Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/uzBJXCrP5Zue17rJG5iPpr5ERuE.roa
File: uzBJXCrP5Zue17rJG5iPpr5ERuE.roa (raw, json)
Hash identifier: tZODJfbCWSTBZSHP9WGlD7xpqb4fedKZ55s6TgwMUWg=
Subject key identifier: BB:30:49:5C:2A:CF:E5:9B:9E:D7:BA:C9:1B:98:8F:A6:BE:44:46:E1
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018AF49617DE3E085762A175325AD82DEDB5
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/uzBJXCrP5Zue17rJG5iPpr5ERuE.roa
Signing time: Tue 03 Oct 2023 08:09:51 +0000
ROA not before: Tue 03 Oct 2023 08:09:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.114.0/24 maxlen: 24
46.37.120.0/24 maxlen: 24
46.37.121.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:96:17:de:3e:08:57:62:a1:75:32:5a:d8:2d:ed:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Oct 3 08:09:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb30495c2acfe59b9ed7bac91b988fa6be4446e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:64:93:87:51:b3:e7:08:6a:48:db:22:a2:2c:
f1:c0:db:ab:b4:07:9b:35:d3:74:6a:f2:33:ef:40:
60:aa:21:0b:07:a9:6d:6f:0b:db:be:f3:25:28:ca:
00:47:02:c4:f7:b5:39:e3:5b:85:18:89:fa:fc:c7:
74:af:d6:80:28:7b:81:a1:0a:d0:ea:cf:00:33:fd:
7e:9b:be:e7:87:54:a9:c5:a2:c8:f3:62:8e:f7:29:
3b:7f:e6:c6:38:09:89:3d:90:0d:4e:9f:d0:35:21:
4e:03:a5:7a:68:ea:a8:8e:b0:a2:4f:68:e8:14:6f:
a9:0a:ff:39:99:76:5c:66:e5:b7:5f:85:8f:94:42:
31:80:95:02:c2:2a:9d:16:d2:d0:29:85:e0:f5:d7:
e1:49:ef:2a:b1:5f:c4:59:03:a7:ba:98:d4:5c:b0:
4d:bd:4d:b3:6a:12:0f:09:df:36:11:87:9e:e4:c7:
1e:5f:94:9a:80:de:b2:37:1c:8e:4a:31:a4:23:37:
b8:5f:56:fb:3f:58:4c:e5:bd:94:7a:83:79:c4:61:
fb:7b:a9:0b:a7:eb:6a:2d:f0:13:d5:a5:71:c8:10:
e0:67:ca:08:eb:40:77:1d:4b:ed:1a:52:1b:93:43:
6b:36:f1:a0:1c:41:c1:01:d9:1b:44:78:56:f9:af:
29:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:30:49:5C:2A:CF:E5:9B:9E:D7:BA:C9:1B:98:8F:A6:BE:44:46:E1
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/uzBJXCrP5Zue17rJG5iPpr5ERuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0-46.37.114.255
46.37.120.0/23
Signature Algorithm: sha256WithRSAEncryption
45:8e:52:db:1d:c2:21:e8:2c:e8:33:cb:9c:d0:2d:c6:0d:c5:
e7:2e:ab:47:6a:fc:dd:2b:f6:bb:0b:12:bb:b3:db:c6:02:f2:
a1:fd:fb:ae:20:79:30:f2:4f:ff:ce:7a:e0:e1:85:4a:74:32:
c5:03:e0:7a:b1:2d:1d:bd:d5:53:45:ae:01:ca:ff:42:2a:53:
38:0f:35:71:56:eb:73:e2:8e:5f:f8:89:f6:42:4d:00:4f:d2:
9b:b7:7c:de:2f:6f:9b:b9:4f:f5:3d:a0:ae:67:13:c9:f4:f8:
b8:a8:54:34:8d:60:04:b3:d8:7a:9e:fa:27:a2:84:96:9e:42:
f1:cf:6f:33:f4:9e:33:d3:06:67:fa:68:5b:4b:bb:70:4e:2c:
c9:45:69:6b:8a:c0:f8:6c:2e:77:0d:41:b9:fe:b7:35:ef:86:
2c:c6:3d:1a:fc:df:d7:57:b6:d4:26:de:61:8d:55:53:bf:a9:
88:b4:d1:df:91:18:1d:bd:3a:49:38:6f:ba:5a:df:6d:39:fe:
67:4f:08:bd:fa:67:16:56:89:0f:80:45:92:35:f9:c9:c8:41:
0e:08:e3:fb:cf:9f:ec:63:42:3a:bd:e7:66:0f:7b:22:49:87:
26:f1:87:db:ee:36:c3:e6:d9:fe:3f:b6:ee:fc:e2:c5:8c:2a:
0d:ac:7e:a4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYr0lhfePghXYqF1MlrYLe21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMxMDAzMDgwOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjMwNDk1YzJhY2ZlNTliOWVkN2JhYzkxYjk4OGZhNmJlNDQ0NmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWSTh1Gz5whqSNsioizxwNurtAeb
NdN0avIz70BgqiELB6ltbwvbvvMlKMoARwLE97U541uFGIn6/Md0r9aAKHuBoQrQ
6s8AM/1+m77nh1SpxaLI82KO9yk7f+bGOAmJPZANTp/QNSFOA6V6aOqojrCiT2jo
FG+pCv85mXZcZuW3X4WPlEIxgJUCwiqdFtLQKYXg9dfhSe8qsV/EWQOnupjUXLBN
vU2zahIPCd82EYee5MceX5SagN6yNxyOSjGkIze4X1b7P1hM5b2UeoN5xGH7e6kL
p+tqLfAT1aVxyBDgZ8oI60B3HUvtGlIbk0NrNvGgHEHBAdkbRHhW+a8phQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLswSVwqz+Wbnte6yRuYj6a+REbhMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvdXpCSlhDclA1WnVlMTdySkc1aVBwcjVFUnVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALiViMAwD
BAAuJXEDBAAuJXIDBAEuJXgwDQYJKoZIhvcNAQELBQADggEBAEWOUtsdwiHoLOgz
y5zQLcYNxecuq0dq/N0r9rsLEruz28YC8qH9+64geTDyT//OeuDhhUp0MsUD4Hqx
LR291VNFrgHK/0IqUzgPNXFW63Pijl/4ifZCTQBP0pu3fN4vb5u5T/U9oK5nE8n0
+LioVDSNYASz2Hqe+ieihJaeQvHPbzP0njPTBmf6aFtLu3BOLMlFaWuKwPhsLncN
Qbn+tzXvhizGPRr839dXttQm3mGNVVO/qYi00d+RGB29Okk4b7pa3205/mdPCL36
ZxZWiQ+ARZI1+cnIQQ4I4/vPn+xjQjq952YPeyJJhybxh9vuNsPm2f4/tu784sWM
Kg2sfqQ=
Generated at Tue Oct 3 16:55:33 2023 by rpki-client on console-ams.rpki-client.org