Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/FgTNcjCjvRHg7ULHOYreb8CSJVo.roa
File: FgTNcjCjvRHg7ULHOYreb8CSJVo.roa (raw, json)
Hash identifier: 4LGG8M7gN7lrDNkR4QgDLigxVBkzrSJ7jVNZX//kKVY=
Subject key identifier: 16:04:CD:72:30:A3:BD:11:E0:ED:42:C7:39:8A:DE:6F:C0:92:25:5A
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 0187807AC23D72D6E797A9D9D6A3B2BCC7EF
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/FgTNcjCjvRHg7ULHOYreb8CSJVo.roa
Signing time: Fri 14 Apr 2023 15:55:41 +0000
ROA not before: Fri 14 Apr 2023 15:55:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.109.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.114.0/24 maxlen: 24
46.37.124.0/24 maxlen: 24
46.37.123.0/24 maxlen: 24
46.37.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Apr 2023 06:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:7a:c2:3d:72:d6:e7:97:a9:d9:d6:a3:b2:bc:c7:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Apr 14 15:55:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1604cd7230a3bd11e0ed42c7398ade6fc092255a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:94:a5:86:fb:38:18:02:a8:42:6b:b5:6d:24:
69:bb:02:9d:79:d6:23:f9:79:21:85:b1:09:aa:9b:
5c:d9:09:c9:3c:c8:ab:82:73:0a:d1:db:31:4e:73:
46:7c:c6:51:b7:f2:f6:dc:89:1d:7f:70:93:28:f2:
b4:9c:7a:c8:d8:21:c9:64:62:d7:ba:6f:1f:a6:21:
49:a1:cb:73:00:f7:33:6d:1c:4a:3f:97:33:fa:63:
2e:16:82:5c:99:81:da:5d:2f:b0:f8:00:0e:70:ce:
a9:85:21:3d:06:6a:c2:e6:db:cc:8f:82:cc:e9:40:
45:fa:81:d2:90:28:26:20:7f:bf:29:75:5e:95:a2:
f0:63:3a:73:d0:d2:42:af:54:d3:57:1f:ca:b4:b6:
12:cd:14:07:68:f7:ef:a6:6d:0c:6a:01:d5:87:b6:
64:1e:54:7a:71:aa:89:82:90:f1:cd:8a:a3:ff:72:
b9:36:ad:26:f4:c6:5a:95:ed:40:ee:4f:45:16:13:
ee:5d:ef:4f:71:a0:a4:69:ab:4e:1f:8d:ee:ff:91:
22:af:09:9b:e1:bc:1e:bc:7e:7f:56:0e:0b:75:51:
fb:29:90:30:29:4e:42:4e:27:be:6d:36:62:a7:af:
8a:b0:c0:c7:79:78:d4:ba:01:4e:78:1c:cb:07:41:
2b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:04:CD:72:30:A3:BD:11:E0:ED:42:C7:39:8A:DE:6F:C0:92:25:5A
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/FgTNcjCjvRHg7ULHOYreb8CSJVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.109.0/24
46.37.113.0-46.37.114.255
46.37.123.0-46.37.124.255
46.37.127.0/24
Signature Algorithm: sha256WithRSAEncryption
55:67:17:b2:0e:bb:23:5b:e9:9e:fd:71:87:41:34:d6:46:80:
bb:dc:f1:38:f8:d2:ed:96:f2:af:7a:4f:7a:15:ab:1f:03:88:
89:6a:9c:2f:d6:06:08:70:d1:22:d4:11:17:5e:59:d1:fd:03:
7a:a7:c7:0d:ad:c5:5e:a6:58:83:ab:d6:f3:aa:ed:dd:1c:4f:
ed:6e:fa:47:4a:28:a9:8a:aa:1b:f7:83:a0:d5:80:34:06:1a:
12:07:69:fe:89:11:68:a7:65:76:54:6a:a7:40:0c:c3:ff:05:
29:6c:7b:d6:ff:54:9b:ab:6c:08:79:ba:96:04:4f:49:1b:92:
5c:5c:c6:0b:e0:a9:28:33:55:c6:d3:44:15:1e:f8:b3:9a:05:
cd:60:d0:a0:be:8b:1a:47:83:c1:c1:71:41:94:f5:3b:5f:b9:
f2:e3:79:b7:ed:02:d5:00:d2:92:2b:4e:87:06:1a:3f:3f:51:
ec:db:6b:9f:2a:ca:5e:38:6c:c4:7c:f2:9e:c5:b6:60:ba:3d:
8b:cf:a5:97:b7:58:5b:02:77:a4:8f:c4:6c:a3:83:d0:18:9d:
89:53:a6:6e:18:cd:8c:59:4a:07:69:bf:58:a5:e2:00:e2:af:
01:6f:83:fa:75:31:de:e8:1b:0d:3b:4c:bd:c4:5d:18:16:c4:
01:56:33:ca
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYeAesI9ctbnl6nZ1qOyvMfvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwNDE0MTU1NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjA0Y2Q3MjMwYTNiZDExZTBlZDQyYzczOThhZGU2ZmMwOTIyNTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopSlhvs4GAKoQmu1bSRpuwKdedYj
+XkhhbEJqptc2QnJPMirgnMK0dsxTnNGfMZRt/L23Ikdf3CTKPK0nHrI2CHJZGLX
um8fpiFJoctzAPczbRxKP5cz+mMuFoJcmYHaXS+w+AAOcM6phSE9BmrC5tvMj4LM
6UBF+oHSkCgmIH+/KXVelaLwYzpz0NJCr1TTVx/KtLYSzRQHaPfvpm0MagHVh7Zk
HlR6caqJgpDxzYqj/3K5Nq0m9MZale1A7k9FFhPuXe9PcaCkaatOH43u/5Eirwmb
4bwevH5/Vg4LdVH7KZAwKU5CTie+bTZip6+KsMDHeXjUugFOeBzLB0Er9wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBYEzXIwo70R4O1CxzmK3m/AkiVaMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvRmdUTmNqQ2p2UkhnN1VMSE9ZcmViOENTSlZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQALiViAwQA
LiVtMAwDBAAuJXEDBAAuJXIwDAMEAC4lewMEAC4lfAMEAC4lfzANBgkqhkiG9w0B
AQsFAAOCAQEAVWcXsg67I1vpnv1xh0E01kaAu9zxOPjS7Zbyr3pPehWrHwOIiWqc
L9YGCHDRItQRF15Z0f0DeqfHDa3FXqZYg6vW86rt3RxP7W76R0ooqYqqG/eDoNWA
NAYaEgdp/okRaKdldlRqp0AMw/8FKWx71v9Um6tsCHm6lgRPSRuSXFzGC+CpKDNV
xtNEFR74s5oFzWDQoL6LGkeDwcFxQZT1O1+58uN5t+0C1QDSkitOhwYaPz9R7Ntr
nyrKXjhsxHzynsW2YLo9i8+ll7dYWwJ3pI/EbKOD0BidiVOmbhjNjFlKB2m/WKXi
AOKvAW+D+nUx3ugbDTtMvcRdGBbEAVYzyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org