Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/TERhZJixYLVLXtRO0iUNKJunfPQ.roa
File: TERhZJixYLVLXtRO0iUNKJunfPQ.roa (raw, json)
Hash identifier: RsC2qnMrAek0OUJwu/wogx8WznB+F7IfLfKNWOpJuu0=
Subject key identifier: 4C:44:61:64:98:B1:60:B5:4B:5E:D4:4E:D2:25:0D:28:9B:A7:7C:F4
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018AA74AC68019B5C3CFC3A7E826DA4EAAC1
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/TERhZJixYLVLXtRO0iUNKJunfPQ.roa
Signing time: Mon 18 Sep 2023 07:56:50 +0000
ROA not before: Mon 18 Sep 2023 07:56:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.37.96.0/24 maxlen: 24
46.37.98.0/24 maxlen: 24
46.37.117.0/24 maxlen: 24
46.37.118.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.114.0/24 maxlen: 24
46.37.120.0/24 maxlen: 24
46.37.121.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:4a:c6:80:19:b5:c3:cf:c3:a7:e8:26:da:4e:aa:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Sep 18 07:56:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c44616498b160b54b5ed44ed2250d289ba77cf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a3:73:29:40:24:ec:ba:8d:bf:ee:6f:41:8b:
67:dc:5f:5c:1b:94:dd:ff:78:02:d9:bc:f5:41:05:
16:a8:bb:4d:f7:f1:6e:30:dc:68:06:8a:8a:b7:46:
4c:9d:84:b8:5f:40:c2:ff:25:83:d1:a2:7c:33:e2:
53:38:dc:3b:a2:af:28:14:3a:24:26:3a:82:1c:99:
19:5a:45:fc:41:76:1f:79:69:4b:d7:48:05:f7:12:
7b:e1:10:7a:de:ba:fb:0e:14:59:c5:a8:bb:1d:50:
81:bd:bb:20:3c:2f:28:e0:e3:e3:3e:30:95:64:22:
69:b5:87:e6:37:9a:f3:48:b3:f0:46:7e:7f:8c:62:
d6:8c:55:54:c6:f3:4d:a9:12:54:52:37:5a:63:95:
92:93:48:4b:8b:cf:cc:71:6a:27:fd:4e:fa:7e:8c:
79:a5:3b:ff:72:25:f0:65:59:d5:1b:49:3c:47:55:
14:47:34:4f:4c:f8:59:46:7f:03:d3:cb:c0:2a:56:
9e:1d:41:89:bb:45:ee:29:a9:7b:8f:67:73:6b:31:
46:b9:95:6e:30:42:3a:73:cc:cc:e1:f8:3b:e3:63:
22:c6:50:80:f0:cd:2d:83:11:4c:06:09:25:84:46:
74:e3:3c:56:3f:65:1f:89:3d:c0:26:1e:cd:ec:87:
36:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:44:61:64:98:B1:60:B5:4B:5E:D4:4E:D2:25:0D:28:9B:A7:7C:F4
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/TERhZJixYLVLXtRO0iUNKJunfPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.96.0/24
46.37.98.0/24
46.37.113.0-46.37.114.255
46.37.117.0-46.37.118.255
46.37.120.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:af:db:e4:0f:16:ba:32:c5:6f:dd:af:9e:dc:8b:0c:32:3f:
09:17:09:c5:42:8d:a3:47:f7:ae:5c:0f:92:71:9b:70:8e:09:
e3:4d:cb:75:8d:38:da:65:2e:e5:61:e3:f7:0f:bf:fa:d0:e3:
93:c6:50:d3:47:e9:64:ca:bb:10:23:02:6e:73:1d:ff:aa:96:
7a:ad:52:4e:0f:dd:69:5a:53:82:27:f6:57:c3:a4:f5:12:91:
ca:da:2b:93:fe:47:80:f4:86:0d:d9:7a:c6:67:eb:54:80:03:
2b:b3:26:91:e2:c3:eb:7d:9a:33:6e:f2:f8:d0:59:65:78:4f:
34:d9:58:46:25:ee:22:0b:bb:e9:f0:e1:f7:3e:55:bf:6d:01:
f4:c5:b8:6a:6f:59:d2:fd:db:3b:1f:b9:b1:b4:03:df:8d:72:
d0:71:c9:16:10:fd:ee:7f:81:4f:28:29:b5:4d:15:02:f4:5d:
31:e9:36:1d:16:e0:eb:99:76:26:71:c5:90:c0:b8:4f:90:6d:
3c:aa:3a:38:af:82:5b:df:68:4a:82:70:9a:41:b3:57:9f:a9:
bc:99:bc:c1:e6:33:a8:4e:aa:ce:a4:19:b7:14:ce:84:33:6c:
0a:05:dd:e2:b0:37:32:f9:bd:53:25:05:fe:b0:75:da:c8:cc:
71:f6:e9:5d
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYqnSsaAGbXDz8On6CbaTqrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMwOTE4MDc1NjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzQ0NjE2NDk4YjE2MGI1NGI1ZWQ0NGVkMjI1MGQyODliYTc3Y2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKNzKUAk7LqNv+5vQYtn3F9cG5Td
/3gC2bz1QQUWqLtN9/FuMNxoBoqKt0ZMnYS4X0DC/yWD0aJ8M+JTONw7oq8oFDok
JjqCHJkZWkX8QXYfeWlL10gF9xJ74RB63rr7DhRZxai7HVCBvbsgPC8o4OPjPjCV
ZCJptYfmN5rzSLPwRn5/jGLWjFVUxvNNqRJUUjdaY5WSk0hLi8/McWon/U76fox5
pTv/ciXwZVnVG0k8R1UURzRPTPhZRn8D08vAKlaeHUGJu0XuKal7j2dzazFGuZVu
MEI6c8zM4fg742MixlCA8M0tgxFMBgklhEZ04zxWP2UfiT3AJh7N7Ic23wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFExEYWSYsWC1S17UTtIlDSibp3z0MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvVEVSaFpKaXhZTFZMWHRSTzBpVU5LSnVuZlBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQALiVgAwQA
LiViMAwDBAAuJXEDBAAuJXIwDAMEAC4ldQMEAC4ldgMEAS4leDANBgkqhkiG9w0B
AQsFAAOCAQEAOq/b5A8WujLFb92vntyLDDI/CRcJxUKNo0f3rlwPknGbcI4J403L
dY042mUu5WHj9w+/+tDjk8ZQ00fpZMq7ECMCbnMd/6qWeq1STg/daVpTgif2V8Ok
9RKRytork/5HgPSGDdl6xmfrVIADK7MmkeLD632aM27y+NBZZXhPNNlYRiXuIgu7
6fDh9z5Vv20B9MW4am9Z0v3bOx+5sbQD341y0HHJFhD97n+BTygptU0VAvRdMek2
HRbg65l2JnHFkMC4T5BtPKo6OK+CW99oSoJwmkGzV5+pvJm8weYzqE6qzqQZtxTO
hDNsCgXd4rA3Mvm9UyUF/rB12sjMcfbpXQ==
-----END CERTIFICATE-----
Generated at Wed Sep 20 20:47:16 2023 by rpki-client on console-ams.rpki-client.org