Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/rMOdhoZ0NqNlzzAqmFoZbFCLmGI.roa
File: rMOdhoZ0NqNlzzAqmFoZbFCLmGI.roa (raw, json)
Hash identifier: lAK3iNIWy9DLt3PrddzBE74oRkjPdWtDttXpSyeNLYY=
Subject key identifier: AC:C3:9D:86:86:74:36:A3:65:CF:30:2A:98:5A:19:6C:50:8B:98:62
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 0188B0D36371B0E440F2AE0E1A0FC4E089AD
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/rMOdhoZ0NqNlzzAqmFoZbFCLmGI.roa
Signing time: Mon 12 Jun 2023 18:17:03 +0000
ROA not before: Mon 12 Jun 2023 18:17:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.233.38.0/24 maxlen: 24
46.233.39.0/24 maxlen: 24
46.233.42.0/23 maxlen: 23
46.233.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Jun 2023 07:36:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b0:d3:63:71:b0:e4:40:f2:ae:0e:1a:0f:c4:e0:89:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Jun 12 18:17:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acc39d86867436a365cf302a985a196c508b9862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:21:13:4c:6b:42:94:bb:60:6b:19:65:3d:86:
2f:da:18:df:b5:ab:74:a4:a5:48:0f:1c:f0:a8:06:
0c:93:d3:0d:35:19:42:6e:e3:ab:f3:f8:9a:de:63:
de:37:90:cb:53:32:a9:d2:cc:60:a1:94:92:37:01:
ed:bd:50:83:75:f6:bb:23:f7:45:3a:2f:2f:b9:42:
b4:1c:5f:3d:d7:9b:4c:6f:3e:39:4a:8e:65:22:d7:
b8:66:17:cc:e6:44:0f:d2:13:4d:f4:57:b0:b5:63:
18:d4:58:ee:2f:43:a0:58:24:ce:ed:eb:e0:70:15:
c1:21:2c:77:1c:fe:4e:ec:97:4a:91:50:18:2e:b3:
49:77:57:d7:a8:8a:c2:1e:14:fe:af:44:80:dd:1d:
86:8f:e0:f7:1d:e9:b4:b7:7f:70:7d:0c:d1:9b:1d:
db:57:44:e0:4d:95:c5:35:f0:6c:7a:43:ff:20:c3:
8c:d9:e5:7a:42:44:9c:f1:20:78:83:d4:f1:78:46:
8b:5c:4e:09:17:69:a9:b1:79:cf:d3:bc:2c:75:07:
84:03:da:5e:74:02:a4:88:8f:b4:c1:9d:67:1a:02:
e2:c2:bf:e7:c4:6c:85:e1:ad:aa:e9:92:07:10:00:
d0:23:ef:2d:88:91:2b:9a:1c:23:7e:10:21:c4:5d:
f1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C3:9D:86:86:74:36:A3:65:CF:30:2A:98:5A:19:6C:50:8B:98:62
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/rMOdhoZ0NqNlzzAqmFoZbFCLmGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.38.0/23
46.233.42.0-46.233.45.255
Signature Algorithm: sha256WithRSAEncryption
00:f7:bd:17:ae:85:8f:c0:21:57:24:24:77:30:3c:4a:d7:27:
ac:55:45:cf:99:b0:aa:c7:fd:c1:0e:a8:b5:25:80:35:d6:1f:
38:ed:45:65:54:41:20:b2:12:b4:db:fe:4b:ad:d2:86:b1:67:
55:f9:c8:ca:08:b0:6b:f2:a4:2a:81:62:47:f4:e3:76:3a:ac:
a0:3c:c2:27:32:52:a2:5d:ba:41:d3:6f:a6:ee:b1:17:f0:02:
33:b3:a2:a0:f3:6f:16:7c:76:b7:c5:a5:cc:db:21:81:a2:3b:
a0:7c:58:ef:05:7c:db:34:3f:9a:3c:b2:ea:34:f2:38:2b:cd:
fc:a5:48:b1:e4:11:e1:8a:f7:93:fc:16:16:29:fa:fc:88:92:
f4:38:da:6a:af:e4:a9:e6:f2:95:b5:3a:1b:d0:f5:89:7f:9a:
1b:fb:38:4c:44:d3:cb:52:d2:1c:37:12:65:79:8c:f0:bd:b0:
13:fa:cc:05:39:7d:7a:55:fa:85:48:62:d1:a6:b4:d9:15:81:
4c:d7:9b:ca:4f:0f:58:f1:68:da:dc:3e:e6:ea:e0:a9:c1:53:
26:08:df:2b:cf:25:1f:2c:a6:8a:32:7e:44:32:4d:57:e2:de:
b3:17:e3:83:ba:a4:a9:fa:f9:7a:b9:b7:78:3d:46:d6:b5:8a:
98:a3:47:32
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYiw02NxsORA8q4OGg/E4ImtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjMwNjEyMTgxNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2MzOWQ4Njg2NzQzNmEzNjVjZjMwMmE5ODVhMTk2YzUwOGI5ODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSETTGtClLtgaxllPYYv2hjftat0
pKVIDxzwqAYMk9MNNRlCbuOr8/ia3mPeN5DLUzKp0sxgoZSSNwHtvVCDdfa7I/dF
Oi8vuUK0HF8915tMbz45So5lIte4ZhfM5kQP0hNN9FewtWMY1FjuL0OgWCTO7evg
cBXBISx3HP5O7JdKkVAYLrNJd1fXqIrCHhT+r0SA3R2Gj+D3Hem0t39wfQzRmx3b
V0TgTZXFNfBsekP/IMOM2eV6QkSc8SB4g9TxeEaLXE4JF2mpsXnP07wsdQeEA9pe
dAKkiI+0wZ1nGgLiwr/nxGyF4a2q6ZIHEADQI+8tiJErmhwjfhAhxF3xMwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKzDnYaGdDajZc8wKphaGWxQi5hiMB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvck1PZGhvWjBOcU5senpBcW1Gb1piRkNMbUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBLukmMAwD
BAEu6SoDBAEu6SwwDQYJKoZIhvcNAQELBQADggEBAAD3vReuhY/AIVckJHcwPErX
J6xVRc+ZsKrH/cEOqLUlgDXWHzjtRWVUQSCyErTb/kut0oaxZ1X5yMoIsGvypCqB
Ykf043Y6rKA8wicyUqJdukHTb6busRfwAjOzoqDzbxZ8drfFpczbIYGiO6B8WO8F
fNs0P5o8suo08jgrzfylSLHkEeGK95P8FhYp+vyIkvQ42mqv5Knm8pW1OhvQ9Yl/
mhv7OExE08tS0hw3EmV5jPC9sBP6zAU5fXpV+oVIYtGmtNkVgUzXm8pPD1jxaNrc
Pubq4KnBUyYI3yvPJR8spooyfkQyTVfi3rMX44O6pKn6+Xq5t3g9Rta1ipijRzI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:37 2024 by rpki-client on console-fra.rpki-client.org