Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/RKzaTKG8u06r-24r54PGyt-PivY.roa
File: RKzaTKG8u06r-24r54PGyt-PivY.roa (raw, json)
Hash identifier: 4rC0/Iy1Ru4ZY+EDnCRzsoWsKtxSISo8d/HBea0BrLY=
Subject key identifier: 44:AC:DA:4C:A1:BC:BB:4E:AB:FB:6E:2B:E7:83:C6:CA:DF:8F:8A:F6
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018C1A4F6043D1E3C3DC9D0D59CE2FB6F18B
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/RKzaTKG8u06r-24r54PGyt-PivY.roa
Signing time: Wed 29 Nov 2023 09:00:58 +0000
ROA not before: Wed 29 Nov 2023 09:00:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.117.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.120.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1a:4f:60:43:d1:e3:c3:dc:9d:0d:59:ce:2f:b6:f1:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Nov 29 09:00:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44acda4ca1bcbb4eabfb6e2be783c6cadf8f8af6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:34:bd:e6:06:47:b7:22:a2:26:68:c8:8e:8a:
4c:8b:31:77:6e:c4:eb:46:da:72:26:d9:6f:7d:66:
e4:8c:31:cf:6c:59:f7:f8:83:ad:c4:49:39:93:eb:
de:dd:63:8e:a2:27:f0:51:62:14:47:76:5d:4c:59:
ad:97:22:14:7a:10:60:27:91:1c:dd:04:7a:56:39:
73:90:18:cf:43:fb:7b:75:b5:78:ef:ad:9f:78:b5:
05:18:9b:71:1e:6f:de:c9:9a:91:f9:5c:b3:19:78:
52:0d:81:eb:1b:fc:d3:70:4f:02:a3:f7:68:79:a0:
58:72:78:fa:0b:9b:a6:f9:37:77:ec:9e:e2:37:34:
62:7f:43:83:41:be:56:65:c5:3d:8b:30:4a:8d:35:
0a:ff:28:f1:71:34:eb:39:f3:53:78:1f:0f:af:38:
3a:49:f3:68:ae:79:34:cf:52:6d:7e:e5:0f:c6:5c:
20:e9:74:10:7a:14:4f:0a:1f:2b:f1:d0:27:b5:a8:
36:9b:ee:9e:bb:18:94:b2:12:60:55:c9:b7:05:51:
b0:d4:2a:01:8d:a4:e9:ca:62:56:74:97:a0:6c:25:
38:26:c1:99:74:6e:a0:8a:49:2a:0f:b1:ea:53:f7:
6b:03:18:a7:13:40:73:09:a5:de:2d:b1:1d:0c:21:
ac:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AC:DA:4C:A1:BC:BB:4E:AB:FB:6E:2B:E7:83:C6:CA:DF:8F:8A:F6
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/RKzaTKG8u06r-24r54PGyt-PivY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
46.37.117.0/24
46.37.120.0/24
Signature Algorithm: sha256WithRSAEncryption
52:22:d2:24:0d:c3:1c:c6:2a:c7:d6:a6:18:80:91:62:86:11:
52:10:0c:b5:70:6d:a3:7d:2b:8c:b1:db:4e:71:b8:b0:32:1f:
3f:83:32:0f:8a:6b:82:79:be:f5:b6:85:15:af:2f:44:b5:7f:
22:6a:da:37:84:fe:03:4f:09:44:77:b9:20:21:b4:e7:c9:bc:
ca:f7:b8:1c:cb:9b:21:95:8f:1c:d0:54:e2:27:96:7f:fa:3f:
c2:07:67:c4:56:75:aa:3b:8b:bc:ef:96:ed:c6:09:d6:9c:98:
38:33:17:47:9d:85:4c:bf:af:73:1c:d8:52:45:c5:46:cc:c4:
dc:df:98:e3:e6:a5:2e:70:5b:fc:cc:5b:a7:19:b4:b1:2d:96:
42:a8:5e:f1:20:b4:3a:f2:46:01:a8:57:ae:db:6c:0f:da:61:
34:7b:50:cd:83:ec:37:6b:38:06:08:c8:8a:45:67:15:63:f4:
e4:3f:36:24:a0:a2:12:80:a0:58:89:1f:a8:c7:07:22:e5:8e:
10:d6:03:3c:db:5a:5e:d8:1a:20:90:dd:68:18:f6:fe:64:08:
ad:c9:0c:7d:77:45:07:5e:d2:4c:4b:bc:06:82:8d:6c:47:55:
61:22:1d:83:e1:2c:d4:12:1c:a6:f3:25:e4:9d:0a:10:05:3f:
b3:fc:99:9b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwaT2BD0ePD3J0NWc4vtvGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMxMTI5MDkwMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGFjZGE0Y2ExYmNiYjRlYWJmYjZlMmJlNzgzYzZjYWRmOGY4YWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjS95gZHtyKiJmjIjopMizF3bsTr
RtpyJtlvfWbkjDHPbFn3+IOtxEk5k+ve3WOOoifwUWIUR3ZdTFmtlyIUehBgJ5Ec
3QR6VjlzkBjPQ/t7dbV4762feLUFGJtxHm/eyZqR+VyzGXhSDYHrG/zTcE8Co/do
eaBYcnj6C5um+Td37J7iNzRif0ODQb5WZcU9izBKjTUK/yjxcTTrOfNTeB8Przg6
SfNornk0z1JtfuUPxlwg6XQQehRPCh8r8dAntag2m+6euxiUshJgVcm3BVGw1CoB
jaTpymJWdJegbCU4JsGZdG6gikkqD7HqU/drAxinE0BzCaXeLbEdDCGsdwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFESs2kyhvLtOq/tuK+eDxsrfj4r2MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvUkt6YVRLRzh1MDZyLTI0cjU0UEd5dC1QaXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALiViAwQA
LiVxAwQALiV1AwQALiV4MA0GCSqGSIb3DQEBCwUAA4IBAQBSItIkDcMcxirH1qYY
gJFihhFSEAy1cG2jfSuMsdtOcbiwMh8/gzIPimuCeb71toUVry9EtX8iato3hP4D
TwlEd7kgIbTnybzK97gcy5shlY8c0FTiJ5Z/+j/CB2fEVnWqO4u875btxgnWnJg4
MxdHnYVMv69zHNhSRcVGzMTc35jj5qUucFv8zFunGbSxLZZCqF7xILQ68kYBqFeu
22wP2mE0e1DNg+w3azgGCMiKRWcVY/TkPzYkoKISgKBYiR+oxwci5Y4Q1gM821pe
2BogkN1oGPb+ZAityQx9d0UHXtJMS7wGgo1sR1VhIh2D4SzUEhym8yXknQoQBT+z
/Jmb
-----END CERTIFICATE-----
Generated at Fri Dec 1 20:45:46 2023 by rpki-client on console-ams.rpki-client.org