Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/uH5LSF792lo30j3T5D3sEoOKQpM.roa
File: uH5LSF792lo30j3T5D3sEoOKQpM.roa (raw, json)
Hash identifier: liAonxqUpeK4CpwJjp/bx4x8QmtITlDuPIem0HxqL6Q=
Subject key identifier: B8:7E:4B:48:5E:FD:DA:5A:37:D2:3D:D3:E4:3D:EC:12:83:8A:42:93
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018F39B900A709B894C89FB6DE52E211B0EA
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/uH5LSF792lo30j3T5D3sEoOKQpM.roa
Signing time: Thu 02 May 2024 14:32:56 +0000
ROA not before: Thu 02 May 2024 14:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 May 2024 08:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:39:b9:00:a7:09:b8:94:c8:9f:b6:de:52:e2:11:b0:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: May 2 14:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b87e4b485efdda5a37d23dd3e43dec12838a4293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5e:90:20:c2:4c:62:98:9c:99:fb:7e:87:91:
d6:1b:f5:26:87:cf:4e:68:0b:aa:cd:04:6e:85:45:
f8:19:14:af:04:50:c3:87:95:0c:a6:56:bb:24:00:
8e:d6:68:f8:04:03:3a:95:81:9c:bd:ae:77:00:c7:
6d:eb:d4:96:dc:e5:49:cc:71:55:d9:18:06:0a:f7:
81:c4:e4:19:2d:46:cc:bf:d6:b8:da:91:0c:4c:50:
1e:63:7b:d9:fb:17:34:95:a4:64:ed:3e:e6:3f:a2:
87:68:31:e8:19:ea:14:88:2b:9f:67:33:cb:bc:fc:
f1:67:ea:2f:a9:c3:4c:fb:9b:72:5c:43:aa:89:79:
30:be:90:08:4f:d4:e4:8b:8b:63:e1:ab:c4:a7:14:
aa:b9:1a:98:33:4d:84:d9:3f:af:6e:88:8e:52:6f:
0b:42:61:12:2d:c3:aa:96:57:09:05:96:32:02:95:
49:a6:d2:98:74:a8:ed:96:34:e5:64:c4:09:32:d3:
eb:28:06:a8:40:c0:e0:68:f2:0f:7e:aa:62:66:47:
d7:ac:e9:2a:2b:cc:36:20:49:1e:67:67:73:2f:99:
65:89:24:86:65:aa:7d:1c:c3:ee:94:d1:d9:bc:21:
d2:a3:12:53:e8:97:69:e0:05:d3:1e:25:c9:d6:7c:
6f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:7E:4B:48:5E:FD:DA:5A:37:D2:3D:D3:E4:3D:EC:12:83:8A:42:93
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/uH5LSF792lo30j3T5D3sEoOKQpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:06:0c:98:e3:97:6b:52:5d:0f:5b:35:d7:e8:87:9d:15:cd:
4c:59:bc:3a:24:0a:49:df:9a:c4:f7:2d:5c:ca:1a:0b:3a:f6:
74:e1:5f:6b:2f:09:78:e1:59:4b:d5:7e:fa:95:81:35:da:90:
99:b6:f6:b8:b8:c5:4b:a5:c0:a9:10:2e:5d:21:c3:de:5d:07:
f0:5b:bc:1b:73:4f:93:e6:f5:4a:b9:ed:ba:87:ef:c8:5a:16:
49:e9:38:49:e4:57:70:e9:46:6e:a8:f8:9a:bb:e2:f2:90:22:
55:79:2c:f4:75:1c:08:fc:0f:fd:cb:7e:14:7a:12:37:69:c7:
d1:98:5a:7e:c7:33:dd:ec:05:18:c6:12:65:0e:26:06:67:97:
d4:bc:7d:3c:ea:38:47:e6:05:bc:35:ff:64:8e:fa:9c:00:01:
45:3f:26:11:79:e6:19:72:de:a0:16:7a:da:df:20:b0:a0:25:
5d:f7:47:b7:75:0a:56:74:0f:60:51:30:1a:b7:b8:ff:18:ff:
ed:00:b1:4e:7f:4a:c3:8a:10:fe:86:3e:f6:04:23:64:74:93:
a4:1f:70:2f:83:4c:0c:d7:1e:16:bb:91:fd:70:8a:1f:8f:5e:
98:90:21:20:0c:e8:0d:87:91:f8:e0:86:ff:71:04:60:19:c0:
c2:28:c4:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY85uQCnCbiUyJ+23lLiEbDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwNTAyMTQzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODdlNGI0ODVlZmRkYTVhMzdkMjNkZDNlNDNkZWMxMjgzOGE0MjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6V6QIMJMYpicmft+h5HWG/Umh89O
aAuqzQRuhUX4GRSvBFDDh5UMpla7JACO1mj4BAM6lYGcva53AMdt69SW3OVJzHFV
2RgGCveBxOQZLUbMv9a42pEMTFAeY3vZ+xc0laRk7T7mP6KHaDHoGeoUiCufZzPL
vPzxZ+ovqcNM+5tyXEOqiXkwvpAIT9Tki4tj4avEpxSquRqYM02E2T+vboiOUm8L
QmESLcOqllcJBZYyApVJptKYdKjtljTlZMQJMtPrKAaoQMDgaPIPfqpiZkfXrOkq
K8w2IEkeZ2dzL5lliSSGZap9HMPulNHZvCHSoxJT6Jdp4AXTHiXJ1nxvGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLh+S0he/dpaN9I90+Q97BKDikKTMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvdUg1TFNGNzkybG8zMGozVDVEM3NFb09LUXBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiViAwQA
LiVxMA0GCSqGSIb3DQEBCwUAA4IBAQBLBgyY45drUl0PWzXX6IedFc1MWbw6JApJ
35rE9y1cyhoLOvZ04V9rLwl44VlL1X76lYE12pCZtva4uMVLpcCpEC5dIcPeXQfw
W7wbc0+T5vVKue26h+/IWhZJ6ThJ5Fdw6UZuqPiau+LykCJVeSz0dRwI/A/9y34U
ehI3acfRmFp+xzPd7AUYxhJlDiYGZ5fUvH086jhH5gW8Nf9kjvqcAAFFPyYReeYZ
ct6gFnra3yCwoCVd90e3dQpWdA9gUTAat7j/GP/tALFOf0rDihD+hj72BCNkdJOk
H3Avg0wM1x4Wu5H9cIofj16YkCEgDOgNh5H44Ib/cQRgGcDCKMR9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org