Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/BNQZgKqKmhA2rdcCsGAiYhjhLbc.roa
File: BNQZgKqKmhA2rdcCsGAiYhjhLbc.roa (raw, json)
Hash identifier: 8NDXRCHk3SfNCnGin+dSVPSQaNQc1gxMOHtc5AAG7Jg=
Subject key identifier: 04:D4:19:80:AA:8A:9A:10:36:AD:D7:02:B0:60:22:62:18:E1:2D:B7
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018CC348B8CED3EA43D20B2401B2FC4A5A32
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/BNQZgKqKmhA2rdcCsGAiYhjhLbc.roa
Signing time: Mon 01 Jan 2024 04:29:32 +0000
ROA not before: Mon 01 Jan 2024 04:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51559
IP address blocks: 46.37.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 07:18:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b8:ce:d3:ea:43:d2:0b:24:01:b2:fc:4a:5a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jan 1 04:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04d41980aa8a9a1036add702b060226218e12db7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:73:e5:8b:f2:c5:bd:55:ac:85:da:2e:85:98:
95:26:b0:e3:ca:5b:ae:4a:9c:0a:d9:dc:9f:c4:1d:
14:b2:56:93:5c:c0:ae:e0:c4:bb:44:a0:18:a2:b8:
2c:6a:15:19:c5:0b:ab:bf:bc:94:50:26:df:a3:dd:
be:3e:06:60:1b:33:05:09:13:e4:d2:12:97:ab:83:
69:53:f6:58:c4:cf:62:ef:85:38:3a:a2:a0:70:f9:
3a:c4:ee:0d:8e:88:d1:66:a7:24:0a:59:03:ec:ea:
67:7d:4c:6a:6a:72:b0:e0:24:ee:0f:f3:cc:55:22:
d5:e1:1d:4c:1e:fb:41:76:33:09:0a:99:ba:78:0f:
f2:59:26:50:72:cd:1d:af:ff:6f:5b:6c:f0:7d:19:
74:8c:69:62:e4:55:be:1b:9a:65:45:d9:34:f8:7e:
68:22:ab:ec:de:13:94:4a:02:a8:92:b5:fa:f9:95:
dd:32:4f:f5:b8:b7:6b:27:e3:12:bd:d4:5f:59:d1:
e0:67:46:03:78:f6:34:7a:2a:45:12:e1:1a:2d:7e:
47:81:47:d7:44:31:f3:0d:a1:d8:47:91:70:bc:48:
38:06:3f:9a:d4:18:a6:b8:82:5d:74:3f:49:60:6c:
8d:e6:26:60:37:16:11:07:02:fc:26:8f:b3:a3:ff:
83:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D4:19:80:AA:8A:9A:10:36:AD:D7:02:B0:60:22:62:18:E1:2D:B7
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/BNQZgKqKmhA2rdcCsGAiYhjhLbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.99.0/24
Signature Algorithm: sha256WithRSAEncryption
17:56:c7:8a:6d:2c:60:0d:79:b2:88:1b:87:c8:d2:96:a6:30:
e2:e7:bc:b4:21:46:ec:79:65:a7:cc:f7:30:b8:b2:11:8b:3b:
6c:29:53:32:8c:bb:79:a7:03:1b:6b:fc:c8:85:9a:b3:86:21:
81:74:1c:c2:34:ef:48:14:3c:76:f7:cf:8f:54:6d:58:0f:fa:
94:33:9e:73:00:49:1c:d4:db:e2:d6:a8:bb:41:42:7e:8f:58:
cb:ae:ef:af:b3:f0:64:52:47:09:52:d4:1a:ed:1b:e9:56:29:
6d:c8:48:56:67:6c:24:be:f8:21:d2:cd:e2:6f:51:f9:93:83:
67:07:6e:79:b4:93:3d:77:17:d6:7d:de:0a:ef:43:fd:ee:1c:
a5:59:51:9d:3f:2a:48:ad:95:08:e6:1b:3d:ca:6f:4a:20:7e:
36:da:86:a5:5d:9d:10:15:7b:43:60:3e:50:6f:4e:f1:a5:a9:
04:a7:bc:d1:9f:f5:e3:36:4f:82:1e:0b:b6:df:cb:ee:53:07:
41:44:b2:ea:53:ab:21:38:b2:22:8b:c2:d1:43:ea:88:6b:a2:
b2:b0:92:9e:79:1a:0c:81:cd:c2:e0:bb:5b:01:83:e1:68:9c:
4a:95:c3:3f:0a:d5:6c:24:a7:ab:07:bf:ee:23:73:ec:6d:aa:
6a:9f:70:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSLjO0+pD0gskAbL8SloyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTAxMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGQ0MTk4MGFhOGE5YTEwMzZhZGQ3MDJiMDYwMjI2MjE4ZTEyZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXPli/LFvVWshdouhZiVJrDjyluu
SpwK2dyfxB0UslaTXMCu4MS7RKAYorgsahUZxQurv7yUUCbfo92+PgZgGzMFCRPk
0hKXq4NpU/ZYxM9i74U4OqKgcPk6xO4NjojRZqckClkD7OpnfUxqanKw4CTuD/PM
VSLV4R1MHvtBdjMJCpm6eA/yWSZQcs0dr/9vW2zwfRl0jGli5FW+G5plRdk0+H5o
Iqvs3hOUSgKokrX6+ZXdMk/1uLdrJ+MSvdRfWdHgZ0YDePY0eipFEuEaLX5HgUfX
RDHzDaHYR5FwvEg4Bj+a1BimuIJddD9JYGyN5iZgNxYRBwL8Jo+zo/+D3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFATUGYCqipoQNq3XArBgImIY4S23MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvQk5RWmdLcUttaEEycmRjQ3NHQWlZaGpoTGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVjMA0G
CSqGSIb3DQEBCwUAA4IBAQAXVseKbSxgDXmyiBuHyNKWpjDi57y0IUbseWWnzPcw
uLIRiztsKVMyjLt5pwMba/zIhZqzhiGBdBzCNO9IFDx298+PVG1YD/qUM55zAEkc
1Nvi1qi7QUJ+j1jLru+vs/BkUkcJUtQa7RvpViltyEhWZ2wkvvgh0s3ib1H5k4Nn
B255tJM9dxfWfd4K70P97hylWVGdPypIrZUI5hs9ym9KIH422oalXZ0QFXtDYD5Q
b07xpakEp7zRn/XjNk+CHgu238vuUwdBRLLqU6shOLIii8LRQ+qIa6KysJKeeRoM
gc3C4LtbAYPhaJxKlcM/CtVsJKerB7/uI3Psbapqn3CA
-----END CERTIFICATE-----
Generated at Tue Jan 23 12:11:42 2024 by rpki-client on console-ams.rpki-client.org