Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/WGtRH_Z3wN7WtmYr3omGw5bfrhw.roa
File: WGtRH_Z3wN7WtmYr3omGw5bfrhw.roa (raw, json)
Hash identifier: aAcOWAzumd+xguaHcb9NUgYcX4iCAQycjLasehrqZB0=
Subject key identifier: 58:6B:51:1F:F6:77:C0:DE:D6:B6:66:2B:DE:89:86:C3:96:DF:AE:1C
Certificate issuer: /CN=2d2f9339fbb8cb33c522751c530f3a20a753547c
Certificate serial: 0193088C6F6E2E1BC9DB6AEA233FA632484E
Authority key identifier: 2D:2F:93:39:FB:B8:CB:33:C5:22:75:1C:53:0F:3A:20:A7:53:54:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/WGtRH_Z3wN7WtmYr3omGw5bfrhw.roa
Signing time: Thu 07 Nov 2024 21:34:01 +0000
ROA not before: Thu 07 Nov 2024 21:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209671
IP address blocks: 46.174.140.0/22 maxlen: 24
185.104.208.0/22 maxlen: 24
2a06:3340::/32 maxlen: 32
2a09:de80::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:08:8c:6f:6e:2e:1b:c9:db:6a:ea:23:3f:a6:32:48:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d2f9339fbb8cb33c522751c530f3a20a753547c
Validity
Not Before: Nov 7 21:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=586b511ff677c0ded6b6662bde8986c396dfae1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7d:6a:67:a9:39:bc:00:46:1c:25:37:92:15:
80:0c:cf:66:06:08:46:c9:19:cd:4f:29:82:8f:96:
4c:f5:b2:74:8b:75:5d:9a:69:b9:b8:8b:86:01:1f:
cd:da:88:20:1a:43:05:de:f1:9b:b1:2c:b1:5c:60:
76:d7:9a:e2:af:85:6f:2f:3e:fd:dd:76:cb:fb:a5:
0a:df:61:26:36:af:fa:9f:7e:48:3f:26:19:11:51:
f6:af:c6:a9:77:0b:18:dd:a8:c1:94:78:e8:a8:a3:
6d:89:39:c4:c1:9f:79:3f:94:ca:06:da:12:d0:e5:
a0:06:6b:a4:c4:16:9b:54:80:d9:60:76:b0:fb:48:
97:8f:6e:4e:02:52:a9:0f:0b:af:7e:96:f7:8f:e6:
f7:99:16:03:5f:aa:48:51:a0:dc:24:17:bc:43:ef:
1e:6f:79:c3:fc:e8:3d:2b:7c:b5:22:b4:7c:c1:8b:
92:ab:c0:c2:99:5f:42:76:5f:f4:5d:f6:1e:ab:6a:
88:5c:03:b6:9d:93:d0:ee:47:50:09:a4:8f:e6:e4:
8d:84:cb:4d:fe:a2:6c:64:8a:97:51:2b:9e:9a:34:
07:88:7d:98:af:8a:be:61:ba:f6:1d:92:02:02:ba:
bc:f2:39:32:1d:89:45:72:65:e4:01:02:ae:10:e0:
f7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:6B:51:1F:F6:77:C0:DE:D6:B6:66:2B:DE:89:86:C3:96:DF:AE:1C
X509v3 Authority Key Identifier:
keyid:2D:2F:93:39:FB:B8:CB:33:C5:22:75:1C:53:0F:3A:20:A7:53:54:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/WGtRH_Z3wN7WtmYr3omGw5bfrhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/LS-TOfu4yzPFInUcUw86IKdTVHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.140.0/22
185.104.208.0/22
IPv6:
2a06:3340::/32
2a09:de80::/32
Signature Algorithm: sha256WithRSAEncryption
64:26:74:7e:9b:6f:9e:7e:a9:96:84:d5:f7:d4:d7:71:76:b5:
25:cc:01:a4:d1:b1:5c:9f:91:54:9d:d7:14:7a:2b:f4:c6:76:
69:ed:ea:bf:06:01:57:6e:fe:ed:0a:ab:ee:ad:8c:6d:5b:99:
f9:d1:96:45:d3:14:5c:53:e3:ef:85:4d:84:9f:b6:93:75:09:
fd:97:e2:c2:cf:21:5c:ea:33:60:b7:c0:d4:39:b1:31:09:f8:
82:be:54:9d:26:f7:d6:d6:4c:36:f1:57:13:0e:1c:ac:16:19:
d7:45:5f:a7:c4:41:2d:98:2a:8e:3a:dd:22:af:28:a8:ce:71:
0f:9d:63:1b:47:36:37:c8:e7:f4:f4:42:93:fb:5b:3e:79:1a:
2d:06:96:7f:d2:5b:22:09:98:60:1b:6e:7c:b6:0e:72:7e:e7:
48:25:75:de:bc:61:55:77:eb:b1:4f:4e:30:6a:21:c7:e9:4f:
8c:c1:cb:bf:9a:a2:28:11:dd:9a:6e:81:b2:c0:2b:49:88:fb:
c1:0e:2a:5f:1a:40:a8:7e:be:71:98:74:ae:6f:08:b3:f8:25:
fc:8e:13:54:db:79:c0:b6:ce:84:1b:f3:fc:fe:8e:dc:a0:e0:
31:c3:f8:c6:2c:37:83:a3:89:d0:4c:bf:a8:1b:12:f7:42:eb:
79:e5:29:96
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZMIjG9uLhvJ22rqIz+mMkhOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMmY5MzM5ZmJiOGNiMzNjNTIyNzUxYzUzMGYzYTIwYTc1
MzU0N2MwHhcNMjQxMTA3MjEzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODZiNTExZmY2NzdjMGRlZDZiNjY2MmJkZTg5ODZjMzk2ZGZhZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAon1qZ6k5vABGHCU3khWADM9mBghG
yRnNTymCj5ZM9bJ0i3Vdmmm5uIuGAR/N2oggGkMF3vGbsSyxXGB215rir4VvLz79
3XbL+6UK32EmNq/6n35IPyYZEVH2r8apdwsY3ajBlHjoqKNtiTnEwZ95P5TKBtoS
0OWgBmukxBabVIDZYHaw+0iXj25OAlKpDwuvfpb3j+b3mRYDX6pIUaDcJBe8Q+8e
b3nD/Og9K3y1IrR8wYuSq8DCmV9Cdl/0XfYeq2qIXAO2nZPQ7kdQCaSP5uSNhMtN
/qJsZIqXUSuemjQHiH2Yr4q+Ybr2HZICArq88jkyHYlFcmXkAQKuEOD3KQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFhrUR/2d8De1rZmK96JhsOW364cMB8GA1UdIwQY
MBaAFC0vkzn7uMszxSJ1HFMPOiCnU1R8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFMtVE9mdTR5elBGSW5VY1V3ODZJS2RUVkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi85NWZhNjEtMTdmYi00ODkwLTk1OTgt
MWQzYTFlOWI3NTQ1LzEvV0d0UkhfWjN3TjdXdG1ZcjNvbUd3NWJmcmh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi85NWZhNjEtMTdmYi00ODkwLTk1OTgtMWQzYTFlOWI3NTQ1
LzEvTFMtVE9mdTR5elBGSW5VY1V3ODZJS2RUVkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLq6MAwQC
uWjQMBQEAgACMA4DBQAqBjNAAwUAKgnegDANBgkqhkiG9w0BAQsFAAOCAQEAZCZ0
fptvnn6ploTV99TXcXa1JcwBpNGxXJ+RVJ3XFHor9MZ2ae3qvwYBV27+7Qqr7q2M
bVuZ+dGWRdMUXFPj74VNhJ+2k3UJ/Zfiws8hXOozYLfA1DmxMQn4gr5UnSb31tZM
NvFXEw4crBYZ10Vfp8RBLZgqjjrdIq8oqM5xD51jG0c2N8jn9PRCk/tbPnkaLQaW
f9JbIgmYYBtufLYOcn7nSCV13rxhVXfrsU9OMGohx+lPjMHLv5qiKBHdmm6BssAr
SYj7wQ4qXxpAqH6+cZh0rm8Is/gl/I4TVNt5wLbOhBvz/P6O3KDgMcP4xiw3g6OJ
0Ey/qBsS90LreeUplg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:27 2025 by rpki-client