Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/WXh2vl2piLzSz0UBrLeBpDjbF1U.roa
File: WXh2vl2piLzSz0UBrLeBpDjbF1U.roa (raw, json)
Hash identifier: VCdd42ZT4X13Twye0914YQERlAVxyWqFs6nEBTZ6pco=
Subject key identifier: 59:78:76:BE:5D:A9:88:BC:D2:CF:45:01:AC:B7:81:A4:38:DB:17:55
Certificate issuer: /CN=4c988b93ab7a2999a3255eeae4e18ab23b2e0f3e
Certificate serial: 01856C0A3CE1DC8A72211B25BB9B4E8FF75F
Authority key identifier: 4C:98:8B:93:AB:7A:29:99:A3:25:5E:EA:E4:E1:8A:B2:3B:2E:0F:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJiLk6t6KZmjJV7q5OGKsjsuDz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/WXh2vl2piLzSz0UBrLeBpDjbF1U.roa
Signing time: Sun 01 Jan 2023 06:34:48 +0000
ROA not before: Sun 01 Jan 2023 06:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42422
IP address blocks: 46.36.36.0/24 maxlen: 24
46.36.38.0/24 maxlen: 24
46.36.35.0/24 maxlen: 24
46.36.37.0/24 maxlen: 24
46.36.39.0/24 maxlen: 24
46.36.41.0/24 maxlen: 24
46.36.40.0/24 maxlen: 24
2a02:25b0:aaaa::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:3c:e1:dc:8a:72:21:1b:25:bb:9b:4e:8f:f7:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c988b93ab7a2999a3255eeae4e18ab23b2e0f3e
Validity
Not Before: Jan 1 06:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=597876be5da988bcd2cf4501acb781a438db1755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:df:25:ba:1c:51:9e:d8:04:93:35:fa:83:61:
f4:f1:f9:ab:e1:70:cd:2e:db:58:3a:0e:07:b5:58:
b4:4f:84:cf:bd:1c:d0:8c:f6:2f:a7:9c:8c:12:22:
02:f8:f9:65:b6:fb:85:01:ca:16:df:d8:bf:97:87:
11:8a:e2:6a:d6:94:b6:4b:3e:72:aa:95:8e:e9:2d:
64:5d:2f:72:aa:9a:18:f0:bc:15:89:d6:ee:2a:81:
99:a4:0d:3f:6e:3b:0c:26:77:d7:60:77:84:a4:58:
23:7b:8e:23:59:af:b3:37:db:2b:fc:a3:7a:43:7b:
96:f7:b5:5e:f6:fc:12:6f:11:15:f8:6d:e7:3e:b3:
66:7e:99:61:f7:d5:67:38:ea:47:1b:60:44:ae:a5:
d1:3b:7f:d5:24:3f:6c:01:a7:8a:cb:39:92:0b:75:
d8:01:82:11:55:15:92:47:f0:27:64:00:4d:15:5d:
d3:be:31:89:b8:49:e7:4b:44:85:cf:7c:34:3f:aa:
a8:5c:68:ab:cc:11:c8:19:72:05:a5:29:74:1d:6f:
48:bd:aa:d7:d1:5f:59:b9:33:b0:da:e2:77:f9:8d:
6c:73:80:8e:1e:7f:67:f4:42:2f:17:be:8d:fb:a8:
36:98:d3:0a:24:7f:42:b4:c5:43:88:a4:f3:9e:8f:
1b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:78:76:BE:5D:A9:88:BC:D2:CF:45:01:AC:B7:81:A4:38:DB:17:55
X509v3 Authority Key Identifier:
keyid:4C:98:8B:93:AB:7A:29:99:A3:25:5E:EA:E4:E1:8A:B2:3B:2E:0F:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJiLk6t6KZmjJV7q5OGKsjsuDz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/WXh2vl2piLzSz0UBrLeBpDjbF1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/TJiLk6t6KZmjJV7q5OGKsjsuDz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.35.0-46.36.41.255
IPv6:
2a02:25b0:aaaa::/48
Signature Algorithm: sha256WithRSAEncryption
47:cb:25:b0:5d:32:76:fa:4f:70:c0:c0:88:73:03:c0:92:a4:
de:84:29:33:82:b9:99:72:1b:8c:ae:14:65:e1:8b:d2:ec:2b:
cb:a1:89:6f:e0:98:c3:50:4f:c1:a6:ea:c9:f6:19:e7:08:8e:
a3:e3:26:ba:5e:be:88:4a:67:2e:bb:63:9a:d0:f0:4f:27:1c:
2f:6f:24:70:55:25:e8:97:6f:fc:cb:cf:09:bf:65:ac:e6:25:
72:b7:89:5c:6b:93:e8:5c:c6:d9:46:c0:11:06:45:36:17:13:
48:72:5d:cc:f2:75:29:75:5c:a0:6e:38:2c:66:b2:a6:2a:96:
71:3d:e0:29:88:fb:67:61:a1:59:a8:5b:a3:03:02:7e:58:20:
08:9a:4e:4c:d1:8c:36:ee:9d:3b:b9:13:1a:d4:62:a9:80:8f:
6c:07:59:c9:19:69:e4:87:7f:45:03:c5:01:69:95:cf:46:52:
7c:31:22:00:93:8a:12:ab:4b:8b:23:ad:03:71:5f:fb:4b:71:
2e:60:47:2f:b2:b6:06:35:06:48:ab:41:d9:fa:17:43:6e:53:
4a:01:6a:10:b5:7f:ac:1b:0d:c7:2d:5a:9c:8a:66:e0:f1:92:
5c:a6:28:22:7f:9b:0c:45:ed:ec:8a:f8:6f:e3:00:24:b3:19:
a3:2b:e2:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVsCjzh3IpyIRslu5tOj/dfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTg4YjkzYWI3YTI5OTlhMzI1NWVlYWU0ZTE4YWIyM2Iy
ZTBmM2UwHhcNMjMwMTAxMDYzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTc4NzZiZTVkYTk4OGJjZDJjZjQ1MDFhY2I3ODFhNDM4ZGIxNzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArd8luhxRntgEkzX6g2H08fmr4XDN
LttYOg4HtVi0T4TPvRzQjPYvp5yMEiIC+PlltvuFAcoW39i/l4cRiuJq1pS2Sz5y
qpWO6S1kXS9yqpoY8LwVidbuKoGZpA0/bjsMJnfXYHeEpFgje44jWa+zN9sr/KN6
Q3uW97Ve9vwSbxEV+G3nPrNmfplh99VnOOpHG2BErqXRO3/VJD9sAaeKyzmSC3XY
AYIRVRWSR/AnZABNFV3TvjGJuEnnS0SFz3w0P6qoXGirzBHIGXIFpSl0HW9IvarX
0V9ZuTOw2uJ3+Y1sc4COHn9n9EIvF76N+6g2mNMKJH9CtMVDiKTzno8bIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFl4dr5dqYi80s9FAay3gaQ42xdVMB8GA1UdIwQY
MBaAFEyYi5OreimZoyVe6uThirI7Lg8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEppTGs2dDZLWm1qSlY3cTVPR0tzanN1RHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80YzFmNTktMGMxMi00MTUzLWExNWMt
NzE1ZjljZDYzMDg2LzEvV1hoMnZsMnBpTHpTejBVQnJMZUJwRGpiRjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80YzFmNTktMGMxMi00MTUzLWExNWMtNzE1ZjljZDYzMDg2
LzEvVEppTGs2dDZLWm1qSlY3cTVPR0tzanN1RHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAAuJCMD
BAEuJCgwDwQCAAIwCQMHACoCJbCqqjANBgkqhkiG9w0BAQsFAAOCAQEAR8slsF0y
dvpPcMDAiHMDwJKk3oQpM4K5mXIbjK4UZeGL0uwry6GJb+CYw1BPwabqyfYZ5wiO
o+Mmul6+iEpnLrtjmtDwTyccL28kcFUl6Jdv/MvPCb9lrOYlcreJXGuT6FzG2UbA
EQZFNhcTSHJdzPJ1KXVcoG44LGaypiqWcT3gKYj7Z2GhWahbowMCflggCJpOTNGM
Nu6dO7kTGtRiqYCPbAdZyRlp5Id/RQPFAWmVz0ZSfDEiAJOKEqtLiyOtA3Ff+0tx
LmBHL7K2BjUGSKtB2foXQ25TSgFqELV/rBsNxy1anIpm4PGSXKYoIn+bDEXt7Ir4
b+MAJLMZoyvi7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org