Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/C2IzTIP2vaRrWwU2Fz0FTUbq-sI.roa
File: C2IzTIP2vaRrWwU2Fz0FTUbq-sI.roa (raw, json)
Hash identifier: FEZXcI4Jm18EdY0ZLZQ/goP4oOSa3BxOjDVsGa5alAk=
Subject key identifier: 0B:62:33:4C:83:F6:BD:A4:6B:5B:05:36:17:3D:05:4D:46:EA:FA:C2
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018D6DAE9C4864AF473A9A08CF570B5E52BF
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/C2IzTIP2vaRrWwU2Fz0FTUbq-sI.roa
Signing time: Sat 03 Feb 2024 06:36:16 +0000
ROA not before: Sat 03 Feb 2024 06:36:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.120.0/24 maxlen: 24
46.37.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 11:04:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6d:ae:9c:48:64:af:47:3a:9a:08:cf:57:0b:5e:52:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Feb 3 06:36:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b62334c83f6bda46b5b0536173d054d46eafac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:62:8c:32:b2:db:df:88:e6:6a:0b:35:0d:36:
54:38:85:e2:18:33:69:ce:60:02:6a:82:60:b9:3e:
a3:18:4c:84:1d:76:b9:cd:80:e0:6d:c5:16:ac:67:
88:37:0f:85:9a:b9:e6:bc:cf:0b:7a:a2:cd:dd:7e:
24:d7:1d:fb:33:3c:08:2a:c8:02:69:6c:e6:55:dd:
09:98:66:26:8d:44:83:3a:67:bb:bf:6a:38:1c:64:
a5:61:2b:8a:a1:9e:0a:a4:93:e5:8f:33:ee:15:3b:
02:24:7f:8a:bd:b1:d9:3d:a7:46:0d:d2:f7:20:67:
91:45:0d:3d:bf:e8:13:d4:8b:8c:35:5d:3d:53:83:
50:a1:70:ca:d4:c1:bb:0a:33:36:de:bb:92:31:78:
9b:18:43:c4:0c:22:f1:59:71:b3:9d:c6:f5:06:06:
08:08:88:8f:75:1f:66:7c:b1:3c:c8:35:53:c1:21:
27:f6:a4:62:e6:69:cb:4c:62:f4:32:1e:f3:f3:96:
11:42:9f:5d:8c:88:af:3a:22:7e:c5:48:5c:78:48:
f0:27:f4:00:e5:20:dd:95:da:d2:4a:a5:92:23:64:
cf:f2:8e:f1:98:ff:4e:82:54:e8:ff:35:35:ca:fd:
98:54:49:fb:30:db:4d:30:ad:16:e2:7d:15:65:b4:
c3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:62:33:4C:83:F6:BD:A4:6B:5B:05:36:17:3D:05:4D:46:EA:FA:C2
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/C2IzTIP2vaRrWwU2Fz0FTUbq-sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
46.37.120.0/23
Signature Algorithm: sha256WithRSAEncryption
11:b2:ea:6e:2c:3e:75:78:8e:e4:c8:23:69:65:73:47:08:5d:
e6:d2:43:c0:94:9a:e7:fb:e4:b4:7e:ad:4c:68:57:eb:41:ca:
df:6b:fb:a9:ec:c7:f3:b5:4c:ac:fd:70:d1:a1:52:b2:f9:16:
7d:72:00:79:9e:e9:f3:7a:f0:c7:86:86:b2:e4:0a:c6:32:d6:
b9:b0:80:98:5a:ec:56:6d:ce:dc:6e:11:54:8c:94:cd:ed:93:
d0:78:d3:4d:40:0d:dc:76:29:b8:80:dc:94:8b:d6:86:7d:b1:
2d:74:7c:5d:c8:08:7d:43:2f:6d:46:55:39:41:0a:28:94:ee:
1c:0d:d7:96:b1:06:21:7d:f8:d4:2b:23:d8:11:f0:1a:7f:dd:
76:d5:13:69:90:fe:ce:49:e1:c6:38:38:e7:7a:3a:37:21:5d:
63:b9:08:1f:cb:c8:dc:b1:21:0f:3f:ce:58:e3:2b:8b:ee:81:
c1:d2:21:d9:3d:06:93:1d:78:16:37:28:61:2d:0c:11:5d:f1:
30:be:84:f7:48:09:17:2f:06:0c:f3:dc:d4:c2:73:61:06:86:
8d:4c:f4:0d:e6:41:62:53:bd:f9:15:ae:57:04:7c:cd:d4:d3:
dd:8a:b6:7a:e7:73:36:bd:ed:e0:ea:d4:a2:e2:a6:56:e4:2e:
6d:1f:92:a8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1trpxIZK9HOpoIz1cLXlK/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMjAzMDYzNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjYyMzM0YzgzZjZiZGE0NmI1YjA1MzYxNzNkMDU0ZDQ2ZWFmYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42KMMrLb34jmags1DTZUOIXiGDNp
zmACaoJguT6jGEyEHXa5zYDgbcUWrGeINw+FmrnmvM8LeqLN3X4k1x37MzwIKsgC
aWzmVd0JmGYmjUSDOme7v2o4HGSlYSuKoZ4KpJPljzPuFTsCJH+KvbHZPadGDdL3
IGeRRQ09v+gT1IuMNV09U4NQoXDK1MG7CjM23ruSMXibGEPEDCLxWXGzncb1BgYI
CIiPdR9mfLE8yDVTwSEn9qRi5mnLTGL0Mh7z85YRQp9djIivOiJ+xUhceEjwJ/QA
5SDdldrSSqWSI2TP8o7xmP9OglTo/zU1yv2YVEn7MNtNMK0W4n0VZbTDPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAtiM0yD9r2ka1sFNhc9BU1G6vrCMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvQzJJelRJUDJ2YVJyV3dVMkZ6MEZUVWJxLXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiViAwQA
LiVxAwQBLiV4MA0GCSqGSIb3DQEBCwUAA4IBAQARsupuLD51eI7kyCNpZXNHCF3m
0kPAlJrn++S0fq1MaFfrQcrfa/up7MfztUys/XDRoVKy+RZ9cgB5nunzevDHhoay
5ArGMta5sICYWuxWbc7cbhFUjJTN7ZPQeNNNQA3cdim4gNyUi9aGfbEtdHxdyAh9
Qy9tRlU5QQoolO4cDdeWsQYhffjUKyPYEfAaf9121RNpkP7OSeHGODjnejo3IV1j
uQgfy8jcsSEPP85Y4yuL7oHB0iHZPQaTHXgWNyhhLQwRXfEwvoT3SAkXLwYM89zU
wnNhBoaNTPQN5kFiU735Fa5XBHzN1NPdirZ653M2ve3g6tSi4qZW5C5tH5Ko
-----END CERTIFICATE-----
Generated at Mon Feb 5 14:22:10 2024 by rpki-client on console-ams.rpki-client.org