Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/TWf5jctfyetBVv-e7wLSCKI1qqs.roa
File: TWf5jctfyetBVv-e7wLSCKI1qqs.roa (raw, json)
Hash identifier: u8lsQggRvTLKKm7T6o2jnBmut9bfrk7zxJshYZKNb4M=
Subject key identifier: 4D:67:F9:8D:CB:5F:C9:EB:41:56:FF:9E:EF:02:D2:08:A2:35:AA:AB
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018D78F0AF3C3EA0813CD647AA2B84D01A3D
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/TWf5jctfyetBVv-e7wLSCKI1qqs.roa
Signing time: Mon 05 Feb 2024 11:04:15 +0000
ROA not before: Mon 05 Feb 2024 11:04:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 14:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:f0:af:3c:3e:a0:81:3c:d6:47:aa:2b:84:d0:1a:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Feb 5 11:04:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d67f98dcb5fc9eb4156ff9eef02d208a235aaab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4f:a5:7f:a6:a5:9a:9a:74:45:a2:ae:c4:3e:
51:c8:a0:3e:f4:8a:fd:c4:c7:58:a8:db:37:07:3f:
d7:1f:1e:17:a1:71:ca:81:fc:11:00:27:83:ae:0a:
12:91:2b:58:be:91:b9:7d:33:06:8a:19:27:ff:92:
19:81:96:93:ad:dd:0f:07:c2:28:01:ac:bf:63:84:
39:f1:ed:af:b6:38:41:50:5d:a9:65:d0:49:8b:b3:
e8:b1:ee:76:28:02:b1:99:ae:3d:d1:a1:d8:80:52:
f4:b2:28:dc:c7:3b:54:14:a8:18:45:41:e4:16:93:
3f:af:09:d2:96:25:dc:f3:cd:73:4b:29:2a:e2:74:
ca:e2:8b:fd:2b:92:31:05:8a:6f:00:f1:64:4c:92:
0c:57:2d:64:71:f4:62:75:3c:24:c6:54:82:5a:ad:
7b:3f:0e:d7:4c:df:ca:c5:f2:86:d0:56:90:8f:34:
71:22:31:20:3d:c2:73:92:9b:49:5d:8d:84:b2:62:
db:d9:46:f1:00:14:3d:e5:f9:1f:bc:b6:df:f8:5d:
e2:6c:b1:05:e1:d8:c7:f4:15:3c:5c:cb:85:f5:db:
37:ca:6e:87:fa:85:06:a7:6d:46:8b:96:a7:bf:ed:
a9:7d:3b:82:d4:eb:81:d9:2c:32:13:53:1d:91:6b:
d5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:67:F9:8D:CB:5F:C9:EB:41:56:FF:9E:EF:02:D2:08:A2:35:AA:AB
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/TWf5jctfyetBVv-e7wLSCKI1qqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
46.37.121.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:f8:74:72:41:8b:c5:ce:f2:fe:f6:9c:ac:de:ea:08:e1:a9:
c7:4f:61:b1:73:6b:60:1f:89:cd:8f:ae:e3:9f:16:c0:16:84:
63:c9:bd:8a:4d:be:6f:fc:a6:51:d7:5b:da:16:5d:ef:88:63:
95:36:f1:b2:ab:21:3a:5a:ad:3c:b6:91:8a:16:1d:4b:fb:30:
4f:74:b5:8e:b8:55:71:b1:9d:64:12:ba:9c:bf:90:f0:03:5e:
28:15:dd:b2:5b:d9:17:a8:2b:3e:87:8a:a7:79:17:07:01:f7:
8f:55:b8:e4:4e:97:b6:b9:88:36:7c:75:7e:e8:69:8d:08:1f:
d7:58:16:d9:b7:cf:ae:77:bc:45:c9:00:76:d8:ab:45:0b:57:
c2:a2:02:ff:1b:e7:23:a0:ce:a7:7c:06:56:a4:5e:b6:96:60:
2c:5f:d0:b8:b5:ff:05:1d:fe:85:5c:45:5d:c8:4e:d5:ec:9b:
f1:c4:10:ed:bf:15:e2:ca:68:23:c9:2a:5c:64:84:50:60:b4:
1c:14:a3:5e:9f:a3:6e:f3:0a:7c:32:50:c8:5e:1c:43:5d:68:
3c:1c:95:1a:a4:cb:fc:18:ee:4d:f3:b5:35:90:78:56:8b:d8:
3a:6c:06:81:2c:48:ba:25:34:ea:70:cc:43:ea:6b:3e:17:aa:
18:57:a8:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY148K88PqCBPNZHqiuE0Bo9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMjA1MTEwNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDY3Zjk4ZGNiNWZjOWViNDE1NmZmOWVlZjAyZDIwOGEyMzVhYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE+lf6almpp0RaKuxD5RyKA+9Ir9
xMdYqNs3Bz/XHx4XoXHKgfwRACeDrgoSkStYvpG5fTMGihkn/5IZgZaTrd0PB8Io
Aay/Y4Q58e2vtjhBUF2pZdBJi7Pose52KAKxma490aHYgFL0sijcxztUFKgYRUHk
FpM/rwnSliXc881zSykq4nTK4ov9K5IxBYpvAPFkTJIMVy1kcfRidTwkxlSCWq17
Pw7XTN/KxfKG0FaQjzRxIjEgPcJzkptJXY2EsmLb2UbxABQ95fkfvLbf+F3ibLEF
4djH9BU8XMuF9ds3ym6H+oUGp21Gi5anv+2pfTuC1OuB2SwyE1MdkWvV1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE1n+Y3LX8nrQVb/nu8C0giiNaqrMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvVFdmNWpjdGZ5ZXRCVnYtZTd3TFNDS0kxcXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiViAwQA
LiVxAwQALiV5MA0GCSqGSIb3DQEBCwUAA4IBAQAK+HRyQYvFzvL+9pys3uoI4anH
T2Gxc2tgH4nNj67jnxbAFoRjyb2KTb5v/KZR11vaFl3viGOVNvGyqyE6Wq08tpGK
Fh1L+zBPdLWOuFVxsZ1kErqcv5DwA14oFd2yW9kXqCs+h4qneRcHAfePVbjkTpe2
uYg2fHV+6GmNCB/XWBbZt8+ud7xFyQB22KtFC1fCogL/G+cjoM6nfAZWpF62lmAs
X9C4tf8FHf6FXEVdyE7V7JvxxBDtvxXiymgjySpcZIRQYLQcFKNen6Nu8wp8MlDI
XhxDXWg8HJUapMv8GO5N87U1kHhWi9g6bAaBLEi6JTTqcMxD6ms+F6oYV6i3
-----END CERTIFICATE-----
Generated at Thu Feb 22 18:56:49 2024 by rpki-client on console-ams.rpki-client.org