Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/I1oqGWb1oETEo0UKGGkx8nt0izk.roa
File: I1oqGWb1oETEo0UKGGkx8nt0izk.roa (raw, json)
Hash identifier: popQGN73jkFl7dbb83+y0ybH1T5VN/POsdTwVeyCI9Q=
Subject key identifier: 23:5A:2A:19:66:F5:A0:44:C4:A3:45:0A:18:69:31:F2:7B:74:8B:39
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 01879D5BA4B1E4BC07C55709E5B337BD7EFA
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/I1oqGWb1oETEo0UKGGkx8nt0izk.roa
Signing time: Thu 20 Apr 2023 06:30:41 +0000
ROA not before: Thu 20 Apr 2023 06:30:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.114.0/24 maxlen: 24
46.37.124.0/24 maxlen: 24
46.37.123.0/24 maxlen: 24
46.37.127.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9d:5b:a4:b1:e4:bc:07:c5:57:09:e5:b3:37:bd:7e:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Apr 20 06:30:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=235a2a1966f5a044c4a3450a186931f27b748b39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7c:ff:88:de:2c:87:cb:a0:b6:6a:66:1e:56:
33:d9:17:dd:d7:6a:c2:97:63:7e:43:0a:ad:d0:d3:
44:fc:4a:74:6e:bc:e1:85:9b:af:56:3b:4b:7a:a3:
71:44:7b:ed:51:20:62:10:11:6e:28:50:b1:53:df:
9e:63:e0:26:ff:15:c3:e5:f0:4c:09:c5:36:24:cf:
34:d0:76:ff:af:78:f0:9d:52:59:6b:32:d4:98:9f:
8d:d0:c0:50:5f:b9:2f:ee:f9:b8:53:4a:81:8a:59:
44:80:6f:ba:7f:de:5e:91:93:ca:b6:5a:da:b4:bd:
ea:0c:44:47:7e:38:ca:e0:9d:97:6c:e9:a8:ec:75:
09:b3:8e:20:ad:d5:d4:71:aa:e5:45:42:60:3b:60:
7f:cb:42:6b:cd:4d:ef:b5:f6:a0:e2:b3:eb:59:1c:
d2:31:06:de:9f:13:5a:ec:4f:7d:b4:d8:e0:d9:2a:
93:6a:32:d0:43:f9:34:dd:90:49:bb:1b:f0:49:02:
55:6e:89:96:cf:cc:79:e3:57:f9:21:27:5c:00:dd:
bf:ec:df:f5:44:50:9b:12:fe:b6:f2:b8:40:7e:aa:
85:c4:19:3b:6f:a7:df:50:13:9c:8e:5d:bf:c8:8e:
01:28:70:30:9a:47:87:ee:19:68:5c:a9:7d:68:2c:
bf:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:5A:2A:19:66:F5:A0:44:C4:A3:45:0A:18:69:31:F2:7B:74:8B:39
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/I1oqGWb1oETEo0UKGGkx8nt0izk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0-46.37.114.255
46.37.123.0-46.37.124.255
46.37.127.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:24:1f:81:01:cd:32:1b:51:ed:fa:ac:8a:e6:f5:cf:e8:d0:
b7:4d:8f:e1:90:3e:dd:64:74:4d:db:41:1e:6d:dd:9c:79:15:
47:3c:ce:9e:ba:18:d0:61:72:f9:49:00:1a:1e:ca:78:dc:de:
a9:fd:65:b8:3f:93:b4:57:96:33:d5:6d:56:8d:cf:b6:64:88:
a3:c4:01:9f:67:fd:dd:87:01:1a:09:43:4d:74:90:67:fd:9e:
2e:34:e1:dd:ae:23:07:41:b0:f6:ae:63:e7:a4:26:6d:f3:35:
b7:c9:8c:69:13:68:c9:fc:d3:8d:28:f4:96:61:ca:0c:60:b0:
2d:a0:8c:00:32:f5:af:b9:f8:99:42:62:38:d7:49:2e:a4:8c:
75:dc:12:aa:82:eb:89:11:ee:64:bc:36:62:c1:d5:82:45:a3:
8d:68:f8:a6:9a:c1:67:94:46:af:2b:2b:2b:ef:57:e2:24:8e:
6e:1e:ea:24:7f:aa:64:b5:14:8d:e7:1e:62:65:06:1f:6d:13:
59:50:e4:50:94:2c:ae:1c:ce:8d:a3:98:5c:d0:26:07:01:4b:
a6:3b:f6:f0:a6:60:40:ea:73:af:ab:de:e9:ac:d4:9b:2a:af:
aa:1e:99:fd:51:73:38:29:2e:22:d5:05:03:68:38:92:46:10:
3b:9a:78:ef
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYedW6Sx5LwHxVcJ5bM3vX76MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwNDIwMDYzMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzVhMmExOTY2ZjVhMDQ0YzRhMzQ1MGExODY5MzFmMjdiNzQ4YjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3z/iN4sh8ugtmpmHlYz2Rfd12rC
l2N+Qwqt0NNE/Ep0brzhhZuvVjtLeqNxRHvtUSBiEBFuKFCxU9+eY+Am/xXD5fBM
CcU2JM800Hb/r3jwnVJZazLUmJ+N0MBQX7kv7vm4U0qBillEgG+6f95ekZPKtlra
tL3qDERHfjjK4J2XbOmo7HUJs44grdXUcarlRUJgO2B/y0JrzU3vtfag4rPrWRzS
MQbenxNa7E99tNjg2SqTajLQQ/k03ZBJuxvwSQJVbomWz8x541f5ISdcAN2/7N/1
RFCbEv628rhAfqqFxBk7b6ffUBOcjl2/yI4BKHAwmkeH7hloXKl9aCy/uQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCNaKhlm9aBExKNFChhpMfJ7dIs5MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvSTFvcUdXYjFvRVRFbzBVS0dHa3g4bnQwaXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQALiViMAwD
BAAuJXEDBAAuJXIwDAMEAC4lewMEAC4lfAMEAC4lfzANBgkqhkiG9w0BAQsFAAOC
AQEAHiQfgQHNMhtR7fqsiub1z+jQt02P4ZA+3WR0TdtBHm3dnHkVRzzOnroY0GFy
+UkAGh7KeNzeqf1luD+TtFeWM9VtVo3PtmSIo8QBn2f93YcBGglDTXSQZ/2eLjTh
3a4jB0Gw9q5j56QmbfM1t8mMaRNoyfzTjSj0lmHKDGCwLaCMADL1r7n4mUJiONdJ
LqSMddwSqoLriRHuZLw2YsHVgkWjjWj4pprBZ5RGrysrK+9X4iSObh7qJH+qZLUU
jeceYmUGH20TWVDkUJQsrhzOjaOYXNAmBwFLpjv28KZgQOpzr6ve6azUmyqvqh6Z
/VFzOCkuItUFA2g4kkYQO5p47w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:34 2023 by rpki-client on console-ams.rpki-client.org