Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/rTst5lvK4uP2nZ5iIIopGbCtKH0.roa
File: rTst5lvK4uP2nZ5iIIopGbCtKH0.roa (raw, json)
Hash identifier: FugDH0zgMSRMJnsJ+sgQCYlx8Kv1OYcB70CzFIqEKtc=
Subject key identifier: AD:3B:2D:E6:5B:CA:E2:E3:F6:9D:9E:62:20:8A:29:19:B0:AD:28:7D
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018CD63330A67F333AA28A6639AD35330CDE
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/rTst5lvK4uP2nZ5iIIopGbCtKH0.roa
Signing time: Thu 04 Jan 2024 20:38:48 +0000
ROA not before: Thu 04 Jan 2024 20:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 07:07:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d6:33:30:a6:7f:33:3a:a2:8a:66:39:ad:35:33:0c:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jan 4 20:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad3b2de65bcae2e3f69d9e62208a2919b0ad287d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f5:96:26:cc:92:e0:f1:cc:a2:7b:88:21:7a:
d4:e3:1d:c2:1e:bf:5e:41:ec:3d:61:21:76:88:2f:
b6:57:d1:52:dc:38:ce:42:93:d1:dd:e7:eb:fa:38:
6d:4c:f7:1e:67:93:0b:24:0f:3b:79:c3:3f:f3:4a:
0b:c6:7f:94:84:6e:42:18:02:be:a9:ec:51:47:0f:
87:98:f2:f6:e2:67:42:68:5b:e2:7c:ae:04:53:f2:
c9:a0:d6:48:cb:e5:ef:06:d8:66:0f:36:7c:9c:08:
fa:3f:0a:87:6d:5a:64:0c:f9:ef:32:a8:2d:d5:9a:
9e:f4:62:37:98:1d:af:8b:87:7d:af:d3:79:18:26:
1d:7c:0d:f2:83:e7:0e:a1:0f:56:69:26:4d:36:ae:
c0:85:10:68:e5:d1:af:7f:ae:76:44:3e:ed:02:11:
fe:53:07:9b:a7:ff:06:d1:36:18:78:5c:8d:e0:2d:
fc:27:7e:d2:31:38:65:61:51:43:d4:b7:c6:1d:eb:
83:9a:b3:82:84:e9:95:98:49:ef:02:80:21:bd:97:
73:09:26:c7:e6:a4:a9:4e:11:d3:71:05:49:00:b4:
59:89:f5:2a:03:83:57:b2:cb:08:9d:6a:f4:e5:26:
8a:81:22:0e:3b:38:b5:38:d3:47:2a:9a:41:a3:b1:
6d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:3B:2D:E6:5B:CA:E2:E3:F6:9D:9E:62:20:8A:29:19:B0:AD:28:7D
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/rTst5lvK4uP2nZ5iIIopGbCtKH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
Signature Algorithm: sha256WithRSAEncryption
58:33:8d:d9:82:2a:a9:3d:77:6f:f4:7f:a7:8e:cd:26:fb:f3:
14:90:e0:4c:8c:e7:d3:2a:e5:95:60:cb:2a:92:87:53:2d:03:
19:8f:5e:3e:9d:e6:34:a4:15:45:d7:1a:06:f0:cc:f9:e6:28:
08:1e:05:1c:cb:a9:8a:33:1e:57:65:5e:06:71:60:4e:e2:27:
50:69:7b:5d:d4:b5:d5:40:e4:1e:e0:26:d8:9b:02:d0:f2:d0:
7d:88:66:4e:24:9d:16:71:af:91:03:4a:03:e9:8a:c5:00:79:
ba:49:77:5b:a1:77:e3:f0:c7:1f:ba:4e:b2:7f:b2:a8:31:20:
96:18:58:0e:db:5d:77:a8:3e:70:03:61:f6:08:56:9e:4c:12:
39:5b:e4:b3:98:d3:a6:e9:92:49:c3:96:22:27:e8:d9:7e:19:
72:1c:5a:16:31:34:0c:f5:b0:02:e9:5f:43:69:07:80:09:f3:
ad:cf:6e:e5:54:a5:88:7d:11:49:0f:47:c9:39:64:fe:c8:7b:
22:65:fd:10:43:d5:03:3a:6e:34:ba:a7:18:d6:15:c2:2e:4f:
8d:7a:9d:a5:2e:7c:31:fc:a4:84:6c:61:1c:53:00:e1:02:0e:
e6:00:99:47:7e:10:a6:fb:12:2d:86:a7:cf:f4:10:f0:e3:94:
dd:25:51:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzWMzCmfzM6oopmOa01MwzeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTA0MjAzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDNiMmRlNjViY2FlMmUzZjY5ZDllNjIyMDhhMjkxOWIwYWQyODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvWWJsyS4PHMonuIIXrU4x3CHr9e
Qew9YSF2iC+2V9FS3DjOQpPR3efr+jhtTPceZ5MLJA87ecM/80oLxn+UhG5CGAK+
qexRRw+HmPL24mdCaFvifK4EU/LJoNZIy+XvBthmDzZ8nAj6PwqHbVpkDPnvMqgt
1Zqe9GI3mB2vi4d9r9N5GCYdfA3yg+cOoQ9WaSZNNq7AhRBo5dGvf652RD7tAhH+
Uwebp/8G0TYYeFyN4C38J37SMThlYVFD1LfGHeuDmrOChOmVmEnvAoAhvZdzCSbH
5qSpThHTcQVJALRZifUqA4NXsssInWr05SaKgSIOOzi1ONNHKppBo7FtgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK07LeZbyuLj9p2eYiCKKRmwrSh9MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvclRzdDVsdks0dVAyblo1aUlJb3BHYkN0S0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiViAwQA
LiVxMA0GCSqGSIb3DQEBCwUAA4IBAQBYM43ZgiqpPXdv9H+njs0m+/MUkOBMjOfT
KuWVYMsqkodTLQMZj14+neY0pBVF1xoG8Mz55igIHgUcy6mKMx5XZV4GcWBO4idQ
aXtd1LXVQOQe4CbYmwLQ8tB9iGZOJJ0Wca+RA0oD6YrFAHm6SXdboXfj8Mcfuk6y
f7KoMSCWGFgO2113qD5wA2H2CFaeTBI5W+SzmNOm6ZJJw5YiJ+jZfhlyHFoWMTQM
9bAC6V9DaQeACfOtz27lVKWIfRFJD0fJOWT+yHsiZf0QQ9UDOm40uqcY1hXCLk+N
ep2lLnwx/KSEbGEcUwDhAg7mAJlHfhCm+xIthqfP9BDw45TdJVGx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org