Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/wam8H4P4zrO35KBNUpf49fYHYfQ.roa
File: wam8H4P4zrO35KBNUpf49fYHYfQ.roa (raw, json)
Hash identifier: 0OQSaacuAKUDQrA8TELqenFmP54VbhhCYnj0m/4hiTM=
Subject key identifier: C1:A9:BC:1F:83:F8:CE:B3:B7:E4:A0:4D:52:97:F8:F5:F6:07:61:F4
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018571556EE4CD5121609C1E23171829C3E8
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/wam8H4P4zrO35KBNUpf49fYHYfQ.roa
Signing time: Mon 02 Jan 2023 07:15:02 +0000
ROA not before: Mon 02 Jan 2023 07:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 158.46.149.0/24 maxlen: 24
158.46.148.0/24 maxlen: 24
178.171.70.0/24 maxlen: 24
178.171.69.0/24 maxlen: 24
158.46.177.0/24 maxlen: 24
178.171.88.0/23 maxlen: 23
178.171.20.0/22 maxlen: 24
178.171.32.0/22 maxlen: 22
178.171.36.0/24 maxlen: 24
178.171.37.0/24 maxlen: 24
158.46.251.0/24 maxlen: 24
158.46.250.0/24 maxlen: 24
158.46.188.0/22 maxlen: 24
178.171.104.0/24 maxlen: 24
178.171.101.0/24 maxlen: 24
178.171.100.0/24 maxlen: 24
158.46.200.0/21 maxlen: 21
178.171.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Feb 2023 15:45:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:6e:e4:cd:51:21:60:9c:1e:23:17:18:29:c3:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 2 07:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1a9bc1f83f8ceb3b7e4a04d5297f8f5f60761f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:41:3a:e3:c2:88:c9:83:79:9c:0f:c7:69:38:
16:7b:24:8a:9d:49:2b:13:86:6b:9f:e1:5c:94:bb:
05:af:04:a1:11:27:57:60:d9:54:12:05:c7:5f:67:
47:3a:c3:65:4c:25:0a:85:dc:d2:d4:c4:87:96:4f:
e1:bc:d6:6f:5a:4e:25:a7:84:67:8a:f7:34:df:bc:
d0:b2:ea:8c:ed:75:64:f7:a7:ff:6f:50:03:de:5c:
1c:9c:70:5a:38:21:c4:b7:c9:79:1f:83:43:af:3a:
a8:be:2e:92:5d:5a:5c:8c:7c:10:20:85:d8:53:f6:
92:75:2f:c4:5a:db:48:ca:ca:9c:35:60:c5:e0:00:
7e:ba:14:a1:42:ce:00:6a:d7:a6:a9:cf:0e:6d:fa:
b6:ff:56:70:2a:f9:0c:91:fd:d6:2e:c1:75:6f:f9:
60:ab:e7:01:3f:65:0a:78:3b:fc:8e:58:de:2b:4a:
93:30:5f:ba:e5:e8:a4:29:80:91:35:1d:87:42:95:
74:4a:fd:5d:3c:9f:87:c3:71:94:46:6a:6f:01:88:
16:1b:e7:ba:0d:f3:6c:ab:35:67:cd:30:0c:60:e3:
a6:95:7d:bf:55:61:6c:e6:2a:6d:12:fc:74:5c:bf:
98:d7:25:66:09:9c:9c:48:ba:02:43:5c:2c:ff:ca:
28:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:A9:BC:1F:83:F8:CE:B3:B7:E4:A0:4D:52:97:F8:F5:F6:07:61:F4
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/wam8H4P4zrO35KBNUpf49fYHYfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.148.0/23
158.46.177.0/24
158.46.188.0/22
158.46.200.0/21
158.46.250.0/23
178.171.20.0/22
178.171.32.0-178.171.37.255
178.171.69.0-178.171.70.255
178.171.88.0/23
178.171.100.0/23
178.171.104.0/24
178.171.119.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:bc:37:30:09:97:0d:6e:ab:84:11:e6:f7:43:64:0b:82:36:
75:16:d9:22:a6:18:fb:1d:2f:a3:7c:86:8b:1b:5f:10:e5:ff:
9b:fe:df:01:cf:4b:4d:52:08:cd:85:0b:48:48:c3:e5:3f:d7:
cc:c7:fa:22:9f:1d:86:7c:70:ea:6a:e1:a0:48:25:02:09:5b:
51:33:1e:4c:21:81:ed:5c:2c:28:c8:9e:3f:6b:fc:99:78:70:
3a:44:da:1b:c8:9c:5a:69:45:fb:d7:42:66:04:58:50:c4:7c:
e2:e7:83:23:e4:32:e6:9f:e7:5f:28:02:59:5c:ea:ed:31:21:
e8:e0:ad:3c:11:96:be:3f:ff:5a:64:9c:84:18:0e:1d:d9:e8:
99:d1:eb:72:ed:f9:02:ff:5d:21:e2:b8:0f:47:74:26:2f:e8:
78:13:09:1b:10:ce:65:af:c3:75:25:ad:7b:53:e0:77:0f:54:
91:a4:fa:f0:c6:8e:b6:43:5b:f1:9e:c7:ae:f3:3b:6c:fe:45:
31:aa:9e:aa:91:e1:bb:19:2f:ff:52:b6:b1:63:a6:ea:b9:69:
60:7d:1e:57:9a:d1:b8:3f:c8:85:5a:4e:99:67:4e:12:35:39:
d4:17:46:83:ee:0d:ad:4a:0a:71:e1:7b:5f:d7:c1:17:87:f3:
29:f2:e9:1f
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYVxVW7kzVEhYJweIxcYKcPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwMTAyMDcxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWE5YmMxZjgzZjhjZWIzYjdlNGEwNGQ1Mjk3ZjhmNWY2MDc2MWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEE648KIyYN5nA/HaTgWeySKnUkr
E4Zrn+FclLsFrwShESdXYNlUEgXHX2dHOsNlTCUKhdzS1MSHlk/hvNZvWk4lp4Rn
ivc037zQsuqM7XVk96f/b1AD3lwcnHBaOCHEt8l5H4NDrzqovi6SXVpcjHwQIIXY
U/aSdS/EWttIysqcNWDF4AB+uhShQs4Aatemqc8Obfq2/1ZwKvkMkf3WLsF1b/lg
q+cBP2UKeDv8jljeK0qTMF+65eikKYCRNR2HQpV0Sv1dPJ+Hw3GURmpvAYgWG+e6
DfNsqzVnzTAMYOOmlX2/VWFs5iptEvx0XL+Y1yVmCZycSLoCQ1ws/8ooOwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFMGpvB+D+M6zt+SgTVKX+PX2B2H0MB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvd2FtOEg0UDR6ck8zNUtCTlVwZjQ5ZllIWWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQBni6UAwQA
ni6xAwQCni68AwQDni7IAwQBni76AwQCsqsUMAwDBAWyqyADBAGyqyQwDAMEALKr
RQMEALKrRgMEAbKrWAMEAbKrZAMEALKraAMEALKrdzANBgkqhkiG9w0BAQsFAAOC
AQEAL7w3MAmXDW6rhBHm90NkC4I2dRbZIqYY+x0vo3yGixtfEOX/m/7fAc9LTVII
zYULSEjD5T/XzMf6Ip8dhnxw6mrhoEglAglbUTMeTCGB7VwsKMieP2v8mXhwOkTa
G8icWmlF+9dCZgRYUMR84ueDI+Qy5p/nXygCWVzq7TEh6OCtPBGWvj//WmSchBgO
HdnomdHrcu35Av9dIeK4D0d0Ji/oeBMJGxDOZa/DdSWte1Pgdw9UkaT68MaOtkNb
8Z7HrvM7bP5FMaqeqpHhuxkv/1K2sWOm6rlpYH0eV5rRuD/IhVpOmWdOEjU51BdG
g+4NrUoKceF7X9fBF4fzKfLpHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:39 2024 by rpki-client on console-fra.rpki-client.org