Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/acz4zyvj119W12UM3mm-seXdMA0.roa
File: acz4zyvj119W12UM3mm-seXdMA0.roa (raw, json)
Hash identifier: CLRmY9PRk51gK8n32F94rIA6k22C2PNmS0gf07BAewY=
Subject key identifier: 69:CC:F8:CF:2B:E3:D7:5F:56:D7:65:0C:DE:69:BE:B1:E5:DD:30:0D
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018F8FFC8F0E137D961253F02504D52A0BDA
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/acz4zyvj119W12UM3mm-seXdMA0.roa
Signing time: Sun 19 May 2024 08:34:04 +0000
ROA not before: Sun 19 May 2024 08:34:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.108.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 12:18:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8f:fc:8f:0e:13:7d:96:12:53:f0:25:04:d5:2a:0b:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: May 19 08:34:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69ccf8cf2be3d75f56d7650cde69beb1e5dd300d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:47:1f:0c:30:7f:a2:e5:14:4b:4e:ce:3a:ab:
d1:14:59:ce:e1:0d:6b:3f:0b:fd:14:fe:08:56:b8:
c4:42:1d:dd:68:cf:2d:5e:46:68:78:ed:88:2e:a5:
37:a0:ca:0c:0c:a7:25:9b:59:9c:62:60:ec:c6:10:
47:e9:4f:c1:ff:05:60:e9:00:d7:87:2c:6b:7f:c8:
71:f8:7a:04:53:2b:12:a7:b7:c4:76:de:9f:0b:ed:
ae:76:29:95:e5:98:24:7d:f6:26:e7:10:be:44:27:
64:6f:f2:fa:d2:60:43:77:ca:b0:41:de:42:cd:4c:
c4:52:3d:fb:1f:c5:9c:46:d5:2f:25:8d:1c:e4:01:
a2:7b:c1:35:14:35:9f:da:36:5c:83:16:ec:f7:b8:
bc:13:d3:1a:f3:18:e2:c8:03:40:0a:f9:8d:21:47:
ee:4a:72:78:e9:7e:c9:23:d8:60:62:c2:51:c8:72:
a9:6c:00:71:16:22:4f:99:b9:2f:be:54:6b:a0:6b:
81:da:32:e1:96:c7:ed:6e:0d:59:19:95:87:65:4a:
42:fa:c2:4d:af:f7:58:cf:57:51:66:5d:0a:a6:34:
e1:52:79:3a:89:39:12:9a:a6:0a:c7:92:b0:91:aa:
d9:2b:e1:59:aa:d4:5c:18:1f:6b:f5:2f:f3:93:1e:
3d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CC:F8:CF:2B:E3:D7:5F:56:D7:65:0C:DE:69:BE:B1:E5:DD:30:0D
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/acz4zyvj119W12UM3mm-seXdMA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.108.0/24
46.37.113.0/24
Signature Algorithm: sha256WithRSAEncryption
45:9f:15:5a:d5:c3:fc:a3:ba:84:d7:ee:d5:c2:02:c4:fe:ac:
67:83:43:1e:b8:8b:53:15:82:0b:6d:27:3b:ef:0e:e1:c2:64:
5e:e9:13:16:77:ad:17:de:06:64:ec:db:e9:e4:62:c2:20:a9:
71:30:d6:f4:81:dd:e7:53:25:7f:54:fe:99:43:cf:b0:b0:ca:
db:e6:8d:5c:8d:57:7b:ea:ed:18:f6:e7:a7:34:47:a0:63:a2:
b6:9e:18:59:3f:75:e6:2f:3c:fe:47:a5:78:39:22:b4:7f:6a:
36:fb:7e:d6:bf:5a:23:42:f8:06:5d:65:e8:ac:8f:55:5d:0c:
17:4f:9c:8a:7c:c0:d6:d1:35:19:00:f2:c8:1f:b8:4c:dd:76:
23:cb:91:92:8c:55:a3:67:c2:16:1e:3a:3b:0a:38:df:f3:f0:
d6:4a:9a:05:fc:0e:04:50:17:d9:e8:50:d8:f1:70:7d:f6:5e:
e9:cc:56:59:ef:3b:af:8b:c3:30:8a:6d:20:fc:9b:bd:e9:9a:
a0:a1:f2:6f:5e:35:9d:2c:5d:4c:65:bb:77:e6:5d:7a:7a:fc:
20:bb:5c:ed:b1:4e:ba:e5:4b:75:30:cb:d5:b5:aa:5c:9e:3a:
f3:71:af:0b:10:0e:c9:14:46:97:44:a8:a0:27:8f:9c:94:ca:
7f:02:f4:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+P/I8OE32WElPwJQTVKgvaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwNTE5MDgzNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWNjZjhjZjJiZTNkNzVmNTZkNzY1MGNkZTY5YmViMWU1ZGQzMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UcfDDB/ouUUS07OOqvRFFnO4Q1r
Pwv9FP4IVrjEQh3daM8tXkZoeO2ILqU3oMoMDKclm1mcYmDsxhBH6U/B/wVg6QDX
hyxrf8hx+HoEUysSp7fEdt6fC+2udimV5ZgkffYm5xC+RCdkb/L60mBDd8qwQd5C
zUzEUj37H8WcRtUvJY0c5AGie8E1FDWf2jZcgxbs97i8E9Ma8xjiyANACvmNIUfu
SnJ46X7JI9hgYsJRyHKpbABxFiJPmbkvvlRroGuB2jLhlsftbg1ZGZWHZUpC+sJN
r/dYz1dRZl0KpjThUnk6iTkSmqYKx5KwkarZK+FZqtRcGB9r9S/zkx49TQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGnM+M8r49dfVtdlDN5pvrHl3TANMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvYWN6NHp5dmoxMTlXMTJVTTNtbS1zZVhkTUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiViAwQA
LiVsAwQALiVxMA0GCSqGSIb3DQEBCwUAA4IBAQBFnxVa1cP8o7qE1+7VwgLE/qxn
g0MeuItTFYILbSc77w7hwmRe6RMWd60X3gZk7Nvp5GLCIKlxMNb0gd3nUyV/VP6Z
Q8+wsMrb5o1cjVd76u0Y9uenNEegY6K2nhhZP3XmLzz+R6V4OSK0f2o2+37Wv1oj
QvgGXWXorI9VXQwXT5yKfMDW0TUZAPLIH7hM3XYjy5GSjFWjZ8IWHjo7Cjjf8/DW
SpoF/A4EUBfZ6FDY8XB99l7pzFZZ7zuvi8Mwim0g/Ju96ZqgofJvXjWdLF1MZbt3
5l16evwgu1ztsU665Ut1MMvVtapcnjrzca8LEA7JFEaXRKigJ4+clMp/AvQH
-----END CERTIFICATE-----
Generated at Tue Jun 11 16:28:28 2024 by rpki-client on console-ams.rpki-client.org