Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/Uy1GXUmQecP7HZL1ExLgEE1ok7g.roa
File: Uy1GXUmQecP7HZL1ExLgEE1ok7g.roa (raw, json)
Hash identifier: PVg7rjredvQen7btL+DNkXhtEWDR23wAY4UW0aPiBRM=
Subject key identifier: 53:2D:46:5D:49:90:79:C3:FB:1D:92:F5:13:12:E0:10:4D:68:93:B8
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018D4F0F4E4DF0031F30A2A6F21EC29800B5
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/Uy1GXUmQecP7HZL1ExLgEE1ok7g.roa
Signing time: Sun 28 Jan 2024 07:53:39 +0000
ROA not before: Sun 28 Jan 2024 07:53:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.115.0/24 maxlen: 24
46.37.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 22:24:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4f:0f:4e:4d:f0:03:1f:30:a2:a6:f2:1e:c2:98:00:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jan 28 07:53:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=532d465d499079c3fb1d92f51312e0104d6893b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:32:ea:e7:0a:7f:33:58:53:14:18:a8:b1:54:
b0:fe:df:0f:40:3b:03:64:ed:39:7d:10:bf:96:0e:
b0:eb:2f:27:a0:0c:4f:0f:48:a5:fe:91:30:1e:eb:
cd:87:45:55:76:8e:06:4c:7f:cd:c8:fe:c8:8c:cf:
92:48:3b:e8:f0:0a:72:55:6b:db:c0:ed:00:ab:69:
89:55:23:2c:2b:af:23:8e:dc:46:9c:ad:4a:75:29:
f6:2e:60:cd:cd:88:d3:bc:34:be:1a:f7:6d:c9:23:
3d:dc:4b:39:33:77:11:04:11:d3:2c:74:fb:48:b8:
47:11:e1:8b:42:be:b6:23:d5:af:d7:7d:8a:55:c2:
c0:e0:c8:17:f4:3d:07:e6:f6:52:f4:e4:12:e0:25:
53:53:23:5b:43:57:7d:d0:42:85:67:60:af:5b:21:
a8:f6:76:8f:2c:98:38:a1:9c:d6:87:53:1b:ed:4a:
72:df:16:41:94:83:cd:30:88:ba:2f:65:e6:a1:e0:
62:fc:57:74:02:08:2e:fa:6c:31:18:52:59:f3:5e:
fe:24:56:23:fd:60:5c:37:dd:7f:8f:66:3d:86:52:
ac:5f:c8:5f:3e:d0:a4:48:9c:2c:3e:87:f9:52:59:
ca:15:3c:bc:58:af:f0:89:19:83:dc:ba:04:73:cf:
6d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:2D:46:5D:49:90:79:C3:FB:1D:92:F5:13:12:E0:10:4D:68:93:B8
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/Uy1GXUmQecP7HZL1ExLgEE1ok7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
46.37.115.0/24
46.37.121.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:6b:bf:65:e4:d0:7a:d5:af:1f:af:b5:c8:35:e4:63:46:02:
61:f9:02:f5:59:dc:11:8c:ca:82:5b:28:0f:c1:36:ee:83:1a:
d4:7f:29:d5:2d:96:60:a6:09:c7:2d:1e:d6:65:aa:62:aa:f5:
74:ec:63:9d:2a:dd:eb:cd:ce:f5:7b:53:95:16:0e:4e:e0:7d:
91:48:99:1b:f0:19:c3:4d:9e:29:d6:30:39:7c:d4:f3:2e:28:
e9:64:7e:a5:41:7b:df:e5:c7:5f:95:ee:16:5f:96:42:15:e3:
8e:64:d1:61:18:22:0d:62:6f:63:77:c0:19:ec:22:44:dc:77:
df:4c:64:1f:cc:f3:43:25:e9:0d:b8:d8:8b:2a:6f:da:c9:b7:
9f:ef:d0:fd:88:91:4e:1b:80:ba:9f:9e:c9:5f:e9:03:a0:a5:
cf:d2:7f:0f:3c:ab:e7:3c:76:98:e2:b2:09:ec:97:34:6d:2c:
48:87:7f:a5:11:aa:af:92:c7:57:f0:74:51:72:52:6d:80:bd:
31:f1:38:54:da:ad:b9:da:57:c0:24:e0:43:e5:10:2c:c9:c0:
8d:63:92:48:40:22:cf:1d:ff:be:1a:bc:d6:e2:7e:8c:72:34:
3f:90:9a:7d:64:f3:d5:33:c8:bf:01:00:ab:78:1d:96:ec:0a:
37:94:4c:39
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1PD05N8AMfMKKm8h7CmAC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTI4MDc1MzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzJkNDY1ZDQ5OTA3OWMzZmIxZDkyZjUxMzEyZTAxMDRkNjg5M2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjLq5wp/M1hTFBiosVSw/t8PQDsD
ZO05fRC/lg6w6y8noAxPD0il/pEwHuvNh0VVdo4GTH/NyP7IjM+SSDvo8ApyVWvb
wO0Aq2mJVSMsK68jjtxGnK1KdSn2LmDNzYjTvDS+GvdtySM93Es5M3cRBBHTLHT7
SLhHEeGLQr62I9Wv132KVcLA4MgX9D0H5vZS9OQS4CVTUyNbQ1d90EKFZ2CvWyGo
9naPLJg4oZzWh1Mb7Upy3xZBlIPNMIi6L2XmoeBi/Fd0Aggu+mwxGFJZ817+JFYj
/WBcN91/j2Y9hlKsX8hfPtCkSJwsPof5UlnKFTy8WK/wiRmD3LoEc89t9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFMtRl1JkHnD+x2S9RMS4BBNaJO4MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvVXkxR1hVbVFlY1A3SFpMMUV4TGdFRTFvazdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALiViAwQA
LiVxAwQALiVzAwQALiV5MA0GCSqGSIb3DQEBCwUAA4IBAQBra79l5NB61a8fr7XI
NeRjRgJh+QL1WdwRjMqCWygPwTbugxrUfynVLZZgpgnHLR7WZapiqvV07GOdKt3r
zc71e1OVFg5O4H2RSJkb8BnDTZ4p1jA5fNTzLijpZH6lQXvf5cdfle4WX5ZCFeOO
ZNFhGCINYm9jd8AZ7CJE3HffTGQfzPNDJekNuNiLKm/aybef79D9iJFOG4C6n57J
X+kDoKXP0n8PPKvnPHaY4rIJ7Jc0bSxIh3+lEaqvksdX8HRRclJtgL0x8ThU2q25
2lfAJOBD5RAsycCNY5JIQCLPHf++GrzW4n6McjQ/kJp9ZPPVM8i/AQCreB2W7Ao3
lEw5
-----END CERTIFICATE-----
Generated at Thu Feb 1 00:36:27 2024 by rpki-client on console-ams.rpki-client.org