f4:a0:ae:8a:98:44:33:da:f3:7b:dc:8a:aa:66:
3e:03:27:5c:49:b7:12:3b:98:15:d3:e9:50:ce:87:
cd:da:73:19:44:1e:57:45:62:ef:16:0d:6b:0d:11:
d5:a4:a7:51:23:a3:98:05:fc:c6:21:28:7a:18:a5:
bc:f0:cf:53:13:e4:18:3c:8a:28:b6:f6:d5:ad:24:
53:c1:7f:ab:53:81:79:8e:27:33:6f:6b:38:f0:f3:
0c:91:5a:83:f5:6b:2a:aa:e4:f4:a3:d4:15:8d:c9:
3e:1a:51:98:de:a4:25:40:1e:99:1f:58:d8:b0:88:
b3:cf:6d:66:d8:36:1b:2f:f2:8c:ed:08:d2:bc:ea:
71:cb:09:8d:be:a2:72:2e:2e:97:96:d5:d5:25:fe:
04:12:97:f3:dc:97:6b:b4:2f:57:bf:72:dd:3f:e5:
33:28:6b:e5:6f:16:a9:01:d6:bd:0a:68:7d:46:aa:
86:59:f1:9b:0e:b0:e0:a7:dc:0d:9c:f9:a4:a0:f0:
ff:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:56:EF:19:1C:7E:BE:4F:21:9C:CE:6F:E9:95:6F:B2:F3:06:9A:83
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/kFbvGRx-vk8hnM5v6ZVvsvMGmoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.38.0/24
46.233.42.0/23
Signature Algorithm: sha256WithRSAEncryption
07:a0:e5:9d:34:02:6d:a3:ea:68:e5:13:44:26:3a:17:f1:ae:
37:d4:03:48:1f:44:a8:61:14:59:8e:88:99:b3:01:0b:ec:08:
e0:73:60:94:eb:28:f4:73:f0:88:2a:b9:61:3b:f2:f7:67:43:
8c:0c:46:65:af:73:77:a1:aa:51:08:ca:b6:f5:45:9e:39:72:
11:a4:98:18:d2:6d:07:6e:e7:01:1a:da:e4:f9:b2:dd:25:08:
39:de:be:69:df:d6:b0:3d:23:93:0a:0a:27:17:58:db:05:28:
6d:bf:40:4f:fe:bd:83:b8:18:ef:72:c0:69:72:df:68:5e:81:
2e:a1:72:3f:f3:05:e8:f2:40:87:06:bc:3c:40:16:fa:78:aa:
b3:f5:7b:f5:d6:81:fd:f1:6e:b8:e2:cd:8b:2b:48:3b:1d:d2:
a2:2d:69:e1:67:35:3e:1a:76:89:d9:3a:6e:03:60:17:17:60:
50:99:2f:2e:e1:c4:72:4d:48:05:ce:7a:df:e8:17:6d:eb:92:
cc:76:ff:b4:24:cc:c3:6a:50:52:04:cf:58:00:e3:6f:47:5f:
2e:e6:aa:aa:17:63:36:ff:bd:b7:7a:67:20:d3:77:80:d0:d9:
38:ec:2c:a4:25:12:e3:19:71:7d:9f:37:67:55:db:35:f7:60:
7e:44:6d:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvCW7zs213+VZpJukd1NhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjQwMTAyMTAzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDU2ZWYxOTFjN2ViZTRmMjE5Y2NlNmZlOTk1NmZiMmYzMDY5YTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06bBTVrj+TlBi84np4vIjReo9N6Z
mOgRu74kaK6NaOsNq8GSHkJYWM2wTzxG7z1+i1a/4beNW5SzLF4x9KCuiphEM9rz
e9yKqmY+AydcSbcSO5gV0+lQzofN2nMZRB5XRWLvFg1rDRHVpKdRI6OYBfzGISh6
GKW88M9TE+QYPIootvbVrSRTwX+rU4F5jiczb2s48PMMkVqD9WsqquT0o9QVjck+
GlGY3qQlQB6ZH1jYsIizz21m2DYbL/KM7QjSvOpxywmNvqJyLi6XltXVJf4EEpfz
3JdrtC9Xv3LdP+UzKGvlbxapAda9Cmh9RqqGWfGbDrDgp9wNnPmkoPD/YwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJBW7xkcfr5PIZzOb+mVb7LzBpqDMB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEva0ZidkdSeC12azhobk01djZaVnZzdk1HbW9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALukmAwQB
LukqMA0GCSqGSIb3DQEBCwUAA4IBAQAHoOWdNAJto+po5RNEJjoX8a431ANIH0So
YRRZjoiZswEL7Ajgc2CU6yj0c/CIKrlhO/L3Z0OMDEZlr3N3oapRCMq29UWeOXIR
pJgY0m0HbucBGtrk+bLdJQg53r5p39awPSOTCgonF1jbBShtv0BP/r2DuBjvcsBp
ct9oXoEuoXI/8wXo8kCHBrw8QBb6eKqz9Xv11oH98W644s2LK0g7HdKiLWnhZzU+
GnaJ2TpuA2AXF2BQmS8u4cRyTUgFznrf6Bdt65LMdv+0JMzDalBSBM9YAONvR18u
5qqqF2M2/723emcg03eA0Nk47CykJRLjGXF9nzdnVds192B+RG1T
-----END CERTIFICATE-----
Generated at Sat Jun 29 19:44:08 2024 by rpki-client on console-fra.rpki-client.org