Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/RDzhYKvTu-xdgx6IjaxxrGaMwD0.roa
File: RDzhYKvTu-xdgx6IjaxxrGaMwD0.roa (raw, json)
Hash identifier: pwdCKgbkheAgF3CyIiyKUpo6WoYhKut66V/7gPKI/ns=
Subject key identifier: 44:3C:E1:60:AB:D3:BB:EC:5D:83:1E:88:8D:AC:71:AC:66:8C:C0:3D
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018D2476081C30066940327E058D6E2D3087
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/RDzhYKvTu-xdgx6IjaxxrGaMwD0.roa
Signing time: Sat 20 Jan 2024 01:22:11 +0000
ROA not before: Sat 20 Jan 2024 01:22:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.110.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 09:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:24:76:08:1c:30:06:69:40:32:7e:05:8d:6e:2d:30:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jan 20 01:22:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=443ce160abd3bbec5d831e888dac71ac668cc03d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f0:d0:80:72:38:ca:ee:ea:4e:60:d4:11:f7:
62:77:6f:7e:59:a5:c5:b2:7e:48:86:c6:b9:58:26:
97:78:98:db:e7:8f:a0:f8:0c:21:bf:91:d9:46:89:
bd:fc:90:0a:28:15:52:0d:e3:15:a7:86:17:26:67:
bf:f3:d6:f5:97:55:68:d3:7b:dd:a5:af:08:f8:83:
e9:4d:63:87:49:db:f1:e8:e3:ac:eb:97:68:70:28:
81:8b:78:a0:0f:4c:96:22:92:60:b4:7e:a5:25:ef:
54:0c:29:73:3b:bb:ed:64:43:c6:dd:9a:5a:88:f6:
7b:47:e6:f8:dd:c9:1e:07:ba:bd:39:00:74:51:c8:
3b:24:2e:3e:9d:7b:08:49:fb:b5:30:05:a4:e3:c3:
06:eb:6d:d2:15:9d:51:af:bd:e9:b8:13:1b:78:67:
42:eb:7c:e5:2d:dd:28:cf:65:64:04:d7:05:25:6b:
ad:4e:a6:8b:88:8f:be:6d:42:47:10:15:da:4b:d6:
f8:06:6d:67:ae:d8:a6:dd:57:c8:cd:9c:d3:b5:ef:
2f:27:0d:49:de:7c:8d:82:45:70:c0:68:c4:44:1a:
52:0a:06:7d:50:e5:ae:10:7c:af:6f:fb:a4:fc:5c:
51:2f:ae:7d:dd:31:52:c4:44:9f:5d:28:ee:9f:a4:
20:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:3C:E1:60:AB:D3:BB:EC:5D:83:1E:88:8D:AC:71:AC:66:8C:C0:3D
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/RDzhYKvTu-xdgx6IjaxxrGaMwD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.110.0/24
46.37.113.0/24
Signature Algorithm: sha256WithRSAEncryption
32:b3:b1:40:9d:fb:e8:c9:ba:b6:be:37:f6:79:05:66:da:11:
69:af:ee:fa:22:43:4c:b1:6c:5c:a5:80:41:d4:82:7a:1a:f2:
0a:37:51:e8:67:60:7a:6c:30:ea:fe:a5:11:63:ac:a5:9b:83:
60:be:c5:e4:04:d0:d8:01:cb:e1:1a:78:06:f3:5c:9a:1a:c3:
3e:eb:d7:d7:1c:62:c8:66:df:a9:d6:71:09:e2:4f:17:7c:23:
66:dd:da:7d:67:b6:1f:24:67:a2:f0:dc:b1:29:a2:36:63:36:
d6:7f:1d:ed:80:0c:db:d5:1f:3b:1b:74:d9:5c:8d:05:dc:b1:
4d:e7:a0:35:f8:d7:07:71:e5:f8:c2:82:52:2d:19:ef:aa:dd:
5a:98:7f:25:25:85:cf:99:05:a1:fc:26:29:92:5d:41:a0:a3:
f5:3e:b9:4b:6c:62:4a:d0:30:e3:92:a5:58:58:43:bf:34:97:
c2:7a:b3:57:5a:23:db:85:e2:65:61:1a:6f:69:1f:20:89:4d:
9f:88:cf:5f:66:33:b4:53:ef:af:bc:70:d7:d1:0b:95:a9:61:
d7:05:25:4d:53:77:65:ab:f5:e4:d5:a8:78:21:57:7d:ff:f3:
12:ad:3c:47:42:51:fd:33:5c:a2:35:9c:bb:92:72:02:12:48:
a7:93:c6:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0kdggcMAZpQDJ+BY1uLTCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTIwMDEyMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDNjZTE2MGFiZDNiYmVjNWQ4MzFlODg4ZGFjNzFhYzY2OGNjMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfDQgHI4yu7qTmDUEfdid29+WaXF
sn5Ihsa5WCaXeJjb54+g+Awhv5HZRom9/JAKKBVSDeMVp4YXJme/89b1l1Vo03vd
pa8I+IPpTWOHSdvx6OOs65docCiBi3igD0yWIpJgtH6lJe9UDClzO7vtZEPG3Zpa
iPZ7R+b43ckeB7q9OQB0Ucg7JC4+nXsISfu1MAWk48MG623SFZ1Rr73puBMbeGdC
63zlLd0oz2VkBNcFJWutTqaLiI++bUJHEBXaS9b4Bm1nrtim3VfIzZzTte8vJw1J
3nyNgkVwwGjERBpSCgZ9UOWuEHyvb/uk/FxRL6593TFSxESfXSjun6QgRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEQ84WCr07vsXYMeiI2scaxmjMA9MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvUkR6aFlLdlR1LXhkZ3g2SWpheHhyR2FNd0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiViAwQA
LiVuAwQALiVxMA0GCSqGSIb3DQEBCwUAA4IBAQAys7FAnfvoybq2vjf2eQVm2hFp
r+76IkNMsWxcpYBB1IJ6GvIKN1HoZ2B6bDDq/qURY6ylm4NgvsXkBNDYAcvhGngG
81yaGsM+69fXHGLIZt+p1nEJ4k8XfCNm3dp9Z7YfJGei8NyxKaI2YzbWfx3tgAzb
1R87G3TZXI0F3LFN56A1+NcHceX4woJSLRnvqt1amH8lJYXPmQWh/CYpkl1BoKP1
PrlLbGJK0DDjkqVYWEO/NJfCerNXWiPbheJlYRpvaR8giU2fiM9fZjO0U++vvHDX
0QuVqWHXBSVNU3dlq/Xk1ah4IVd9//MSrTxHQlH9M1yiNZy7knICEkink8Zu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org