Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/WKZNhZK-TjxLrYP2nyE0xRzmlOk.roa
File: WKZNhZK-TjxLrYP2nyE0xRzmlOk.roa (raw, json)
Hash identifier: eLnGB6pTFfsgvPbzD0wlyEFKlXoZF/cMPZ4OGlZG0is=
Subject key identifier: 58:A6:4D:85:92:BE:4E:3C:4B:AD:83:F6:9F:21:34:C5:1C:E6:94:E9
Certificate issuer: /CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Certificate serial: 019102D340BF3EC844C6E805125222E04E48
Authority key identifier: E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/WKZNhZK-TjxLrYP2nyE0xRzmlOk.roa
Signing time: Tue 30 Jul 2024 08:48:04 +0000
ROA not before: Tue 30 Jul 2024 08:48:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48789
IP address blocks: 46.238.212.0/22 maxlen: 22
46.238.228.0/22 maxlen: 22
46.238.240.0/21 maxlen: 21
46.238.248.0/23 maxlen: 23
89.191.154.0/24 maxlen: 24
94.141.135.0/24 maxlen: 24
94.141.152.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 07 Aug 2024 19:58:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:02:d3:40:bf:3e:c8:44:c6:e8:05:12:52:22:e0:4e:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Validity
Not Before: Jul 30 08:48:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58a64d8592be4e3c4bad83f69f2134c51ce694e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7a:7e:fc:e5:ea:e6:d9:73:7d:f7:cf:08:df:
8c:a6:36:c8:9a:2b:de:55:51:db:bc:c0:a6:b2:27:
1e:01:31:21:1a:d5:85:4a:64:86:9b:1b:15:14:92:
50:94:43:c5:3b:a7:9f:c8:ff:a4:d8:0d:16:20:68:
0d:26:82:13:5f:8e:b7:12:e6:0f:48:7f:77:32:97:
a9:e9:70:09:85:a3:93:d7:84:b0:68:f9:e5:70:3a:
d7:e2:10:2f:be:73:31:33:24:c5:0d:f3:e2:53:89:
51:00:85:43:a7:60:da:17:f4:1c:6a:6e:50:41:e3:
dc:4b:05:19:b2:0e:4e:56:6f:e9:40:cd:c2:b4:5d:
ce:c1:bc:9c:ae:b1:55:e9:05:70:e6:fa:a3:0a:19:
ef:bd:4d:a8:ec:fb:ad:d3:2f:c6:37:39:4c:6b:da:
05:f9:da:7b:c4:22:7c:c1:0b:2e:06:21:e1:77:6b:
19:00:cb:44:b0:8a:b8:86:fa:8e:a9:99:d5:30:19:
30:14:74:4f:fc:1e:ab:50:31:0a:cd:92:0c:43:d5:
9c:2c:71:29:1d:20:6d:1a:12:3d:ea:c1:a0:fe:f0:
ab:dd:bd:7f:26:4d:ea:ff:ce:c2:39:b8:30:c1:35:
9e:96:12:14:4d:92:ee:c9:26:67:27:46:ce:1c:df:
3a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:A6:4D:85:92:BE:4E:3C:4B:AD:83:F6:9F:21:34:C5:1C:E6:94:E9
X509v3 Authority Key Identifier:
keyid:E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/WKZNhZK-TjxLrYP2nyE0xRzmlOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/4uj1a8H1AQKRaBvC2MAvmsv3FKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.238.212.0/22
46.238.228.0/22
46.238.240.0-46.238.249.255
89.191.154.0/24
94.141.135.0/24
94.141.152.0/23
Signature Algorithm: sha256WithRSAEncryption
10:c3:cd:1b:40:ce:1f:29:f4:58:ec:57:fe:fc:29:44:b8:9e:
3d:3f:02:2c:7c:94:7d:38:26:ad:49:85:47:cb:94:f0:79:d7:
86:a0:8f:54:a3:84:95:4a:35:d6:74:86:22:d1:5a:90:f5:51:
c7:c7:99:24:f4:aa:8b:05:4b:ed:cf:db:5f:0c:b3:f9:1b:fb:
29:1e:f3:d3:c6:38:ce:4e:0d:c9:3e:00:c6:75:78:09:ba:bf:
ee:dd:7d:ed:b2:e0:d1:f5:64:97:6b:c1:98:dd:94:6c:2d:13:
7a:6c:d4:10:2a:0e:4a:63:03:7e:39:03:1b:dd:03:56:15:56:
a0:f3:24:b5:62:2c:66:37:2f:03:3d:ed:a4:44:fc:09:41:85:
42:b3:5d:f2:dc:ec:26:79:44:a4:49:f4:8f:6e:18:a1:ab:5b:
a5:2a:e2:00:61:be:e5:47:ba:9c:10:b7:b8:90:6c:9b:29:1d:
87:31:92:69:1d:cc:04:6b:5e:78:1f:fc:e3:db:6f:5b:a1:44:
ad:9a:21:32:b0:01:9f:67:58:4c:f4:4f:be:fc:e1:3d:09:5a:
b8:c0:3a:f6:f8:3a:fd:44:5f:68:61:24:46:18:72:99:e7:19:
97:42:f9:02:62:3f:b0:93:7f:14:e5:5b:ee:bb:5e:d1:c7:0c:
a8:0d:87:c0
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZEC00C/PshExugFElIi4E5IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZThmNTZiYzFmNTAxMDI5MTY4MWJjMmQ4YzAyZjlhY2Jm
NzE0YTAwHhcNMjQwNzMwMDg0ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGE2NGQ4NTkyYmU0ZTNjNGJhZDgzZjY5ZjIxMzRjNTFjZTY5NGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHp+/OXq5tlzfffPCN+MpjbImive
VVHbvMCmsiceATEhGtWFSmSGmxsVFJJQlEPFO6efyP+k2A0WIGgNJoITX463EuYP
SH93Mpep6XAJhaOT14SwaPnlcDrX4hAvvnMxMyTFDfPiU4lRAIVDp2DaF/Qcam5Q
QePcSwUZsg5OVm/pQM3CtF3OwbycrrFV6QVw5vqjChnvvU2o7Put0y/GNzlMa9oF
+dp7xCJ8wQsuBiHhd2sZAMtEsIq4hvqOqZnVMBkwFHRP/B6rUDEKzZIMQ9WcLHEp
HSBtGhI96sGg/vCr3b1/Jk3q/87CObgwwTWelhIUTZLuySZnJ0bOHN86nwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFimTYWSvk48S62D9p8hNMUc5pTpMB8GA1UdIwQY
MBaAFOLo9WvB9QECkWgbwtjAL5rL9xSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTct
NDQ3ZWRjNGY5YWY2LzEvV0taTmhaSy1UanhMcllQMm55RTB4UnptbE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTctNDQ3ZWRjNGY5YWY2
LzEvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCLu7UAwQC
Lu7kMAwDBAQu7vADBAEu7vgDBABZv5oDBABejYcDBAFejZgwDQYJKoZIhvcNAQEL
BQADggEBABDDzRtAzh8p9FjsV/78KUS4nj0/Aix8lH04Jq1JhUfLlPB514agj1Sj
hJVKNdZ0hiLRWpD1UcfHmST0qosFS+3P218Ms/kb+yke89PGOM5ODck+AMZ1eAm6
v+7dfe2y4NH1ZJdrwZjdlGwtE3ps1BAqDkpjA345AxvdA1YVVqDzJLViLGY3LwM9
7aRE/AlBhUKzXfLc7CZ5RKRJ9I9uGKGrW6Uq4gBhvuVHupwQt7iQbJspHYcxkmkd
zARrXngf/OPbb1uhRK2aITKwAZ9nWEz0T7784T0JWrjAOvb4Ov1EX2hhJEYYcpnn
GZdC+QJiP7CTfxTlW+67XtHHDKgNh8A=
-----END CERTIFICATE-----
Generated at Wed Aug 7 22:21:34 2024 by rpki-client on console-ams.rpki-client.org