Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/hiKFnXkv0MJ9DfSR8RKwX0B7av4.roa
File: hiKFnXkv0MJ9DfSR8RKwX0B7av4.roa (raw, json)
Hash identifier: pdqUquKdj6GUFOaOKmSgucm4vS8UaBbiFDlDyTRM8Lg=
Subject key identifier: 86:22:85:9D:79:2F:D0:C2:7D:0D:F4:91:F1:12:B0:5F:40:7B:6A:FE
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018CC348B9666C1C07E349BD7800B2B8A73C
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/hiKFnXkv0MJ9DfSR8RKwX0B7av4.roa
Signing time: Mon 01 Jan 2024 04:29:32 +0000
ROA not before: Mon 01 Jan 2024 04:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61135
IP address blocks: 46.37.115.0/24 maxlen: 24
46.37.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 13:34:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b9:66:6c:1c:07:e3:49:bd:78:00:b2:b8:a7:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jan 1 04:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8622859d792fd0c27d0df491f112b05f407b6afe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:67:b7:e3:2f:7a:6c:30:06:ba:d0:6b:31:0f:
4b:80:11:25:3d:af:fe:fb:bb:ca:1e:29:b3:cb:ef:
d7:00:17:28:3d:00:87:d8:e9:34:18:d4:3a:86:63:
80:a0:9f:a9:97:4d:00:4f:b1:a4:0a:f0:d5:40:12:
d3:fc:ca:2d:76:07:18:a2:d1:71:81:ba:fe:27:f4:
ce:3f:9f:67:b9:80:4b:b6:c5:31:7a:eb:4e:4c:f6:
76:c3:c1:d0:dc:89:86:5c:8e:07:9f:7b:b3:7d:95:
00:25:55:8a:1f:8d:7c:0f:54:9e:e3:ca:ce:f0:d1:
11:49:56:59:08:d5:ae:72:82:6d:37:cf:da:e1:6b:
91:e0:c9:3e:9b:16:55:1d:16:4d:99:62:38:2f:f2:
2e:8e:0f:f8:a7:1f:4d:02:1e:fb:fe:82:21:f2:1a:
a9:a8:e3:1d:45:4c:e8:6a:e2:35:7e:c4:97:c2:a3:
21:ec:76:ec:bd:3c:d0:cb:19:73:c8:44:0c:67:5c:
3a:18:84:03:db:c6:aa:50:98:bc:c7:cf:92:9e:cd:
bc:06:73:0f:08:53:8c:76:95:6e:0b:bd:62:02:b7:
db:65:8a:84:ee:28:dc:48:c5:0c:fc:ea:8a:27:d8:
15:fb:aa:9b:af:b8:23:91:d3:4f:eb:cf:c5:e7:6c:
80:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:22:85:9D:79:2F:D0:C2:7D:0D:F4:91:F1:12:B0:5F:40:7B:6A:FE
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/hiKFnXkv0MJ9DfSR8RKwX0B7av4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.115.0/24
46.37.121.0/24
Signature Algorithm: sha256WithRSAEncryption
46:68:d1:48:aa:fd:fe:5f:42:46:44:df:0a:c8:96:6a:3f:91:
04:33:0b:d9:a5:4d:18:10:5a:82:f1:b7:14:b5:64:db:93:a1:
60:ae:77:c1:d5:fd:0f:cb:83:85:9c:fd:54:c9:c6:6b:3b:15:
ee:d8:d0:af:ce:db:40:15:38:94:2b:d1:84:e5:e3:a3:14:20:
25:58:f5:37:a1:7b:b3:e7:a6:59:d3:23:3a:da:29:a1:ba:2d:
4b:b8:50:5e:d3:43:a1:29:c9:85:e8:c2:c1:50:dd:59:59:f8:
84:a4:41:1a:58:08:5c:d8:6b:b7:d9:71:77:bb:24:44:4b:e7:
ad:d6:48:cb:fb:25:20:5e:39:d3:5e:43:61:83:b1:4d:a5:06:
ea:82:cc:74:b9:88:59:cf:1a:eb:10:b8:b2:cd:c8:65:46:35:
fe:3f:c6:b5:3d:58:0e:8f:93:8a:1f:51:85:49:67:52:0b:88:
ba:f9:5a:3b:18:b1:80:34:d6:82:ce:5d:df:88:90:91:5d:a5:
9a:27:22:ae:a0:94:d6:60:3e:40:0f:a6:67:a1:cc:c3:26:f2:
08:73:31:41:a0:54:42:4c:40:73:92:4b:91:d0:c2:7e:ed:ea:
13:af:d1:e3:ba:09:87:fa:66:02:a7:4b:5b:c9:71:8b:36:81:
55:6b:7f:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSLlmbBwH40m9eACyuKc8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTAxMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjIyODU5ZDc5MmZkMGMyN2QwZGY0OTFmMTEyYjA1ZjQwN2I2YWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApme34y96bDAGutBrMQ9LgBElPa/+
+7vKHimzy+/XABcoPQCH2Ok0GNQ6hmOAoJ+pl00AT7GkCvDVQBLT/MotdgcYotFx
gbr+J/TOP59nuYBLtsUxeutOTPZ2w8HQ3ImGXI4Hn3uzfZUAJVWKH418D1Se48rO
8NERSVZZCNWucoJtN8/a4WuR4Mk+mxZVHRZNmWI4L/Iujg/4px9NAh77/oIh8hqp
qOMdRUzoauI1fsSXwqMh7HbsvTzQyxlzyEQMZ1w6GIQD28aqUJi8x8+Sns28BnMP
CFOMdpVuC71iArfbZYqE7ijcSMUM/OqKJ9gV+6qbr7gjkdNP68/F52yApQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIYihZ15L9DCfQ30kfESsF9Ae2r+MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvaGlLRm5Ya3YwTUo5RGZTUjhSS3dYMEI3YXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiVzAwQA
LiV5MA0GCSqGSIb3DQEBCwUAA4IBAQBGaNFIqv3+X0JGRN8KyJZqP5EEMwvZpU0Y
EFqC8bcUtWTbk6FgrnfB1f0Py4OFnP1UycZrOxXu2NCvzttAFTiUK9GE5eOjFCAl
WPU3oXuz56ZZ0yM62imhui1LuFBe00OhKcmF6MLBUN1ZWfiEpEEaWAhc2Gu32XF3
uyRES+et1kjL+yUgXjnTXkNhg7FNpQbqgsx0uYhZzxrrELiyzchlRjX+P8a1PVgO
j5OKH1GFSWdSC4i6+Vo7GLGANNaCzl3fiJCRXaWaJyKuoJTWYD5AD6ZnoczDJvII
czFBoFRCTEBzkkuR0MJ+7eoTr9HjugmH+mYCp0tbyXGLNoFVa38B
-----END CERTIFICATE-----
Generated at Tue Jan 23 17:46:27 2024 by rpki-client on console-fra.rpki-client.org