Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/pNnbLGV3WqSDn3Z1OVzi4lBgvMg.roa
File: pNnbLGV3WqSDn3Z1OVzi4lBgvMg.roa (raw, json)
Hash identifier: QBvE6oayJXqk4CtF0Epv7/8CquYet7d9TBM79by7pPA=
Subject key identifier: A4:D9:DB:2C:65:77:5A:A4:83:9F:76:75:39:5C:E2:E2:50:60:BC:C8
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018E0F927A128BDA273FF3EA0B8374AAFD6A
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/pNnbLGV3WqSDn3Z1OVzi4lBgvMg.roa
Signing time: Tue 05 Mar 2024 17:04:01 +0000
ROA not before: Tue 05 Mar 2024 17:04:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397630
IP address blocks: 46.37.120.0/24 maxlen: 24
46.37.121.0/24 maxlen: 24
46.37.123.0/24 maxlen: 24
185.92.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 06:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0f:92:7a:12:8b:da:27:3f:f3:ea:0b:83:74:aa:fd:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Mar 5 17:04:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4d9db2c65775aa4839f7675395ce2e25060bcc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:66:cd:5f:a9:64:97:f9:bc:7c:ff:b5:59:a8:
91:e9:e4:08:af:f5:b7:2c:1e:a3:18:06:8c:b1:9d:
c1:86:e0:a8:01:11:fe:56:7d:ad:de:7e:51:3a:8f:
ec:83:a4:29:f1:b7:c6:1e:37:28:aa:56:7d:56:5d:
86:ab:8e:3b:38:80:f5:9a:f8:ad:80:61:65:7a:3f:
b7:87:88:40:76:16:cd:cf:4f:3f:1a:4d:c3:11:b7:
d5:14:74:b6:b3:5f:60:58:b1:dd:13:68:aa:3f:03:
01:b2:be:a5:47:4d:04:94:0f:df:e9:60:6b:7e:94:
0b:5e:d2:b4:99:32:19:f7:04:0a:db:11:75:6a:fa:
ac:90:d1:5e:16:06:3e:3d:ab:78:1e:e2:8f:f2:24:
da:bf:61:fe:46:f9:63:96:1c:43:0c:c2:9e:fc:14:
28:f7:7d:88:f0:c7:3e:58:b4:14:89:f0:d1:b2:e7:
90:d9:ad:4f:8f:38:d9:41:5d:5b:72:6c:b9:94:87:
cb:1f:54:41:3c:27:4f:60:c5:0a:94:0d:42:16:48:
b3:2d:b1:e4:68:00:83:4d:64:99:d2:c8:7b:6e:c2:
de:95:e0:f7:b2:24:27:23:f7:37:76:d7:05:79:ad:
5a:73:d1:d0:2b:4e:c1:47:e3:db:89:0b:e1:ca:f2:
6a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:D9:DB:2C:65:77:5A:A4:83:9F:76:75:39:5C:E2:E2:50:60:BC:C8
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/pNnbLGV3WqSDn3Z1OVzi4lBgvMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.120.0/23
46.37.123.0/24
185.92.45.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:78:fd:e2:55:3a:70:68:e2:84:38:f4:ce:3b:10:25:54:33:
57:37:2e:8d:61:0e:76:5f:03:82:ad:7d:99:3c:36:98:2a:88:
60:a6:6b:ce:5b:bc:94:6d:1f:e4:c9:48:5a:e1:ba:9c:05:85:
36:0d:10:cb:c2:10:71:c0:76:02:bd:6f:34:59:85:0b:30:2a:
d5:29:25:60:49:bc:eb:0b:03:ec:e4:bd:42:b1:77:48:74:9e:
9a:69:92:2c:05:b3:71:a0:84:d9:00:e7:6e:c5:60:a4:c8:5c:
b3:cb:46:e3:89:3e:17:5e:a2:c7:c1:b2:79:ed:ef:09:92:18:
f2:60:7c:b2:8c:34:d6:c7:91:8e:c5:09:85:06:e4:1e:a5:bd:
42:1d:59:80:d3:07:ef:fe:00:1c:fa:66:13:bf:f0:64:18:e5:
27:24:23:62:eb:70:52:3f:31:5b:3b:2d:14:eb:93:a2:47:3c:
67:e6:4d:ee:37:ce:d9:f2:5a:36:fd:42:14:67:41:7c:70:97:
0f:e0:04:97:c9:01:4c:93:16:98:ee:cf:bd:65:64:59:b2:02:
d2:67:c9:64:41:ad:ed:bb:5c:d2:f7:5e:56:e9:e4:d2:ca:05:
76:81:10:db:33:43:e3:bb:ad:4a:ad:01:2b:38:e5:7e:8b:06:
bb:4e:65:52
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4PknoSi9onP/PqC4N0qv1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMzA1MTcwNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGQ5ZGIyYzY1Nzc1YWE0ODM5Zjc2NzUzOTVjZTJlMjUwNjBiY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGbNX6lkl/m8fP+1WaiR6eQIr/W3
LB6jGAaMsZ3BhuCoARH+Vn2t3n5ROo/sg6Qp8bfGHjcoqlZ9Vl2Gq447OID1mvit
gGFlej+3h4hAdhbNz08/Gk3DEbfVFHS2s19gWLHdE2iqPwMBsr6lR00ElA/f6WBr
fpQLXtK0mTIZ9wQK2xF1avqskNFeFgY+Pat4HuKP8iTav2H+RvljlhxDDMKe/BQo
932I8Mc+WLQUifDRsueQ2a1PjzjZQV1bcmy5lIfLH1RBPCdPYMUKlA1CFkizLbHk
aACDTWSZ0sh7bsLeleD3siQnI/c3dtcFea1ac9HQK07BR+PbiQvhyvJqaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKTZ2yxld1qkg592dTlc4uJQYLzIMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvcE5uYkxHVjNXcVNEbjNaMU9Wemk0bEJndk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLiV4AwQA
LiV7AwQAuVwtMA0GCSqGSIb3DQEBCwUAA4IBAQCseP3iVTpwaOKEOPTOOxAlVDNX
Ny6NYQ52XwOCrX2ZPDaYKohgpmvOW7yUbR/kyUha4bqcBYU2DRDLwhBxwHYCvW80
WYULMCrVKSVgSbzrCwPs5L1CsXdIdJ6aaZIsBbNxoITZAOduxWCkyFyzy0bjiT4X
XqLHwbJ57e8JkhjyYHyyjDTWx5GOxQmFBuQepb1CHVmA0wfv/gAc+mYTv/BkGOUn
JCNi63BSPzFbOy0U65OiRzxn5k3uN87Z8lo2/UIUZ0F8cJcP4ASXyQFMkxaY7s+9
ZWRZsgLSZ8lkQa3tu1zS915W6eTSygV2gRDbM0Pju61KrQErOOV+iwa7TmVS
Generated at Tue Nov 5 09:41:00 2024 by rpki-client on console-ams.rpki-client.org