Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/fbIZwUgzBrPVgKR3ypVYVvzBzNE.roa
File: fbIZwUgzBrPVgKR3ypVYVvzBzNE.roa (raw, json)
Hash identifier: xG4gfjvG/ChLFt9xXN1Lfm63CyEjHfBkK1axAZHfrBU=
Subject key identifier: 7D:B2:19:C1:48:33:06:B3:D5:80:A4:77:CA:95:58:56:FC:C1:CC:D1
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018B6261286BD7E8842F4161F6C5DE60CB87
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/fbIZwUgzBrPVgKR3ypVYVvzBzNE.roa
Signing time: Tue 24 Oct 2023 15:50:16 +0000
ROA not before: Tue 24 Oct 2023 15:50:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.120.0/24 maxlen: 24
46.37.123.0/24 maxlen: 24
46.37.127.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:62:61:28:6b:d7:e8:84:2f:41:61:f6:c5:de:60:cb:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Oct 24 15:50:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7db219c1483306b3d580a477ca955856fcc1ccd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:20:01:4b:be:08:0e:91:e3:e4:89:ef:5d:43:
42:02:ab:8d:01:39:02:b1:88:24:1b:58:dc:43:29:
f9:65:08:a3:0e:f0:02:c0:80:56:f8:f7:3a:38:5c:
b8:06:da:af:72:96:58:58:29:7a:03:c6:0b:98:18:
31:ad:4f:43:1a:0e:69:11:6b:67:98:4a:cc:71:df:
ce:eb:c8:4b:a6:36:79:80:1a:16:2e:6e:2b:ff:c0:
9b:12:e4:86:2c:39:bd:c9:bc:6d:e2:cc:f5:44:13:
0c:9c:52:97:19:6d:9b:83:a3:81:4b:83:7d:48:83:
d6:fd:32:7e:c8:22:e9:29:8c:b5:d8:9a:5c:0f:68:
85:4e:69:74:e4:69:2a:d4:76:54:1d:bb:18:73:d2:
73:6b:5a:57:89:55:6d:02:94:fe:df:22:39:89:17:
46:ba:50:32:15:f5:73:9c:06:06:30:ce:13:4c:86:
16:5e:39:b5:e0:3c:89:71:bc:2a:79:5d:f6:18:12:
f4:7b:1b:cd:13:3f:fd:3b:03:dd:f5:e4:60:30:6a:
00:3b:12:9e:ab:8b:27:81:eb:cc:5b:3b:f4:d0:ea:
b4:ef:f2:87:a1:26:d0:46:cd:ae:97:a0:a3:b7:9d:
42:ac:93:b8:73:e3:a8:8c:7b:59:ea:44:44:98:95:
8d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:B2:19:C1:48:33:06:B3:D5:80:A4:77:CA:95:58:56:FC:C1:CC:D1
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/fbIZwUgzBrPVgKR3ypVYVvzBzNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
46.37.120.0/24
46.37.123.0/24
46.37.127.0/24
Signature Algorithm: sha256WithRSAEncryption
30:21:ef:94:8e:54:3f:fd:b1:d3:63:3c:2f:04:e5:66:49:08:
ff:52:9a:c7:b8:3b:d5:6b:d9:90:1b:e2:dc:9b:28:e3:77:10:
4b:d3:ed:6f:04:47:de:f8:c8:d0:ed:77:0f:79:38:d0:c0:75:
0b:d8:05:ea:8e:5e:a5:ac:33:bb:77:7e:33:00:92:38:54:ab:
08:ca:74:bb:a7:6b:d5:33:06:4d:22:76:5a:a1:19:86:9f:3d:
b6:d0:0e:95:43:f3:64:9c:bf:20:f5:40:8f:ec:78:18:20:e3:
5b:cd:3e:17:f9:55:f8:6d:63:12:96:4c:ce:23:07:21:77:41:
a6:9f:ac:b1:34:a0:fb:90:2e:6f:85:c9:58:bd:30:b5:c8:aa:
d9:7a:c3:69:13:7c:7f:3b:25:d5:45:9c:14:f8:87:4f:fb:09:
fe:80:56:c2:54:69:e1:2a:a3:7f:55:36:c9:23:c7:04:9e:bf:
86:e6:d7:80:0c:a0:ac:6d:f7:ed:45:06:7f:04:30:36:d5:a2:
0b:64:55:01:13:cc:fb:ca:c2:df:f7:d6:00:ce:a4:cd:c5:03:
aa:76:be:56:a4:fb:25:c2:be:78:3b:82:14:9d:2c:e0:dc:58:
5e:2a:3b:26:70:a1:f5:e7:ac:0f:27:7e:0d:66:d4:f0:a6:3e:
63:a6:db:59
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYtiYShr1+iEL0Fh9sXeYMuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMxMDI0MTU1MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGIyMTljMTQ4MzMwNmIzZDU4MGE0NzdjYTk1NTg1NmZjYzFjY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSABS74IDpHj5InvXUNCAquNATkC
sYgkG1jcQyn5ZQijDvACwIBW+Pc6OFy4BtqvcpZYWCl6A8YLmBgxrU9DGg5pEWtn
mErMcd/O68hLpjZ5gBoWLm4r/8CbEuSGLDm9ybxt4sz1RBMMnFKXGW2bg6OBS4N9
SIPW/TJ+yCLpKYy12JpcD2iFTml05Gkq1HZUHbsYc9Jza1pXiVVtApT+3yI5iRdG
ulAyFfVznAYGMM4TTIYWXjm14DyJcbwqeV32GBL0exvNEz/9OwPd9eRgMGoAOxKe
q4sngevMWzv00Oq07/KHoSbQRs2ul6Cjt51CrJO4c+OojHtZ6kREmJWNTwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFH2yGcFIMwaz1YCkd8qVWFb8wczRMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvZmJJWndVZ3pCclBWZ0tSM3lwVllWdnpCek5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALiViAwQA
LiVxAwQALiV4AwQALiV7AwQALiV/MA0GCSqGSIb3DQEBCwUAA4IBAQAwIe+UjlQ/
/bHTYzwvBOVmSQj/UprHuDvVa9mQG+LcmyjjdxBL0+1vBEfe+MjQ7XcPeTjQwHUL
2AXqjl6lrDO7d34zAJI4VKsIynS7p2vVMwZNInZaoRmGnz220A6VQ/NknL8g9UCP
7HgYIONbzT4X+VX4bWMSlkzOIwchd0Gmn6yxNKD7kC5vhclYvTC1yKrZesNpE3x/
OyXVRZwU+IdP+wn+gFbCVGnhKqN/VTbJI8cEnr+G5teADKCsbfftRQZ/BDA21aIL
ZFUBE8z7ysLf99YAzqTNxQOqdr5WpPslwr54O4IUnSzg3FheKjsmcKH156wPJ34N
ZtTwpj5jpttZ
-----END CERTIFICATE-----
Generated at Wed Oct 25 14:19:12 2023 by rpki-client on console-ams.rpki-client.org