Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/WDGEckzxkzltVfFsmXZkHS-ogLQ.roa
File: WDGEckzxkzltVfFsmXZkHS-ogLQ.roa (raw, json)
Hash identifier: +F2r1+xUWcFflE2MbWBKA3irA1qm536TR+acgBfwAUo=
Subject key identifier: 58:31:84:72:4C:F1:93:39:6D:55:F1:6C:99:76:64:1D:2F:A8:80:B4
Certificate issuer: /CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Certificate serial: 018D7596D8A0F406B3E8EC1B1050D71B9FA6
Authority key identifier: B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/WDGEckzxkzltVfFsmXZkHS-ogLQ.roa
Signing time: Sun 04 Feb 2024 19:27:16 +0000
ROA not before: Sun 04 Feb 2024 19:27:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216145
IP address blocks: 46.253.6.0/24 maxlen: 24
46.253.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 20:52:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:75:96:d8:a0:f4:06:b3:e8:ec:1b:10:50:d7:1b:9f:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Validity
Not Before: Feb 4 19:27:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=583184724cf193396d55f16c9976641d2fa880b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f1:34:6c:f9:94:69:bb:1c:fe:00:71:8f:50:
25:9f:57:ce:91:6d:dc:48:b9:2b:53:0a:65:a1:35:
fb:89:e6:6c:15:5e:f4:e8:6f:59:8f:85:7f:a8:80:
c1:ef:4e:e5:30:af:d0:e3:e4:07:01:97:9f:e5:2e:
cf:4d:b4:77:ce:be:e0:8c:98:bc:2d:3b:a9:1b:b7:
3b:da:7a:a2:f0:11:89:06:6e:2e:c4:8b:13:22:fc:
af:fa:a2:02:09:a6:92:bd:93:5c:ee:ab:60:4c:01:
58:77:44:e1:d4:a9:c7:d5:3a:ca:d9:73:13:81:8c:
c2:27:d3:ba:ca:d2:1b:61:f0:e7:6b:7b:54:62:2f:
5d:10:3e:2a:b0:f5:33:9b:a6:53:40:e1:5b:f6:63:
3b:2f:66:99:c3:de:b1:e0:cb:83:48:5b:5b:b7:6a:
2e:35:ac:73:98:77:de:a2:9d:da:de:dd:fe:4b:80:
94:5b:0d:d7:b1:a2:a0:59:12:c8:ff:5b:da:c3:6b:
91:0e:1e:40:35:a1:5c:c4:51:07:e8:fd:97:a0:d9:
74:c3:51:22:fa:62:ae:bb:3a:6c:f8:b5:2b:28:7d:
9d:14:b1:5f:5c:4c:52:96:b6:c5:32:2e:cc:bf:9e:
a2:d5:56:50:12:20:fa:66:55:64:cc:3f:b6:ec:65:
ad:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:31:84:72:4C:F1:93:39:6D:55:F1:6C:99:76:64:1D:2F:A8:80:B4
X509v3 Authority Key Identifier:
keyid:B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/WDGEckzxkzltVfFsmXZkHS-ogLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.6.0/23
Signature Algorithm: sha256WithRSAEncryption
16:23:c7:93:73:08:fc:8c:d4:64:2a:a5:8b:1c:21:08:20:93:
d4:5c:3e:2f:cd:c7:cf:96:5b:bd:9d:4c:11:49:f0:11:f3:80:
93:cc:27:9c:5d:b4:ba:2c:d7:9f:12:8e:7d:4f:67:b0:fa:a6:
1e:6c:77:c9:53:b1:9a:6e:2d:77:cc:61:a4:54:a9:84:27:d7:
60:d9:70:2e:a9:37:4b:a9:54:80:86:c5:20:33:02:e2:be:0e:
c0:b6:a1:c5:77:33:60:8e:1a:16:5c:e4:e2:f9:87:aa:ef:30:
15:ab:bc:27:58:f5:8f:c9:2c:7d:ef:35:8e:54:1b:9a:41:71:
c2:85:28:dc:75:eb:61:55:99:13:11:94:41:bd:d4:aa:e9:bf:
06:93:9e:e9:ec:f3:c8:75:c2:54:68:e6:07:c4:4b:07:2e:95:
28:f7:1a:0b:bf:8d:69:46:fc:64:e5:86:0b:06:0c:3b:1d:c4:
fd:8b:ae:7d:f5:fe:3d:65:81:f3:19:4c:59:b4:f3:c5:f5:ed:
4e:09:ea:3a:9c:5f:d6:26:7f:4b:63:50:e8:f4:a0:3b:18:3f:
e0:83:79:69:60:7a:c1:4b:08:7c:82:5b:5a:f3:b3:b2:ee:62:
60:15:88:6c:d4:12:32:5f:3a:5c:fe:c7:83:95:8c:63:ab:01:
40:0d:20:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY11ltig9Aaz6OwbEFDXG5+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmQ0Y2VjNzgzMzA1OTIzZTM0OTdlZDg4NGYxYzQ0NWI0
ZTc4ZmIwHhcNMjQwMjA0MTkyNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODMxODQ3MjRjZjE5MzM5NmQ1NWYxNmM5OTc2NjQxZDJmYTg4MGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofE0bPmUabsc/gBxj1Aln1fOkW3c
SLkrUwploTX7ieZsFV706G9Zj4V/qIDB707lMK/Q4+QHAZef5S7PTbR3zr7gjJi8
LTupG7c72nqi8BGJBm4uxIsTIvyv+qICCaaSvZNc7qtgTAFYd0Th1KnH1TrK2XMT
gYzCJ9O6ytIbYfDna3tUYi9dED4qsPUzm6ZTQOFb9mM7L2aZw96x4MuDSFtbt2ou
NaxzmHfeop3a3t3+S4CUWw3XsaKgWRLI/1vaw2uRDh5ANaFcxFEH6P2XoNl0w1Ei
+mKuuzps+LUrKH2dFLFfXExSlrbFMi7Mv56i1VZQEiD6ZlVkzD+27GWtOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFgxhHJM8ZM5bVXxbJl2ZB0vqIC0MB8GA1UdIwQY
MBaAFLYtTOx4MwWSPjSX7YhPHERbTnj7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTIt
ZDMyZTI3ZmI3ZTU5LzEvV0RHRWNrenhremx0VmZGc21YWmtIUy1vZ0xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTItZDMyZTI3ZmI3ZTU5
LzEvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLv0GMA0G
CSqGSIb3DQEBCwUAA4IBAQAWI8eTcwj8jNRkKqWLHCEIIJPUXD4vzcfPllu9nUwR
SfAR84CTzCecXbS6LNefEo59T2ew+qYebHfJU7Gabi13zGGkVKmEJ9dg2XAuqTdL
qVSAhsUgMwLivg7AtqHFdzNgjhoWXOTi+Yeq7zAVq7wnWPWPySx97zWOVBuaQXHC
hSjcdethVZkTEZRBvdSq6b8Gk57p7PPIdcJUaOYHxEsHLpUo9xoLv41pRvxk5YYL
Bgw7HcT9i6599f49ZYHzGUxZtPPF9e1OCeo6nF/WJn9LY1Do9KA7GD/gg3lpYHrB
Swh8glta87Oy7mJgFYhs1BIyXzpc/seDlYxjqwFADSAh
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:58:47 2025 by rpki-client