Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/KNOPVFRAyZZ6wpnLBWuYpGDkE1Q.roa
File: KNOPVFRAyZZ6wpnLBWuYpGDkE1Q.roa (raw, json)
Hash identifier: 3ygrKW0wbQznWlbnYWE1c9zEwshpuqS7AaC+6G+2LXQ=
Subject key identifier: 28:D3:8F:54:54:40:C9:96:7A:C2:99:CB:05:6B:98:A4:60:E4:13:54
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018CC348B5B3866B12988D6866863E0FDBEE
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/KNOPVFRAyZZ6wpnLBWuYpGDkE1Q.roa
Signing time: Mon 01 Jan 2024 04:29:31 +0000
ROA not before: Mon 01 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6939
IP address blocks: 46.37.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 01:22:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b5:b3:86:6b:12:98:8d:68:66:86:3e:0f:db:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jan 1 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28d38f545440c9967ac299cb056b98a460e41354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f3:9e:68:f6:57:65:15:51:c0:03:55:6b:54:
60:24:f9:8d:fe:1b:46:bc:4a:45:ce:47:59:d2:1d:
42:59:bb:9f:e8:91:19:2c:a9:73:16:0a:4d:20:d3:
32:ea:69:0a:ff:d7:6b:a9:74:04:16:7c:b7:c6:ac:
e7:dd:cf:ce:4e:21:a2:2c:4f:a5:6f:d6:3f:bb:d1:
78:16:28:15:4b:2c:89:a0:de:7a:22:ed:dc:13:ec:
63:c0:30:fa:72:9a:ed:01:07:0a:26:92:36:8a:8a:
b0:f9:bd:5f:71:6e:d8:21:e9:47:5f:2a:7a:7f:6f:
6e:cf:9d:60:26:c3:ff:d9:31:45:b7:c2:78:10:00:
e0:0f:51:4e:ef:07:71:f2:47:fa:7f:ff:0f:b6:05:
9f:6d:4f:5f:81:00:fb:35:75:b4:67:9a:23:fa:ee:
7b:3d:aa:3e:a4:83:80:e1:02:72:da:56:c9:c2:f5:
82:2a:90:b4:cc:a9:4d:ca:54:85:c6:90:1c:82:bb:
91:e4:b8:32:27:61:e4:b5:2d:26:8e:e8:31:70:02:
dc:e5:99:64:d2:4c:8f:4f:3a:04:37:60:83:4b:d7:
fe:9a:5c:28:27:49:bd:51:f9:a1:67:ce:c3:3f:84:
fb:9f:e8:55:c6:d6:43:86:f5:0b:a1:7d:f4:9a:2c:
e3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D3:8F:54:54:40:C9:96:7A:C2:99:CB:05:6B:98:A4:60:E4:13:54
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/KNOPVFRAyZZ6wpnLBWuYpGDkE1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.110.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:25:04:75:71:ea:8d:ba:2c:d5:a5:fd:d8:cc:48:8e:bd:9f:
2c:48:ed:02:81:a3:55:25:de:3b:3b:3d:36:22:93:ee:34:51:
ad:a4:83:71:70:29:5c:3f:26:bd:81:c7:71:ae:93:b0:ab:f8:
86:88:91:1c:b5:90:1b:3f:dc:03:98:23:a9:81:11:e6:b6:b1:
4b:d9:c5:e8:86:5a:54:e1:38:44:a4:f5:4f:b7:be:08:0b:9a:
e4:17:61:8c:b6:9c:4c:66:4e:05:23:2c:70:a1:92:fe:0f:f2:
56:67:a3:a6:25:b8:fe:2a:ef:a3:01:69:18:7d:49:6f:2a:a1:
7a:aa:1f:fb:25:82:1f:4f:3d:2e:1c:25:28:21:e0:7c:43:03:
e0:36:0c:fc:e5:74:c3:7e:aa:1d:3e:f0:55:a5:8c:71:62:e4:
0f:f1:16:bf:7b:6a:03:6d:03:4f:00:85:cf:db:e1:d5:c7:14:
ee:fa:12:eb:a4:cf:a4:87:66:36:3e:9a:e9:7d:da:bf:de:d7:
cc:e8:7d:b4:aa:bb:20:db:1d:9a:eb:48:a5:3b:27:97:85:c8:
1d:69:88:86:69:1a:36:87:9b:1d:ab:b6:9f:82:20:88:22:0f:
a4:f1:db:38:1e:df:36:d4:a4:61:a6:78:df:ca:8e:30:97:11:
2c:5e:7e:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSLWzhmsSmI1oZoY+D9vuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTAxMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGQzOGY1NDU0NDBjOTk2N2FjMjk5Y2IwNTZiOThhNDYwZTQxMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofOeaPZXZRVRwANVa1RgJPmN/htG
vEpFzkdZ0h1CWbuf6JEZLKlzFgpNINMy6mkK/9drqXQEFny3xqzn3c/OTiGiLE+l
b9Y/u9F4FigVSyyJoN56Iu3cE+xjwDD6cprtAQcKJpI2ioqw+b1fcW7YIelHXyp6
f29uz51gJsP/2TFFt8J4EADgD1FO7wdx8kf6f/8PtgWfbU9fgQD7NXW0Z5oj+u57
Pao+pIOA4QJy2lbJwvWCKpC0zKlNylSFxpAcgruR5LgyJ2HktS0mjugxcALc5Zlk
0kyPTzoEN2CDS9f+mlwoJ0m9UfmhZ87DP4T7n+hVxtZDhvULoX30mizjzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjTj1RUQMmWesKZywVrmKRg5BNUMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvS05PUFZGUkF5Wlo2d3BuTEJXdVlwR0RrRTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVuMA0G
CSqGSIb3DQEBCwUAA4IBAQAfJQR1ceqNuizVpf3YzEiOvZ8sSO0CgaNVJd47Oz02
IpPuNFGtpINxcClcPya9gcdxrpOwq/iGiJEctZAbP9wDmCOpgRHmtrFL2cXohlpU
4ThEpPVPt74IC5rkF2GMtpxMZk4FIyxwoZL+D/JWZ6OmJbj+Ku+jAWkYfUlvKqF6
qh/7JYIfTz0uHCUoIeB8QwPgNgz85XTDfqodPvBVpYxxYuQP8Ra/e2oDbQNPAIXP
2+HVxxTu+hLrpM+kh2Y2Pprpfdq/3tfM6H20qrsg2x2a60ilOyeXhcgdaYiGaRo2
h5sdq7afgiCIIg+k8ds4Ht821KRhpnjfyo4wlxEsXn5f
-----END CERTIFICATE-----
Generated at Sat Jan 20 06:05:01 2024 by rpki-client on console-fra.rpki-client.org