Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/WX8pNewY55gGJytRF3THnrMEKZA.roa
File: WX8pNewY55gGJytRF3THnrMEKZA.roa (raw, json)
Hash identifier: rp0ODZCUuetI6z0CFzE+CRkRx33KNsIe3M8LVcrNLf4=
Subject key identifier: 59:7F:29:35:EC:18:E7:98:06:27:2B:51:17:74:C7:9E:B3:04:29:90
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 018B620CEDFBDAF270CE6812BBEB5FF27A58
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/WX8pNewY55gGJytRF3THnrMEKZA.roa
Signing time: Tue 24 Oct 2023 14:18:16 +0000
ROA not before: Tue 24 Oct 2023 14:18:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Oct 2023 17:23:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:62:0c:ed:fb:da:f2:70:ce:68:12:bb:eb:5f:f2:7a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Oct 24 14:18:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=597f2935ec18e79806272b511774c79eb3042990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9b:86:fd:1c:4c:bc:c1:36:62:69:c5:88:21:
45:cb:6d:1f:14:14:17:a8:f6:17:4e:6a:81:97:4f:
c3:1f:3b:d2:08:db:36:6c:13:81:cc:83:45:d8:cb:
ef:a1:96:8a:93:49:ac:95:e9:b9:d5:f6:9f:80:ca:
26:b2:a3:0d:76:21:43:0c:42:99:1a:d0:11:42:33:
b6:d5:9a:3c:26:b5:f9:bf:64:eb:a1:51:78:d1:d5:
ce:ef:96:f9:0a:88:5e:13:70:e7:ff:28:10:f9:55:
01:48:b5:eb:5d:31:14:96:44:d0:12:5f:49:60:d8:
e7:cd:8b:d0:10:b8:6c:67:a1:22:fe:14:22:ee:76:
63:45:27:89:0c:87:89:2f:84:3f:2c:e4:86:ca:75:
ce:17:d0:0a:9c:b5:0e:11:18:64:af:b3:26:ac:3a:
1f:58:b0:61:ec:8b:0a:64:ab:3f:bf:28:55:19:80:
d0:32:f6:76:04:f6:18:bc:8c:97:b3:30:9a:ec:01:
06:b7:4f:b0:8b:6c:d1:2f:d7:22:55:40:a4:70:52:
bb:d1:75:2d:0d:23:eb:d4:2c:e9:6e:fd:93:14:0c:
83:83:88:f2:b8:1d:22:f4:14:51:d0:48:4f:39:c8:
64:87:00:2c:97:63:a2:7c:93:9f:6d:ac:e1:9f:eb:
a4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:7F:29:35:EC:18:E7:98:06:27:2B:51:17:74:C7:9E:B3:04:29:90
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/WX8pNewY55gGJytRF3THnrMEKZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
16:66:9a:82:61:9b:c1:0a:b4:39:75:7f:15:dd:d1:eb:6e:dd:
59:61:82:ed:f8:5e:60:45:d7:ea:01:07:89:78:48:9f:f7:15:
d3:bf:cd:52:f8:72:de:f8:4e:e6:7f:bc:b2:4f:10:a3:9c:9b:
ad:67:4e:cf:8f:3b:e9:41:b7:ea:ed:33:19:98:f4:cb:4f:28:
74:96:ff:1b:88:f1:cd:74:91:8f:4f:48:1b:d2:d2:88:bf:8c:
64:c3:78:e2:8b:55:0b:cc:d6:99:57:60:29:93:f1:7a:b3:64:
87:cf:9f:ca:bd:b3:61:0a:7e:25:9d:90:f8:b7:d5:c3:6d:e3:
36:28:c7:10:03:ec:7b:c5:1b:ac:c1:de:90:dd:bc:43:fa:e7:
76:de:88:24:a4:9e:47:af:5c:83:92:85:e1:8e:71:75:c1:a6:
71:ae:29:e1:78:05:6a:2b:24:25:b7:1f:4d:0a:d2:28:be:06:
f7:9a:f7:32:b0:fe:e6:a6:29:cf:ea:af:1e:4d:32:68:e6:71:
51:0b:e3:c4:78:6a:7d:03:e3:bc:93:5d:6e:54:5e:0f:fc:26:
1a:bd:03:81:c4:d6:93:f1:58:c8:ab:b2:b0:db:07:ac:7f:2f:
34:17:d2:72:34:b0:ae:7a:fe:7b:3e:3a:09:08:e4:b6:03:dd:
d5:ec:ce:76
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYtiDO372vJwzmgSu+tf8npYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMxMDI0MTQxODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTdmMjkzNWVjMThlNzk4MDYyNzJiNTExNzc0Yzc5ZWIzMDQyOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJuG/RxMvME2YmnFiCFFy20fFBQX
qPYXTmqBl0/DHzvSCNs2bBOBzINF2MvvoZaKk0mslem51fafgMomsqMNdiFDDEKZ
GtARQjO21Zo8JrX5v2TroVF40dXO75b5CoheE3Dn/ygQ+VUBSLXrXTEUlkTQEl9J
YNjnzYvQELhsZ6Ei/hQi7nZjRSeJDIeJL4Q/LOSGynXOF9AKnLUOERhkr7MmrDof
WLBh7IsKZKs/vyhVGYDQMvZ2BPYYvIyXszCa7AEGt0+wi2zRL9ciVUCkcFK70XUt
DSPr1Czpbv2TFAyDg4jyuB0i9BRR0EhPOchkhwAsl2OifJOfbazhn+ukXQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFl/KTXsGOeYBicrURd0x56zBCmQMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvV1g4cE5ld1k1NWdHSnl0UkYzVEhuck1FS1pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBABZmmoJhm8EKtDl1
fxXd0etu3Vlhgu34XmBF1+oBB4l4SJ/3FdO/zVL4ct74TuZ/vLJPEKOcm61nTs+P
O+lBt+rtMxmY9MtPKHSW/xuI8c10kY9PSBvS0oi/jGTDeOKLVQvM1plXYCmT8Xqz
ZIfPn8q9s2EKfiWdkPi31cNt4zYoxxAD7HvFG6zB3pDdvEP653beiCSknkevXIOS
heGOcXXBpnGuKeF4BWorJCW3H00K0ii+Bvea9zKw/uamKc/qrx5NMmjmcVEL48R4
an0D47yTXW5UXg/8Jhq9A4HE1pPxWMirsrDbB6x/LzQX0nI0sK56/ns+OgkI5LYD
3dXsznY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org