Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/1-K2MRw7iAmHQN3wG1q9nI7m9WqI.roa
File: 1-K2MRw7iAmHQN3wG1q9nI7m9WqI.roa (raw, json)
Hash identifier: D/RRr1WEmLMVu7rfkjoKr2NanYjk4AYXwH/j0NR5FFE=
Subject key identifier: F8:AD:8C:47:0E:E2:02:61:D0:37:7C:06:D6:AF:67:23:B9:BD:5A:A2
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 01892C32A3C3B20A8CA13F7E5B480EDFD052
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/1-K2MRw7iAmHQN3wG1q9nI7m9WqI.roa
Signing time: Thu 06 Jul 2023 17:14:23 +0000
ROA not before: Thu 06 Jul 2023 17:14:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 46.37.123.0/24 maxlen: 24
46.37.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 06 Aug 2023 14:36:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2c:32:a3:c3:b2:0a:8c:a1:3f:7e:5b:48:0e:df:d0:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jul 6 17:14:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8ad8c470ee20261d0377c06d6af6723b9bd5aa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6c:80:37:fe:58:59:00:27:53:08:23:f3:87:
2b:66:bf:8d:76:ad:ef:d5:7c:f7:62:c0:88:f0:a3:
ae:69:aa:49:2f:4a:93:45:0f:9d:96:a3:fa:cb:de:
78:3d:82:19:8b:30:75:fd:5b:63:b5:bc:1a:eb:4d:
a9:eb:fe:34:dc:a9:5b:5f:62:1c:4a:06:bf:ab:15:
3b:60:e6:4e:fc:fe:36:04:9e:e8:53:63:9b:44:b0:
de:cc:97:5e:d4:bd:e9:1a:ef:54:7c:b8:fc:c9:8b:
99:b6:a2:ee:fd:15:3f:9c:a4:46:44:55:86:75:a3:
8f:6c:15:0b:21:7b:f4:6e:48:4c:10:12:d3:b4:48:
1a:cd:9c:1a:b0:1f:3d:60:c7:f7:4d:49:73:f8:bb:
1c:95:1e:fb:1e:8b:04:f8:a2:dc:09:fe:1b:32:ed:
d2:b7:46:cc:c8:46:81:0a:ad:07:f7:22:a6:ce:4a:
71:58:7d:cd:d4:96:7e:a2:62:d8:35:ed:48:1d:57:
48:cd:f8:49:d4:27:3b:bb:bf:c1:30:dc:dc:fe:d5:
0c:1c:56:ab:b2:3e:d5:df:17:73:12:05:33:16:fb:
d0:7a:b4:24:36:9f:6e:0d:55:5f:2b:53:a6:42:af:
b6:e9:71:31:10:5f:02:29:ca:19:83:9b:54:9a:eb:
ee:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AD:8C:47:0E:E2:02:61:D0:37:7C:06:D6:AF:67:23:B9:BD:5A:A2
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/1-K2MRw7iAmHQN3wG1q9nI7m9WqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.123.0/24
46.37.127.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:4a:f6:db:89:53:5a:59:61:23:e7:d1:5d:80:7b:e1:37:86:
67:f6:f6:f1:31:f3:37:2b:8d:c3:f1:13:61:65:0e:57:57:c7:
28:5d:35:b9:a9:e9:a2:c6:b0:32:dc:8a:40:95:18:2c:d1:08:
0f:12:1a:3a:f1:cd:78:9d:69:d8:e3:46:1c:d0:75:d6:c4:29:
16:81:00:bc:50:78:3f:19:76:03:96:f2:66:d7:8b:1e:35:30:
30:b8:4f:8b:57:38:fd:b1:14:a5:cb:14:35:1f:9c:33:f0:d2:
94:93:d6:8b:9f:66:74:6b:37:5d:21:46:da:fd:fd:db:a9:5f:
c2:71:9b:80:85:6d:bd:85:9d:78:5b:5e:e6:0b:f2:71:ad:2a:
45:aa:fc:45:91:6f:8e:46:ac:5c:c3:52:38:f5:13:ce:0c:e9:
30:9a:29:73:35:b5:97:12:43:08:bb:7b:8b:ad:a8:16:c8:13:
bc:e8:5a:4e:0b:f6:eb:50:53:cb:e1:7a:4f:2c:d1:0e:c9:74:
90:81:c2:ed:c7:33:a5:2a:8d:2f:f5:39:8e:78:52:f6:a7:e7:
2d:9a:dc:30:76:05:07:21:64:44:a3:2b:b9:14:76:76:1d:e8:
d7:2f:86:b9:34:ab:a0:05:2a:4d:13:ae:26:09:a3:04:9c:10:
3a:f5:a4:6d
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYksMqPDsgqMoT9+W0gO39BSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwNzA2MTcxNDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGFkOGM0NzBlZTIwMjYxZDAzNzdjMDZkNmFmNjcyM2I5YmQ1YWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmyAN/5YWQAnUwgj84crZr+Ndq3v
1Xz3YsCI8KOuaapJL0qTRQ+dlqP6y954PYIZizB1/Vtjtbwa602p6/403KlbX2Ic
Sga/qxU7YOZO/P42BJ7oU2ObRLDezJde1L3pGu9UfLj8yYuZtqLu/RU/nKRGRFWG
daOPbBULIXv0bkhMEBLTtEgazZwasB89YMf3TUlz+LsclR77HosE+KLcCf4bMu3S
t0bMyEaBCq0H9yKmzkpxWH3N1JZ+omLYNe1IHVdIzfhJ1Cc7u7/BMNzc/tUMHFar
sj7V3xdzEgUzFvvQerQkNp9uDVVfK1OmQq+26XExEF8CKcoZg5tUmuvuQQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPitjEcO4gJh0Dd8BtavZyO5vVqiMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvMS1LMk1SdzdpQW1IUU4zd0cxcTluSTdtOVdxSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTcvY2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcy
MC8xLzA4OEloSkdLVUNPZTl3VVk3cF9BVHhxdUdTay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC4lewME
AC4lfzANBgkqhkiG9w0BAQsFAAOCAQEAsUr224lTWllhI+fRXYB74TeGZ/b28THz
NyuNw/ETYWUOV1fHKF01uanposawMtyKQJUYLNEIDxIaOvHNeJ1p2ONGHNB11sQp
FoEAvFB4Pxl2A5byZteLHjUwMLhPi1c4/bEUpcsUNR+cM/DSlJPWi59mdGs3XSFG
2v3926lfwnGbgIVtvYWdeFte5gvyca0qRar8RZFvjkasXMNSOPUTzgzpMJopczW1
lxJDCLt7i62oFsgTvOhaTgv261BTy+F6TyzRDsl0kIHC7cczpSqNL/U5jnhS9qfn
LZrcMHYFByFkRKMruRR2dh3o1y+GuTSroAUqTROuJgmjBJwQOvWkbQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:53 2024 by rpki-client on console-fra.rpki-client.org