Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/pq-AETJN4dWXsUgrww3F2Iomag8.roa
File: pq-AETJN4dWXsUgrww3F2Iomag8.roa (raw, json)
Hash identifier: plfOQvVP9+WgLnd2yPjHHJZdhPL8RW7eEEGatD8aaK4=
Subject key identifier: A6:AF:80:11:32:4D:E1:D5:97:B1:48:2B:C3:0D:C5:D8:8A:26:6A:0F
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 0190C15112C6CC94770B0E7D33CAA71D901B
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/pq-AETJN4dWXsUgrww3F2Iomag8.roa
Signing time: Wed 17 Jul 2024 15:30:34 +0000
ROA not before: Wed 17 Jul 2024 15:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jul 2024 06:08:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c1:51:12:c6:cc:94:77:0b:0e:7d:33:ca:a7:1d:90:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jul 17 15:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6af8011324de1d597b1482bc30dc5d88a266a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0c:cc:4f:a6:49:d4:25:ec:07:68:e0:05:79:
6a:0a:06:cd:69:42:09:7e:ab:f8:59:98:c8:49:fa:
22:33:91:c5:48:98:21:40:a5:c4:8f:2b:80:45:56:
96:7f:fe:49:62:ad:67:b5:e4:10:b5:9a:03:6b:a2:
f5:e3:5b:ce:0c:29:be:04:f3:70:ba:8d:74:c0:54:
d1:09:cd:67:9a:ac:af:e4:fc:3c:79:0e:d1:56:af:
b9:fe:7f:fb:a5:d7:f8:f2:28:32:f5:a7:b0:8e:a1:
fa:5c:54:5f:f0:53:9e:80:f0:52:4a:46:79:b4:33:
96:bf:4e:af:4c:44:22:63:11:47:9f:67:5a:6e:f4:
da:88:95:8d:8a:2a:1d:cc:10:93:19:74:29:67:75:
07:1c:f4:8f:24:01:41:8f:00:b4:50:98:3e:88:03:
ea:b3:1a:28:1b:3d:79:e0:3a:34:75:15:f4:db:b9:
88:2d:34:cd:be:38:77:0b:18:05:a9:8c:40:31:05:
b3:81:ab:63:bd:67:2c:aa:a6:ed:86:e9:89:fc:8b:
93:2a:8e:c0:4e:f7:7e:fe:8d:38:69:53:0f:3a:05:
f3:cd:74:9a:10:4c:a3:81:7d:57:5d:0f:00:43:cb:
ad:53:55:75:57:47:b6:57:61:40:c6:45:59:8f:b4:
61:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:AF:80:11:32:4D:E1:D5:97:B1:48:2B:C3:0D:C5:D8:8A:26:6A:0F
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/pq-AETJN4dWXsUgrww3F2Iomag8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
46.37.122.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:a5:61:1c:2b:7c:bd:cc:c7:54:bf:9b:6a:f7:05:8e:35:ad:
e6:df:65:00:17:3f:07:8e:ce:16:4a:1e:f5:31:f0:24:44:4f:
20:6f:92:f3:dd:21:dd:41:6c:46:ae:a1:2e:4f:6e:7a:80:cf:
5c:d2:15:4c:fd:46:2d:31:4d:11:53:76:1f:fe:a8:dc:53:61:
e3:ac:91:2a:bf:6b:64:f1:d5:55:da:c9:f0:81:78:2f:0e:6f:
df:cb:01:ee:92:98:27:34:60:63:78:42:fa:bc:38:92:58:68:
c3:2a:49:b4:b3:89:dd:74:1f:aa:c3:1b:ad:58:50:ca:b7:3d:
43:8a:b6:43:51:cd:de:b4:05:fe:53:bd:9c:5f:d0:f5:39:f4:
f6:b6:23:b3:d9:9f:f6:bb:3c:84:7a:28:ba:4c:bd:0e:81:8f:
c1:80:f8:51:5e:6d:95:1d:2f:de:01:48:be:95:84:98:03:7a:
ce:a0:d7:76:d2:58:dd:0e:f8:0a:19:78:c9:01:bc:08:7a:a9:
40:2d:9e:54:78:7f:8d:bf:09:40:92:12:ef:39:f4:4a:47:e6:
1f:1a:b4:6c:a5:d8:a6:b2:02:1a:1a:9f:c5:da:9b:46:39:45:
d9:8f:f8:2f:03:5c:f7:b3:46:47:75:f2:9e:bd:d6:c8:fe:44:
08:32:ad:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDBURLGzJR3Cw59M8qnHZAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwNzE3MTUzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmFmODAxMTMyNGRlMWQ1OTdiMTQ4MmJjMzBkYzVkODhhMjY2YTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AzMT6ZJ1CXsB2jgBXlqCgbNaUIJ
fqv4WZjISfoiM5HFSJghQKXEjyuARVaWf/5JYq1nteQQtZoDa6L141vODCm+BPNw
uo10wFTRCc1nmqyv5Pw8eQ7RVq+5/n/7pdf48igy9aewjqH6XFRf8FOegPBSSkZ5
tDOWv06vTEQiYxFHn2dabvTaiJWNiiodzBCTGXQpZ3UHHPSPJAFBjwC0UJg+iAPq
sxooGz154Do0dRX027mILTTNvjh3CxgFqYxAMQWzgatjvWcsqqbthumJ/IuTKo7A
Tvd+/o04aVMPOgXzzXSaEEyjgX1XXQ8AQ8utU1V1V0e2V2FAxkVZj7Rh7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKavgBEyTeHVl7FIK8MNxdiKJmoPMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvcHEtQUVUSk40ZFdYc1Vncnd3M0YySW9tYWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiViAwQA
LiVxAwQALiV6MA0GCSqGSIb3DQEBCwUAA4IBAQBspWEcK3y9zMdUv5tq9wWONa3m
32UAFz8Hjs4WSh71MfAkRE8gb5Lz3SHdQWxGrqEuT256gM9c0hVM/UYtMU0RU3Yf
/qjcU2HjrJEqv2tk8dVV2snwgXgvDm/fywHukpgnNGBjeEL6vDiSWGjDKkm0s4nd
dB+qwxutWFDKtz1DirZDUc3etAX+U72cX9D1OfT2tiOz2Z/2uzyEeii6TL0OgY/B
gPhRXm2VHS/eAUi+lYSYA3rOoNd20ljdDvgKGXjJAbwIeqlALZ5UeH+NvwlAkhLv
OfRKR+YfGrRspdimsgIaGp/F2ptGOUXZj/gvA1z3s0ZHdfKevdbI/kQIMq05
-----END CERTIFICATE-----
Generated at Sat Jul 20 08:41:22 2024 by rpki-client on console-ams.rpki-client.org