Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/t5OafV3aaVSboH2JVAXzGdpDRAA.roa
File: t5OafV3aaVSboH2JVAXzGdpDRAA.roa (raw, json)
Hash identifier: WdBLr0xHmbj1yAg/oCWgVugqoblGiMD9MC8Ry5UWdc0=
Subject key identifier: B7:93:9A:7D:5D:DA:69:54:9B:A0:7D:89:54:05:F3:19:DA:43:44:00
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018C12FBCF357C34F5F1F5977A996A6AB1CF
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/t5OafV3aaVSboH2JVAXzGdpDRAA.roa
Signing time: Mon 27 Nov 2023 22:52:21 +0000
ROA not before: Mon 27 Nov 2023 22:52:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.120.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:12:fb:cf:35:7c:34:f5:f1:f5:97:7a:99:6a:6a:b1:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Nov 27 22:52:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7939a7d5dda69549ba07d895405f319da434400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8b:15:9c:bb:65:3a:2c:69:aa:12:1d:0b:9b:
0e:2e:95:3f:0f:90:bf:f6:46:b2:e0:57:c3:1b:78:
7c:b4:26:49:f7:6f:b9:c4:0a:d9:5c:19:cd:94:bf:
29:97:bf:e9:8e:cf:82:b0:e2:87:42:28:ae:89:54:
8e:81:3b:9f:f1:30:68:83:34:0a:a6:07:95:6d:b5:
59:18:2b:dc:75:1a:f3:5b:4f:aa:68:fb:73:ff:e1:
0f:5f:9a:32:d1:a9:46:44:82:73:30:fa:a7:a3:5b:
ea:51:26:42:48:c8:a8:1d:18:c0:6d:12:84:21:41:
6d:ef:12:5b:63:d0:d0:86:20:dd:a6:d3:15:37:b8:
d3:3d:32:a7:10:13:3a:e2:46:53:75:4b:90:62:c0:
04:0e:31:1f:d0:77:bb:20:0a:3e:7c:2f:bf:79:bd:
89:f9:21:41:3c:b8:8f:c8:e2:49:87:c9:6e:6a:57:
1a:73:b5:78:5e:44:36:a2:43:1d:e0:f1:4a:a0:81:
fc:da:24:83:33:a3:5e:de:b5:bc:32:a2:e5:88:30:
57:a2:e4:9e:3e:20:e1:9a:a7:51:5e:f1:a1:e2:11:
ad:1c:58:8f:62:39:2b:19:23:77:48:f0:80:c5:61:
6a:f0:fa:4c:39:c2:52:2b:3e:6c:16:8c:4a:54:e5:
99:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:93:9A:7D:5D:DA:69:54:9B:A0:7D:89:54:05:F3:19:DA:43:44:00
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/t5OafV3aaVSboH2JVAXzGdpDRAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
46.37.120.0/24
Signature Algorithm: sha256WithRSAEncryption
49:48:ff:84:76:a1:ec:b0:ed:62:aa:ed:58:7e:58:a4:ef:10:
4c:2b:ad:f9:2b:07:df:04:d6:43:a6:9d:e4:87:9a:7a:1e:2f:
98:be:0c:3f:3c:4a:c1:db:39:92:7a:b2:10:c1:b1:34:15:81:
97:a6:9c:6b:0e:00:f3:3e:53:d7:75:a7:fd:25:9f:5e:5e:d9:
a6:e6:c6:2e:7d:67:28:28:82:52:a5:9b:60:c4:c7:a6:04:8e:
37:1d:7a:ed:f4:e0:24:06:96:a5:c9:23:a9:df:57:9b:3c:70:
dd:9d:76:be:1c:37:0c:ea:9a:6d:fc:1a:85:20:17:8a:02:24:
47:b1:7f:66:45:98:ed:10:d8:27:72:e7:2b:92:6b:04:c3:94:
27:d9:17:b1:06:cc:91:ab:f8:d1:c5:e0:2e:a5:b6:df:d8:5c:
3c:22:9a:46:19:3b:e0:0c:45:e7:41:f9:c6:76:36:b8:be:c9:
a1:ae:ee:16:3d:d1:d8:a5:e5:b8:5f:a0:23:50:37:b3:d5:29:
b1:28:87:87:1f:5e:cf:51:80:3f:bd:8a:d4:32:bb:08:33:4c:
31:e2:8e:b8:05:07:e3:c1:9f:b6:a7:bd:f4:f1:a4:5c:36:4c:
41:58:d6:68:4e:06:22:eb:04:5f:59:bb:6e:cf:7d:f7:d5:d5:
34:07:c8:36
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwS+881fDT18fWXeplqarHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMxMTI3MjI1MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzkzOWE3ZDVkZGE2OTU0OWJhMDdkODk1NDA1ZjMxOWRhNDM0NDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIsVnLtlOixpqhIdC5sOLpU/D5C/
9kay4FfDG3h8tCZJ92+5xArZXBnNlL8pl7/pjs+CsOKHQiiuiVSOgTuf8TBogzQK
pgeVbbVZGCvcdRrzW0+qaPtz/+EPX5oy0alGRIJzMPqno1vqUSZCSMioHRjAbRKE
IUFt7xJbY9DQhiDdptMVN7jTPTKnEBM64kZTdUuQYsAEDjEf0He7IAo+fC+/eb2J
+SFBPLiPyOJJh8lualcac7V4XkQ2okMd4PFKoIH82iSDM6Ne3rW8MqLliDBXouSe
PiDhmqdRXvGh4hGtHFiPYjkrGSN3SPCAxWFq8PpMOcJSKz5sFoxKVOWZBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLeTmn1d2mlUm6B9iVQF8xnaQ0QAMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvdDVPYWZWM2FhVlNib0gySlZBWHpHZHBEUkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiViAwQA
LiVxAwQALiV4MA0GCSqGSIb3DQEBCwUAA4IBAQBJSP+EdqHssO1iqu1Yflik7xBM
K635KwffBNZDpp3kh5p6Hi+Yvgw/PErB2zmSerIQwbE0FYGXppxrDgDzPlPXdaf9
JZ9eXtmm5sYufWcoKIJSpZtgxMemBI43HXrt9OAkBpalySOp31ebPHDdnXa+HDcM
6ppt/BqFIBeKAiRHsX9mRZjtENgncucrkmsEw5Qn2RexBsyRq/jRxeAupbbf2Fw8
IppGGTvgDEXnQfnGdja4vsmhru4WPdHYpeW4X6AjUDez1SmxKIeHH17PUYA/vYrU
MrsIM0wx4o64BQfjwZ+2p7308aRcNkxBWNZoTgYi6wRfWbtuz3331dU0B8g2
-----END CERTIFICATE-----
Generated at Wed Nov 29 09:35:40 2023 by rpki-client on console-ams.rpki-client.org