Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/usZ5Ayfmb8amTiEP73VB5quczSw.roa
File: usZ5Ayfmb8amTiEP73VB5quczSw.roa (raw, json)
Hash identifier: R6/dwkN3Obb2z50ldxALKAewaEuAj8AIi6yRy9fTv38=
Subject key identifier: BA:C6:79:03:27:E6:6F:C6:A6:4E:21:0F:EF:75:41:E6:AB:9C:CD:2C
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 0191AE4D3BC17CEFDD5C330CF6A0F57B71AB
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/usZ5Ayfmb8amTiEP73VB5quczSw.roa
Signing time: Sun 01 Sep 2024 15:56:22 +0000
ROA not before: Sun 01 Sep 2024 15:56:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.233.38.0/24 maxlen: 24
46.233.42.0/23 maxlen: 23
46.233.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 05:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ae:4d:3b:c1:7c:ef:dd:5c:33:0c:f6:a0:f5:7b:71:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Sep 1 15:56:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bac6790327e66fc6a64e210fef7541e6ab9ccd2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:94:67:f0:23:90:a8:6b:df:cf:3c:6f:7a:ca:
1a:12:b1:f7:62:7c:4a:8f:ef:21:22:72:df:60:f4:
6b:68:e5:d5:46:c6:3d:d2:c5:ac:f3:77:02:89:42:
44:0b:99:b5:41:c5:33:3d:f5:82:c0:59:f0:f0:03:
37:a7:f7:73:d6:92:29:5a:61:4b:17:4d:69:7f:0e:
25:5b:b0:5b:61:1c:df:8a:b1:a5:1a:6d:72:4e:ec:
84:34:b6:42:31:da:7c:9f:86:9a:77:a3:5f:c0:54:
24:6f:d9:36:07:92:5f:b9:a1:aa:6b:c2:0a:3a:af:
c2:ee:92:4c:91:59:fd:75:83:f2:d6:3f:e5:30:bb:
86:96:c4:16:8d:a1:de:39:65:11:d1:93:bf:8b:63:
6f:f3:4b:d7:58:ed:b2:1a:17:f3:55:13:ed:47:74:
23:0b:b3:c3:8b:f0:03:a7:0a:0b:af:0c:50:9e:47:
af:62:d5:bd:a9:3c:39:9d:0e:a9:fe:95:a1:43:45:
e5:3e:ef:90:e6:87:9a:d1:17:16:48:23:57:0e:ab:
2f:0e:76:7b:09:51:0b:1d:a9:a5:0b:f2:c5:71:1d:
c9:03:60:08:4b:7c:d6:3f:94:1d:9c:fb:77:6f:07:
08:0d:34:b0:7e:b1:c5:d3:78:d8:6a:23:8d:a2:53:
1c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C6:79:03:27:E6:6F:C6:A6:4E:21:0F:EF:75:41:E6:AB:9C:CD:2C
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/usZ5Ayfmb8amTiEP73VB5quczSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.38.0/24
46.233.42.0/23
Signature Algorithm: sha256WithRSAEncryption
93:66:1f:42:7f:9b:0d:23:f5:3b:20:e6:d9:9d:27:84:03:7c:
39:8c:4a:f5:49:0d:72:0a:7c:d0:84:be:de:5f:0e:a4:93:b0:
ec:26:b4:eb:30:b5:7c:26:d8:6b:8f:06:c8:66:14:e0:6f:18:
26:4d:44:1e:fe:73:46:ee:06:3b:71:67:be:f9:14:0f:87:1c:
b4:4a:c1:89:0a:2e:c7:a6:42:df:c0:a3:f5:cd:ee:77:df:a8:
59:75:ee:40:f5:15:56:ee:ff:88:f4:c7:0a:66:d2:18:3f:2a:
7e:b4:bb:5e:ff:69:4c:f8:03:0c:0b:fb:2f:b2:0e:46:03:0b:
83:73:6c:91:fd:b0:fc:57:54:22:05:53:4e:f9:9a:01:a8:aa:
f2:67:89:e3:09:39:cd:f0:72:84:be:7d:ec:c9:3a:34:0b:84:
71:62:56:6e:a4:fb:b7:93:ac:1c:3a:e9:35:66:e6:be:8c:26:
a6:57:6b:1c:f4:00:57:36:d5:2c:43:cc:7e:50:ac:2a:3e:75:
d4:27:49:c2:db:b3:1a:ef:13:97:43:5f:f2:f2:8d:c1:c2:7f:
63:37:ef:ef:1f:b6:19:5b:3d:bf:5f:4d:0e:33:4f:a9:58:89:
46:f4:89:c2:96:bf:e3:66:8c:fa:1f:f4:97:00:4f:13:50:f7:
0e:dc:fa:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGuTTvBfO/dXDMM9qD1e3GrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjQwOTAxMTU1NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWM2NzkwMzI3ZTY2ZmM2YTY0ZTIxMGZlZjc1NDFlNmFiOWNjZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJRn8COQqGvfzzxvesoaErH3YnxK
j+8hInLfYPRraOXVRsY90sWs83cCiUJEC5m1QcUzPfWCwFnw8AM3p/dz1pIpWmFL
F01pfw4lW7BbYRzfirGlGm1yTuyENLZCMdp8n4aad6NfwFQkb9k2B5JfuaGqa8IK
Oq/C7pJMkVn9dYPy1j/lMLuGlsQWjaHeOWUR0ZO/i2Nv80vXWO2yGhfzVRPtR3Qj
C7PDi/ADpwoLrwxQnkevYtW9qTw5nQ6p/pWhQ0XlPu+Q5oea0RcWSCNXDqsvDnZ7
CVELHamlC/LFcR3JA2AIS3zWP5QdnPt3bwcIDTSwfrHF03jYaiONolMcfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLrGeQMn5m/Gpk4hD+91QearnM0sMB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvdXNaNUF5Zm1iOGFtVGlFUDczVkI1cXVjelN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALukmAwQB
LukqMA0GCSqGSIb3DQEBCwUAA4IBAQCTZh9Cf5sNI/U7IObZnSeEA3w5jEr1SQ1y
CnzQhL7eXw6kk7DsJrTrMLV8JthrjwbIZhTgbxgmTUQe/nNG7gY7cWe++RQPhxy0
SsGJCi7HpkLfwKP1ze5336hZde5A9RVW7v+I9McKZtIYPyp+tLte/2lM+AMMC/sv
sg5GAwuDc2yR/bD8V1QiBVNO+ZoBqKryZ4njCTnN8HKEvn3syTo0C4RxYlZupPu3
k6wcOuk1Zua+jCamV2sc9ABXNtUsQ8x+UKwqPnXUJ0nC27Ma7xOXQ1/y8o3Bwn9j
N+/vH7YZWz2/X00OM0+pWIlG9InClr/jZoz6H/SXAE8TUPcO3Pqe
-----END CERTIFICATE-----
Generated at Tue Sep 24 07:38:55 2024 by rpki-client on console-fra.rpki-client.org