Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/loZoBcbeO0iue46Kmvj2kQwNWBw.roa
File: loZoBcbeO0iue46Kmvj2kQwNWBw.roa (raw, json)
Hash identifier: U9wZXvPbmGK3QEOJXOzKGuYoK3MLdyO15to88a774Zk=
Subject key identifier: 96:86:68:05:C6:DE:3B:48:AE:7B:8E:8A:9A:F8:F6:91:0C:0D:58:1C
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 01889B7F3C041DB4D9E4DB87CD6F1F5C0512
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/loZoBcbeO0iue46Kmvj2kQwNWBw.roa
Signing time: Thu 08 Jun 2023 14:53:06 +0000
ROA not before: Thu 08 Jun 2023 14:53:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.233.38.0/24 maxlen: 24
46.233.39.0/24 maxlen: 24
46.233.42.0/23 maxlen: 23
46.233.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Jun 2023 13:55:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9b:7f:3c:04:1d:b4:d9:e4:db:87:cd:6f:1f:5c:05:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Jun 8 14:53:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96866805c6de3b48ae7b8e8a9af8f6910c0d581c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:04:f0:e8:69:e5:b5:de:09:c6:bb:92:19:5e:
e7:7a:72:96:b4:0a:20:23:85:0b:bf:f1:c3:77:33:
06:d2:5f:33:75:b7:c2:15:22:7f:34:b5:67:3c:d7:
26:1a:01:01:f6:82:63:48:0c:70:ee:26:bf:7e:a9:
2a:16:66:8c:44:fb:d6:9c:c0:0f:74:8c:d2:b1:76:
a3:52:4f:70:ab:18:ca:96:67:ef:01:e7:1f:7d:1a:
d6:80:17:fc:45:b5:8b:ca:28:a1:21:1a:fc:be:f2:
7d:ec:fa:6a:f9:04:42:f3:0d:72:05:b5:d4:df:22:
61:9f:e6:69:b0:ad:e2:c9:85:b0:8c:6b:d6:af:4b:
74:a6:44:ee:59:bd:44:1f:75:19:23:95:9d:0e:3e:
d2:13:54:20:f3:60:2d:bd:80:69:2f:b9:7f:c7:6a:
86:ea:5d:40:a3:fc:e2:6e:dc:d7:08:75:b1:3d:dd:
f7:bd:00:d7:3d:3f:03:78:51:2d:37:e8:55:4f:c6:
80:88:8c:b9:07:f3:c0:7f:bd:b5:0f:61:73:a9:e7:
44:a7:2c:93:ef:3c:77:07:b6:07:67:30:5b:0f:36:
e0:10:23:1a:13:a0:e3:38:9f:34:e1:64:e6:45:0f:
df:28:79:25:c5:a2:45:70:a8:74:80:df:f7:f1:4d:
3e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:86:68:05:C6:DE:3B:48:AE:7B:8E:8A:9A:F8:F6:91:0C:0D:58:1C
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/loZoBcbeO0iue46Kmvj2kQwNWBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.38.0/23
46.233.42.0-46.233.45.255
Signature Algorithm: sha256WithRSAEncryption
8e:6f:e8:be:79:51:d0:85:f8:12:b3:3c:49:7d:7f:ba:73:d7:
e3:1a:da:11:17:6d:24:89:29:f0:b9:38:ab:30:f8:29:57:55:
bb:1b:58:4b:98:10:8a:b7:a2:54:40:76:c4:c6:96:1d:f7:b2:
ea:22:1d:96:8f:61:dc:c6:18:b0:9b:e6:9e:0f:c4:6a:4b:74:
32:15:04:e9:e4:c9:3b:b8:9f:c9:42:b9:4e:75:f9:40:c3:f0:
80:ee:1e:30:d5:c1:68:03:c0:f4:dd:cc:54:29:d6:65:95:0c:
0d:ec:f4:56:53:b7:17:43:50:f5:64:51:81:23:c9:d9:ad:5f:
e1:26:d5:9b:78:62:9f:5c:5a:d2:da:0f:66:b2:21:d9:09:dc:
e0:a5:23:3a:02:7c:1b:30:e2:24:1b:5d:58:8f:2d:37:e4:02:
8e:cd:3d:9f:63:f2:37:77:cf:94:f3:af:d4:5f:3c:c3:e5:70:
4f:73:a7:72:0f:2b:df:f6:21:1e:fa:fd:27:30:43:bd:01:a6:
89:79:0d:60:6b:a7:9a:0f:3a:5c:76:2c:14:62:3b:25:5a:95:
5a:a8:7c:b8:d0:59:05:c4:e6:33:33:f1:4b:55:e3:c5:26:72:
68:c3:23:d6:81:57:e5:f6:04:5a:2c:ec:de:0a:5c:68:f2:8b:
54:7f:43:58
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYibfzwEHbTZ5NuHzW8fXAUSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjMwNjA4MTQ1MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njg2NjgwNWM2ZGUzYjQ4YWU3YjhlOGE5YWY4ZjY5MTBjMGQ1ODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQTw6Gnltd4JxruSGV7nenKWtAog
I4ULv/HDdzMG0l8zdbfCFSJ/NLVnPNcmGgEB9oJjSAxw7ia/fqkqFmaMRPvWnMAP
dIzSsXajUk9wqxjKlmfvAecffRrWgBf8RbWLyiihIRr8vvJ97Ppq+QRC8w1yBbXU
3yJhn+ZpsK3iyYWwjGvWr0t0pkTuWb1EH3UZI5WdDj7SE1Qg82AtvYBpL7l/x2qG
6l1Ao/zibtzXCHWxPd33vQDXPT8DeFEtN+hVT8aAiIy5B/PAf721D2FzqedEpyyT
7zx3B7YHZzBbDzbgECMaE6DjOJ804WTmRQ/fKHklxaJFcKh0gN/38U0+9wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJaGaAXG3jtIrnuOipr49pEMDVgcMB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvbG9ab0JjYmVPMGl1ZTQ2S212ajJrUXdOV0J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBLukmMAwD
BAEu6SoDBAEu6SwwDQYJKoZIhvcNAQELBQADggEBAI5v6L55UdCF+BKzPEl9f7pz
1+Ma2hEXbSSJKfC5OKsw+ClXVbsbWEuYEIq3olRAdsTGlh33suoiHZaPYdzGGLCb
5p4PxGpLdDIVBOnkyTu4n8lCuU51+UDD8IDuHjDVwWgDwPTdzFQp1mWVDA3s9FZT
txdDUPVkUYEjydmtX+Em1Zt4Yp9cWtLaD2ayIdkJ3OClIzoCfBsw4iQbXViPLTfk
Ao7NPZ9j8jd3z5Tzr9RfPMPlcE9zp3IPK9/2IR76/ScwQ70Bpol5DWBrp5oPOlx2
LBRiOyValVqofLjQWQXE5jMz8UtV48UmcmjDI9aBV+X2BFos7N4KXGjyi1R/Q1g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:09 2024 by rpki-client on console-ams.rpki-client.org