Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/S1UVHIrAm0meUiPshXhqIAqh3Yw.roa
File: S1UVHIrAm0meUiPshXhqIAqh3Yw.roa (raw, json)
Hash identifier: sFLl8TJ2GfElwEyYMedtpLxfWwYJraYXdKiwLHfQStE=
Subject key identifier: 4B:55:15:1C:8A:C0:9B:49:9E:52:23:EC:85:78:6A:20:0A:A1:DD:8C
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018CC348B35B9004F4D7EB4C76C2F5152654
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/S1UVHIrAm0meUiPshXhqIAqh3Yw.roa
Signing time: Mon 01 Jan 2024 04:29:30 +0000
ROA not before: Mon 01 Jan 2024 04:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
185.92.45.0/24 maxlen: 24
46.37.122.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b3:5b:90:04:f4:d7:eb:4c:76:c2:f5:15:26:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jan 1 04:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b55151c8ac09b499e5223ec85786a200aa1dd8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1b:99:61:86:6e:0f:3b:af:88:d6:71:e6:b8:
6b:96:13:09:66:1b:75:d3:2c:69:d9:a9:a4:33:80:
a2:f1:74:1c:40:4e:c9:12:e2:1a:3f:64:8d:40:d9:
71:c6:63:ee:a6:e6:e2:80:64:94:3d:79:18:be:96:
43:4b:1d:61:be:3f:4e:7d:ad:aa:fa:de:34:24:74:
4b:6b:65:ed:02:2d:bd:e6:8c:f1:cd:49:97:50:5c:
ef:b9:be:13:a2:57:6b:5f:8e:e0:9f:ff:fe:d2:91:
c6:62:f2:d8:75:59:dc:46:8c:44:60:32:43:5b:14:
04:e5:4d:5a:a5:43:8b:f6:16:60:9c:b0:52:db:5b:
d9:d8:4d:47:54:ce:03:58:ae:1b:97:76:4b:ff:b5:
d3:a8:47:cb:85:cc:c1:8f:2e:71:07:85:22:8f:29:
71:5f:37:f6:34:d9:db:b6:04:46:25:eb:db:69:6f:
d4:59:06:3c:cd:74:9c:50:29:a9:b6:59:54:ee:78:
10:bd:e7:c4:fa:af:ca:f1:f3:07:61:68:fd:cd:62:
d6:d2:35:cf:44:15:7e:88:91:6b:1f:77:73:49:d9:
ac:5d:64:6b:27:94:61:17:ec:57:62:9a:68:2f:a1:
3a:a6:7c:5e:ff:7f:38:1a:58:79:11:56:b7:96:fa:
4b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:55:15:1C:8A:C0:9B:49:9E:52:23:EC:85:78:6A:20:0A:A1:DD:8C
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/S1UVHIrAm0meUiPshXhqIAqh3Yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
46.37.122.0/24
185.92.45.0/24
Signature Algorithm: sha256WithRSAEncryption
04:5b:76:76:f4:16:36:3a:ff:42:b6:26:84:fc:66:f4:f1:28:
78:27:ed:99:dd:b1:b9:a9:cc:b0:51:17:a2:ab:92:5b:e2:47:
52:6f:e5:58:98:12:16:aa:d9:05:da:bd:13:7b:62:fb:78:5d:
ec:a5:1a:3b:b8:1a:c1:38:fa:3f:0a:d9:d6:f7:11:05:43:a0:
81:66:c9:75:66:59:a2:10:d5:7a:34:56:47:eb:21:d1:44:6a:
24:3d:27:ed:4f:e8:cd:93:aa:d2:35:08:8d:31:14:7b:56:20:
03:a2:3e:e2:6c:0e:6a:44:37:42:ea:2e:23:5a:b9:43:60:07:
d8:f3:7b:97:0d:92:31:cb:65:5c:4c:0c:e2:ad:7b:90:90:1b:
a8:91:ad:03:00:db:c8:2e:53:3a:75:54:14:67:0a:85:ec:3d:
d8:0d:05:b7:7f:e4:ce:fa:c0:49:4a:4a:29:9e:19:ec:e2:74:
81:96:4e:84:90:d2:62:7b:8c:72:9c:a9:31:ba:8d:51:86:c0:
ff:d7:16:a8:61:f8:1b:07:06:7a:3d:0b:ee:64:71:c9:a9:27:
56:c2:82:1a:e4:f0:8a:1b:fd:e1:f9:4e:38:36:17:4c:46:f2:
28:2a:51:37:a4:47:76:03:77:07:0e:1b:2c:51:03:e9:3a:7b:
a9:8e:b5:a3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSLNbkAT01+tMdsL1FSZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTAxMDQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjU1MTUxYzhhYzA5YjQ5OWU1MjIzZWM4NTc4NmEyMDBhYTFkZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRuZYYZuDzuviNZx5rhrlhMJZht1
0yxp2amkM4Ci8XQcQE7JEuIaP2SNQNlxxmPupubigGSUPXkYvpZDSx1hvj9Ofa2q
+t40JHRLa2XtAi295ozxzUmXUFzvub4ToldrX47gn//+0pHGYvLYdVncRoxEYDJD
WxQE5U1apUOL9hZgnLBS21vZ2E1HVM4DWK4bl3ZL/7XTqEfLhczBjy5xB4Uijylx
Xzf2NNnbtgRGJevbaW/UWQY8zXScUCmptllU7ngQvefE+q/K8fMHYWj9zWLW0jXP
RBV+iJFrH3dzSdmsXWRrJ5RhF+xXYppoL6E6pnxe/384Glh5EVa3lvpLuwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEtVFRyKwJtJnlIj7IV4aiAKod2MMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvUzFVVkhJckFtMG1lVWlQc2hYaHFJQXFoM1l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALiViAwQA
LiVxAwQALiV6AwQAuVwtMA0GCSqGSIb3DQEBCwUAA4IBAQAEW3Z29BY2Ov9CtiaE
/Gb08Sh4J+2Z3bG5qcywUReiq5Jb4kdSb+VYmBIWqtkF2r0Te2L7eF3spRo7uBrB
OPo/CtnW9xEFQ6CBZsl1ZlmiENV6NFZH6yHRRGokPSftT+jNk6rSNQiNMRR7ViAD
oj7ibA5qRDdC6i4jWrlDYAfY83uXDZIxy2VcTAzirXuQkBuoka0DANvILlM6dVQU
ZwqF7D3YDQW3f+TO+sBJSkopnhns4nSBlk6EkNJie4xynKkxuo1RhsD/1xaoYfgb
BwZ6PQvuZHHJqSdWwoIa5PCKG/3h+U44NhdMRvIoKlE3pEd2A3cHDhssUQPpOnup
jrWj
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:38 2024 by rpki-client on console-ams.rpki-client.org