Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/VyGvQgKZ85R7yw6-qVhAwv2POWU.roa
File: VyGvQgKZ85R7yw6-qVhAwv2POWU.roa (raw, json)
Hash identifier: fPUl2NJnOcwaSC0bEfnY3v2UXkbJGvYWNXozPCDPCPE=
Subject key identifier: 57:21:AF:42:02:99:F3:94:7B:CB:0E:BE:A9:58:40:C2:FD:8F:39:65
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01856B4A2901C49663FAC73666A9F81DA51D
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/VyGvQgKZ85R7yw6-qVhAwv2POWU.roa
Signing time: Sun 01 Jan 2023 03:05:00 +0000
ROA not before: Sun 01 Jan 2023 03:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49200
IP address blocks: 46.243.213.0/24 maxlen: 24
46.243.208.0/24 maxlen: 24
46.243.207.0/24 maxlen: 24
46.243.217.0/24 maxlen: 24
46.243.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:29:01:c4:96:63:fa:c7:36:66:a9:f8:1d:a5:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5721af420299f3947bcb0ebea95840c2fd8f3965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b5:3e:e0:14:79:d7:e1:80:19:f7:66:5a:c8:
fc:6e:55:23:6c:d7:c0:fc:79:da:fb:89:a0:8d:b4:
c6:af:b5:6a:8b:48:d3:7b:43:22:86:cd:52:bf:54:
41:57:97:70:8c:fc:fd:8a:f8:3f:0d:ed:8d:50:92:
65:fb:a7:99:20:8c:86:71:8b:e5:0e:b3:b5:29:b4:
55:06:b6:dd:a2:5e:65:fd:93:9c:6f:09:c1:4e:bb:
19:b2:24:92:dd:fb:42:23:fa:58:4c:06:38:7c:f7:
a1:9f:a3:ae:15:a7:f6:d5:53:c1:5e:65:e6:17:36:
cd:21:de:1e:cf:9c:8a:af:92:a6:3f:6a:a4:f5:68:
63:6f:dc:17:13:c0:62:e1:99:2e:e4:be:d7:42:46:
93:62:c5:e6:fd:7c:55:c0:07:12:52:2a:1f:23:bd:
22:fb:d0:34:43:2f:b9:ee:78:b8:b0:ac:21:ef:28:
6e:a2:1d:98:09:05:f0:ad:4f:7a:ae:52:03:18:e6:
d9:25:a1:c2:bb:6a:b3:de:b3:df:93:a2:4d:d1:b6:
e8:0d:80:5e:3b:d6:dc:f9:6e:56:4a:3e:8a:4d:b9:
5d:99:d3:5b:a1:29:e3:cc:e2:bf:28:c5:14:03:2a:
25:72:c6:ff:5b:4b:cd:d4:06:de:a3:73:21:32:02:
17:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:21:AF:42:02:99:F3:94:7B:CB:0E:BE:A9:58:40:C2:FD:8F:39:65
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/VyGvQgKZ85R7yw6-qVhAwv2POWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.207.0-46.243.208.255
46.243.213.0/24
46.243.216.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:05:ec:73:53:97:9d:df:3e:c8:07:f7:5f:19:eb:c3:62:c7:
65:45:25:4d:29:2c:6c:a4:f6:31:90:db:1f:ff:c4:f6:de:b6:
70:65:bb:1f:da:9d:dd:af:a1:71:e5:86:a1:24:ec:85:e8:d6:
df:84:54:a4:b3:63:ad:7b:e4:5a:88:5f:32:37:8e:1b:af:e4:
2e:93:7b:10:b6:82:56:04:c7:f8:c5:4e:b5:76:1a:5b:e2:20:
b5:82:65:6c:c7:0e:ae:94:1f:95:d1:a2:76:0d:11:e0:5b:3b:
98:26:b8:60:15:a6:96:52:55:55:85:02:24:c8:c1:0b:0a:11:
2a:56:76:f7:9d:d8:8a:53:67:ca:fc:c7:51:44:95:78:fe:68:
67:6e:ce:22:d4:09:60:7b:88:f0:1c:1f:0d:e2:06:22:39:b6:
82:e2:50:61:3e:9f:b6:02:46:e0:68:4d:5c:43:8b:e0:e6:ff:
71:1b:3f:2c:95:64:e3:ef:ed:73:42:27:bd:64:25:b4:cf:31:
af:88:3a:4c:9a:9e:1a:e0:3e:de:32:7e:6f:cb:ca:f3:bb:86:
01:14:7a:02:a9:d7:bd:33:59:e1:a2:5f:55:b6:93:2f:5b:1a:
e3:8a:15:25:f7:66:37:62:bf:98:3a:1f:78:01:53:90:27:e7:
d3:5b:ef:86
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVrSikBxJZj+sc2Zqn4HaUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzIxYWY0MjAyOTlmMzk0N2JjYjBlYmVhOTU4NDBjMmZkOGYzOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbU+4BR51+GAGfdmWsj8blUjbNfA
/Hna+4mgjbTGr7Vqi0jTe0Mihs1Sv1RBV5dwjPz9ivg/De2NUJJl+6eZIIyGcYvl
DrO1KbRVBrbdol5l/ZOcbwnBTrsZsiSS3ftCI/pYTAY4fPehn6OuFaf21VPBXmXm
FzbNId4ez5yKr5KmP2qk9Whjb9wXE8Bi4Zku5L7XQkaTYsXm/XxVwAcSUiofI70i
+9A0Qy+57ni4sKwh7yhuoh2YCQXwrU96rlIDGObZJaHCu2qz3rPfk6JN0bboDYBe
O9bc+W5WSj6KTbldmdNboSnjzOK/KMUUAyolcsb/W0vN1Abeo3MhMgIX3QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFchr0ICmfOUe8sOvqlYQML9jzllMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvVnlHdlFnS1o4NVI3eXc2LXFWaEF3djJQT1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAu888D
BAAu89ADBAAu89UDBAEu89gwDQYJKoZIhvcNAQELBQADggEBALsF7HNTl53fPsgH
918Z68Nix2VFJU0pLGyk9jGQ2x//xPbetnBlux/and2voXHlhqEk7IXo1t+EVKSz
Y6175FqIXzI3jhuv5C6TexC2glYEx/jFTrV2GlviILWCZWzHDq6UH5XRonYNEeBb
O5gmuGAVppZSVVWFAiTIwQsKESpWdved2IpTZ8r8x1FElXj+aGduziLUCWB7iPAc
Hw3iBiI5toLiUGE+n7YCRuBoTVxDi+Dm/3EbPyyVZOPv7XNCJ71kJbTPMa+IOkya
nhrgPt4yfm/LyvO7hgEUegKp170zWeGiX1W2ky9bGuOKFSX3Zjdiv5g6H3gBU5An
59Nb74Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org