Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/O7faJr5I5acPDMow8XsCQCcgyks.roa
File: O7faJr5I5acPDMow8XsCQCcgyks.roa (raw, json)
Hash identifier: ZtiozKwBvlRdFcNYHI76g8Zc857NKBvQr3Eu/Th23cE=
Subject key identifier: 3B:B7:DA:26:BE:48:E5:A7:0F:0C:CA:30:F1:7B:02:40:27:20:CA:4B
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 01877F053AE264EE8B5E796B23A19342C9E3
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/O7faJr5I5acPDMow8XsCQCcgyks.roa
Signing time: Fri 14 Apr 2023 09:07:41 +0000
ROA not before: Fri 14 Apr 2023 09:07:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.114.0/24 maxlen: 24
46.37.124.0/24 maxlen: 24
46.37.123.0/24 maxlen: 24
46.37.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Apr 2023 15:55:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7f:05:3a:e2:64:ee:8b:5e:79:6b:23:a1:93:42:c9:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Apr 14 09:07:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bb7da26be48e5a70f0cca30f17b02402720ca4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:18:75:c0:87:ff:6e:8c:5c:4b:4e:d6:97:40:
d1:53:d3:66:a7:e7:4b:d3:82:96:4f:f0:7e:28:ed:
b0:c2:04:c9:00:85:20:6e:df:92:f1:f5:96:a0:a3:
42:10:d4:c1:e8:57:46:8b:3f:9f:88:d9:b1:59:dd:
12:51:70:88:e6:52:ce:0e:c6:6b:5c:94:eb:4d:83:
3e:40:1e:d0:f3:39:6f:96:97:11:58:f1:8e:ea:4e:
08:d9:e0:d3:50:c9:b6:15:45:b9:5d:67:7b:83:32:
db:18:2f:86:9c:bd:2e:54:df:63:b3:8d:33:b2:27:
7d:da:3d:d9:b9:97:2f:bc:64:74:87:1a:e6:49:61:
51:20:bd:b4:eb:85:6c:e7:eb:4e:a3:63:50:fa:3e:
ac:24:53:79:a7:25:cd:12:04:50:f9:c1:7c:0b:bb:
5c:0a:aa:0e:97:c6:d9:05:40:4a:c0:8d:8c:0b:95:
8c:0a:83:f5:7d:f1:f6:15:33:10:3c:69:8f:57:52:
4e:c7:2c:df:f4:a3:df:3a:52:99:97:04:f3:e6:e2:
90:cd:f4:9b:86:73:b2:57:36:2b:c4:32:bf:e4:3a:
75:d6:a4:ab:f0:81:91:3d:c4:cb:95:86:b6:8a:57:
c3:3c:ce:fa:44:3c:90:68:90:f5:72:3d:7b:47:09:
21:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B7:DA:26:BE:48:E5:A7:0F:0C:CA:30:F1:7B:02:40:27:20:CA:4B
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/O7faJr5I5acPDMow8XsCQCcgyks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0-46.37.114.255
46.37.123.0-46.37.124.255
46.37.127.0/24
Signature Algorithm: sha256WithRSAEncryption
69:06:8e:e4:5c:9c:b6:62:c2:86:44:66:de:85:26:97:70:49:
b3:f2:5f:6e:a9:ef:81:1f:a8:cb:53:28:68:94:fe:e8:8b:d0:
d7:bd:0b:0a:3d:aa:98:4f:45:47:7c:a6:73:2b:2e:d4:a6:28:
c8:48:3a:4f:d8:d7:c0:04:44:63:51:79:78:16:ec:8d:14:ed:
55:43:97:d9:a7:38:3c:9d:aa:85:0c:91:e4:f6:37:32:4d:74:
5b:53:b7:46:ec:e3:0c:24:9c:86:0c:f7:0a:4f:25:95:9f:bb:
b1:e1:7d:d1:7c:56:f2:6b:3d:f7:ff:bb:b3:b9:9d:78:27:ff:
22:55:40:a2:a9:14:6f:aa:4e:03:c7:b6:e0:d8:ff:18:ef:ae:
f8:42:6b:90:ce:6e:06:bf:ff:76:92:a7:04:08:b6:81:2c:75:
a2:b9:60:f6:b4:9c:25:fc:03:c1:64:e5:2b:2a:2c:2a:54:25:
03:66:91:ae:7f:c0:f7:a8:59:5c:1f:3c:20:59:9d:e4:76:cf:
a2:e2:9a:5a:df:93:95:81:0a:4e:0e:a3:08:69:79:67:b1:19:
b1:45:b7:f3:31:17:de:f9:6b:30:06:5c:c6:20:60:87:5c:1c:
30:cf:07:0a:ce:f7:81:b1:de:7a:d6:a0:2b:6a:d6:55:1d:7a:
7b:9e:f8:46
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYd/BTriZO6LXnlrI6GTQsnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwNDE0MDkwNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmI3ZGEyNmJlNDhlNWE3MGYwY2NhMzBmMTdiMDI0MDI3MjBjYTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxh1wIf/boxcS07Wl0DRU9Nmp+dL
04KWT/B+KO2wwgTJAIUgbt+S8fWWoKNCENTB6FdGiz+fiNmxWd0SUXCI5lLODsZr
XJTrTYM+QB7Q8zlvlpcRWPGO6k4I2eDTUMm2FUW5XWd7gzLbGC+GnL0uVN9js40z
sid92j3ZuZcvvGR0hxrmSWFRIL2064Vs5+tOo2NQ+j6sJFN5pyXNEgRQ+cF8C7tc
CqoOl8bZBUBKwI2MC5WMCoP1ffH2FTMQPGmPV1JOxyzf9KPfOlKZlwTz5uKQzfSb
hnOyVzYrxDK/5Dp11qSr8IGRPcTLlYa2ilfDPM76RDyQaJD1cj17RwkhGwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDu32ia+SOWnDwzKMPF7AkAnIMpLMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvTzdmYUpyNUk1YWNQRE1vdzhYc0NRQ2NneWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQALiViMAwD
BAAuJXEDBAAuJXIwDAMEAC4lewMEAC4lfAMEAC4lfzANBgkqhkiG9w0BAQsFAAOC
AQEAaQaO5FyctmLChkRm3oUml3BJs/JfbqnvgR+oy1MoaJT+6IvQ170LCj2qmE9F
R3ymcysu1KYoyEg6T9jXwAREY1F5eBbsjRTtVUOX2ac4PJ2qhQyR5PY3Mk10W1O3
RuzjDCSchgz3Ck8llZ+7seF90XxW8ms99/+7s7mdeCf/IlVAoqkUb6pOA8e24Nj/
GO+u+EJrkM5uBr//dpKnBAi2gSx1orlg9rScJfwDwWTlKyosKlQlA2aRrn/A96hZ
XB88IFmd5HbPouKaWt+TlYEKTg6jCGl5Z7EZsUW38zEX3vlrMAZcxiBgh1wcMM8H
Cs73gbHeetagK2rWVR16e574Rg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org