Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/35BT8mSm8MoRx2ou1yE7EgwtqSE.roa
File: 35BT8mSm8MoRx2ou1yE7EgwtqSE.roa (raw, json)
Hash identifier: AvvbbBQWoHROLp1g3XJXYyu2W6pesPQo+oX5HxTbgt0=
Subject key identifier: DF:90:53:F2:64:A6:F0:CA:11:C7:6A:2E:D7:21:3B:12:0C:2D:A9:21
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 0193012AC8D8F5071E6862CEA1D3B1CFF0EE
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/35BT8mSm8MoRx2ou1yE7EgwtqSE.roa
Signing time: Wed 06 Nov 2024 11:10:01 +0000
ROA not before: Wed 06 Nov 2024 11:10:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Nov 2024 23:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:01:2a:c8:d8:f5:07:1e:68:62:ce:a1:d3:b1:cf:f0:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Nov 6 11:10:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df9053f264a6f0ca11c76a2ed7213b120c2da921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4d:07:d5:11:13:cb:63:10:92:e0:1d:d6:12:
6a:00:6c:e9:dd:f3:79:a1:80:33:5b:30:82:26:1a:
16:72:ce:f1:25:9b:4b:8a:cd:4e:f6:18:d9:ec:32:
2a:d3:09:4b:15:0d:28:ba:0a:78:46:0d:68:68:44:
5c:74:20:da:cc:2e:c6:3c:86:eb:94:63:ae:12:88:
fb:af:f0:92:7f:23:ae:21:d5:b2:ab:1f:37:9d:65:
54:10:1e:88:14:65:2a:96:d1:69:90:0c:f7:d7:41:
de:48:83:16:8b:37:e4:f5:ae:12:cf:03:90:9f:d0:
ea:ac:09:d9:46:db:f8:f5:d8:e2:dc:34:b5:00:99:
0b:fa:62:10:0e:8f:ce:2d:7c:a0:b1:f3:d6:55:7c:
d1:0f:23:fb:50:97:7f:48:c0:54:e1:70:02:a6:b8:
61:63:ae:c9:9b:f3:fd:25:2c:36:0a:3f:15:f2:87:
8b:85:dc:57:1e:e0:7c:83:6b:8e:7a:b8:83:18:63:
df:b9:24:64:7e:05:cb:02:cc:6d:92:e1:9d:8f:a7:
1a:8d:dc:56:70:b7:af:5a:45:45:35:83:2c:bf:e0:
d6:60:f2:57:45:33:d2:28:f8:78:3f:da:ff:63:af:
2b:1d:a4:57:18:be:bb:29:d3:70:17:98:22:c3:d3:
da:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:90:53:F2:64:A6:F0:CA:11:C7:6A:2E:D7:21:3B:12:0C:2D:A9:21
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/35BT8mSm8MoRx2ou1yE7EgwtqSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
46.37.121.0/24
Signature Algorithm: sha256WithRSAEncryption
52:4d:b9:48:6d:f2:46:8a:97:dc:d0:40:c4:92:6c:88:5e:98:
14:da:1e:3e:66:e3:2d:89:eb:23:34:32:5d:0b:d7:5e:f0:85:
3d:b0:0f:d6:14:12:00:9d:3e:a9:7b:52:76:90:b1:0a:53:9a:
a0:54:12:3d:a8:69:2d:83:2c:08:90:86:24:58:21:be:fb:28:
ee:99:0a:a2:72:9d:87:ab:0e:f4:5b:98:77:b6:10:d6:d0:96:
6f:90:b7:80:20:81:00:9a:54:c9:47:c3:17:83:b6:d5:49:13:
1f:f4:a5:ec:2b:38:23:25:08:19:78:c0:e9:56:05:c3:c4:ea:
1c:ae:da:3d:81:74:4f:dd:38:a5:8b:cf:0e:e0:07:47:b5:2a:
ad:f8:f5:f0:34:d3:31:b7:48:e6:e5:fe:65:de:38:58:34:c0:
45:4c:dd:25:22:e4:22:a9:68:df:31:6b:e1:e8:c2:99:41:29:
05:b3:f7:70:fe:80:b7:e5:4f:70:9b:02:9e:dd:42:da:94:69:
58:02:a2:a3:e2:c0:f2:77:05:3b:fc:67:f1:bc:6f:d6:f8:24:
1a:4d:cc:a2:a3:8f:bb:26:1e:82:4a:6e:8a:c6:14:9c:38:98:
e1:d3:57:fc:77:b9:4d:ca:9a:85:ea:b6:c9:33:9b:56:4d:93:
4c:d1:21:70
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMBKsjY9QceaGLOodOxz/DuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQxMTA2MTExMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjkwNTNmMjY0YTZmMGNhMTFjNzZhMmVkNzIxM2IxMjBjMmRhOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr00H1RETy2MQkuAd1hJqAGzp3fN5
oYAzWzCCJhoWcs7xJZtLis1O9hjZ7DIq0wlLFQ0ougp4Rg1oaERcdCDazC7GPIbr
lGOuEoj7r/CSfyOuIdWyqx83nWVUEB6IFGUqltFpkAz310HeSIMWizfk9a4SzwOQ
n9DqrAnZRtv49dji3DS1AJkL+mIQDo/OLXygsfPWVXzRDyP7UJd/SMBU4XACprhh
Y67Jm/P9JSw2Cj8V8oeLhdxXHuB8g2uOeriDGGPfuSRkfgXLAsxtkuGdj6cajdxW
cLevWkVFNYMsv+DWYPJXRTPSKPh4P9r/Y68rHaRXGL67KdNwF5giw9PaxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN+QU/JkpvDKEcdqLtchOxIMLakhMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvMzVCVDhtU204TW9SeDJvdTF5RTdFZ3d0cVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiViAwQA
LiVxAwQALiV5MA0GCSqGSIb3DQEBCwUAA4IBAQBSTblIbfJGipfc0EDEkmyIXpgU
2h4+ZuMtiesjNDJdC9de8IU9sA/WFBIAnT6pe1J2kLEKU5qgVBI9qGktgywIkIYk
WCG++yjumQqicp2Hqw70W5h3thDW0JZvkLeAIIEAmlTJR8MXg7bVSRMf9KXsKzgj
JQgZeMDpVgXDxOocrto9gXRP3Tili88O4AdHtSqt+PXwNNMxt0jm5f5l3jhYNMBF
TN0lIuQiqWjfMWvh6MKZQSkFs/dw/oC35U9wmwKe3ULalGlYAqKj4sDydwU7/Gfx
vG/W+CQaTcyio4+7Jh6CSm6KxhScOJjh01f8d7lNypqF6rbJM5tWTZNM0SFw
-----END CERTIFICATE-----
Generated at Mon Nov 11 01:07:39 2024 by rpki-client on console-fra.rpki-client.org