Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/yBifAkspvzheZe9-y-ga0cl-Fho.roa
File: yBifAkspvzheZe9-y-ga0cl-Fho.roa (raw, json)
Hash identifier: OLgR2bc/VylBUCunZYl5TzIj5kdKrgoNG46aTJKAYVw=
Subject key identifier: C8:18:9F:02:4B:29:BF:38:5E:65:EF:7E:CB:E8:1A:D1:C9:7E:16:1A
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 0191B7656AE120BCD740CFAA5373DB87999D
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/yBifAkspvzheZe9-y-ga0cl-Fho.roa
Signing time: Tue 03 Sep 2024 10:19:22 +0000
ROA not before: Tue 03 Sep 2024 10:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 46.37.122.0/24 maxlen: 24
46.37.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Oct 2024 14:42:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:65:6a:e1:20:bc:d7:40:cf:aa:53:73:db:87:99:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Sep 3 10:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8189f024b29bf385e65ef7ecbe81ad1c97e161a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8a:44:b7:e7:3f:85:2c:ce:8f:15:a2:20:1e:
3e:70:9d:a4:11:57:07:08:76:e3:bb:c3:ff:e3:88:
77:78:04:22:09:2b:81:1a:64:5c:30:f5:32:2f:7b:
9d:67:e0:41:fb:d2:19:1e:23:08:a5:18:31:74:18:
a9:6e:5a:1a:e9:cd:e4:8f:f2:6c:13:fe:78:67:74:
aa:8a:e4:1e:91:9f:d3:c7:8b:b5:57:44:9a:d0:6c:
ad:fe:28:75:28:77:46:98:71:ec:ac:ba:49:29:00:
46:dc:3a:d8:e4:0b:b7:0a:75:97:de:4d:6e:e9:da:
23:f0:1c:05:b1:8d:04:e0:9d:05:2a:fa:12:b3:d2:
f5:e3:db:d5:1f:74:f9:50:d6:9e:23:99:bb:1f:ea:
c9:f6:73:1a:5b:7d:75:52:3a:c3:9c:d5:de:d4:9e:
0c:57:ca:45:42:b4:5c:f3:d2:b9:0c:32:5e:e8:0e:
91:37:36:46:d6:28:b9:5b:dd:20:98:da:fd:0d:20:
ec:f9:57:29:01:14:57:7d:89:44:c9:06:67:77:da:
17:c9:d5:e0:8e:0d:e2:63:a6:dd:f0:cc:20:50:85:
af:ed:19:fe:81:4d:83:8c:ae:84:8e:0a:78:c8:79:
d6:39:d3:41:83:37:fa:a0:ee:08:70:fd:88:f3:79:
fa:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:18:9F:02:4B:29:BF:38:5E:65:EF:7E:CB:E8:1A:D1:C9:7E:16:1A
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/yBifAkspvzheZe9-y-ga0cl-Fho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.122.0/24
46.37.126.0/24
Signature Algorithm: sha256WithRSAEncryption
92:ed:05:db:06:2b:77:4a:49:f5:65:37:be:8e:fa:59:00:ec:
6b:9d:cc:ea:df:0d:85:bd:ab:d7:5e:ec:3a:09:80:da:3b:51:
c6:51:d2:08:5c:d4:e9:39:2e:02:7e:2d:ad:ab:ce:76:2b:35:
93:f5:af:36:95:71:27:b0:d9:71:7b:61:7a:a9:7f:71:fb:f2:
b6:0d:84:18:e7:cf:7b:c2:ed:4f:de:0f:be:e7:f3:0b:eb:47:
b9:15:1f:3c:75:03:29:7d:e1:58:31:a2:2d:51:19:7a:95:a5:
ad:15:b8:1b:57:7a:bb:46:73:b9:e1:2c:d4:9d:e7:b2:ec:28:
50:a9:22:a2:b6:60:8f:9e:d6:a1:4a:b7:7e:37:f0:5c:71:81:
6e:7c:f9:00:28:bc:96:70:38:8a:d3:4b:2d:1a:70:e7:47:21:
56:d9:63:4b:5a:16:4f:be:16:02:9c:c0:0f:d0:5e:65:d5:4e:
f6:bf:86:b5:eb:af:59:4f:11:31:9b:54:ef:54:11:e5:f7:58:
f4:a6:de:d6:66:a6:c6:35:1b:1a:12:25:0a:cd:46:7b:2f:bb:
a7:28:13:37:25:d6:67:a7:fc:18:98:de:73:e2:67:17:52:07:
14:84:5c:db:59:d7:37:e4:d5:d7:db:5b:ac:c0:83:84:c9:b7:
f2:06:c1:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZG3ZWrhILzXQM+qU3Pbh5mdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwOTAzMTAxOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODE4OWYwMjRiMjliZjM4NWU2NWVmN2VjYmU4MWFkMWM5N2UxNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4pEt+c/hSzOjxWiIB4+cJ2kEVcH
CHbju8P/44h3eAQiCSuBGmRcMPUyL3udZ+BB+9IZHiMIpRgxdBipbloa6c3kj/Js
E/54Z3SqiuQekZ/Tx4u1V0Sa0Gyt/ih1KHdGmHHsrLpJKQBG3DrY5Au3CnWX3k1u
6doj8BwFsY0E4J0FKvoSs9L149vVH3T5UNaeI5m7H+rJ9nMaW311UjrDnNXe1J4M
V8pFQrRc89K5DDJe6A6RNzZG1ii5W90gmNr9DSDs+VcpARRXfYlEyQZnd9oXydXg
jg3iY6bd8MwgUIWv7Rn+gU2DjK6Ejgp4yHnWOdNBgzf6oO4IcP2I83n6SQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMgYnwJLKb84XmXvfsvoGtHJfhYaMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEveUJpZkFrc3B2emhlWmU5LXktZ2EwY2wtRmhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiV6AwQA
LiV+MA0GCSqGSIb3DQEBCwUAA4IBAQCS7QXbBit3Skn1ZTe+jvpZAOxrnczq3w2F
vavXXuw6CYDaO1HGUdIIXNTpOS4Cfi2tq852KzWT9a82lXEnsNlxe2F6qX9x+/K2
DYQY5897wu1P3g++5/ML60e5FR88dQMpfeFYMaItURl6laWtFbgbV3q7RnO54SzU
neey7ChQqSKitmCPntahSrd+N/BccYFufPkAKLyWcDiK00stGnDnRyFW2WNLWhZP
vhYCnMAP0F5l1U72v4a1669ZTxExm1TvVBHl91j0pt7WZqbGNRsaEiUKzUZ7L7un
KBM3JdZnp/wYmN5z4mcXUgcUhFzbWdc35NXX21uswIOEybfyBsFL
-----END CERTIFICATE-----
Generated at Fri Oct 4 18:58:46 2024 by rpki-client on console-fra.rpki-client.org