Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wknGDkNZnGpoouvYheWtdcezBb0.roa
File: wknGDkNZnGpoouvYheWtdcezBb0.roa (raw, json)
Hash identifier: lBcNQSMe8YmLIyC1lCspLRE+0vfqbb4+OZDE/mUpX/8=
Subject key identifier: C2:49:C6:0E:43:59:9C:6A:68:A2:EB:D8:85:E5:AD:75:C7:B3:05:BD
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 01856EC228E0AAF25A2F5AFD7CF56DF24FBD
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wknGDkNZnGpoouvYheWtdcezBb0.roa
Signing time: Sun 01 Jan 2023 19:14:56 +0000
ROA not before: Sun 01 Jan 2023 19:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48806
IP address blocks: 45.132.113.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:28:e0:aa:f2:5a:2f:5a:fd:7c:f5:6d:f2:4f:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Jan 1 19:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c249c60e43599c6a68a2ebd885e5ad75c7b305bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:85:79:99:8a:5e:9a:49:3b:03:b1:9c:e3:6b:
cd:28:ac:23:38:b5:de:20:41:8b:99:be:cc:65:a8:
82:20:b7:ef:6a:5d:a3:31:af:87:78:3e:1d:bf:97:
70:6d:26:36:ac:7a:20:f6:fa:6e:7a:b0:6d:06:7f:
81:58:55:59:5d:b9:fe:6d:2b:99:54:9d:93:cc:23:
1f:2c:5d:f9:45:f4:da:22:01:b8:13:4e:c8:4e:f2:
11:eb:9b:9b:7f:4a:c0:95:62:34:cb:2c:6c:14:f3:
21:9a:97:5d:e9:09:b3:ea:12:b9:01:12:df:19:19:
6a:03:d5:7e:52:6d:a5:38:fc:fd:f9:25:30:f8:f8:
e5:c7:c3:d8:68:86:07:da:5e:a6:bc:ca:a6:ce:7c:
c0:03:19:9a:26:a5:b3:ed:d9:06:71:89:07:79:25:
1d:53:62:66:d6:cd:07:a7:5e:2b:6e:93:40:da:3c:
20:5b:c3:10:c1:77:98:c1:8a:48:27:9c:20:f7:1d:
c6:b5:87:7c:53:49:68:f0:a7:8e:ce:76:1d:87:d7:
86:10:0e:b1:9c:38:e0:5a:cf:c2:cf:f8:d7:c6:95:
80:d6:20:12:d8:91:6b:3a:cb:6a:d2:30:ba:0f:e5:
a3:fa:86:11:2a:1b:8a:16:df:30:41:e9:6c:fd:73:
30:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:49:C6:0E:43:59:9C:6A:68:A2:EB:D8:85:E5:AD:75:C7:B3:05:BD
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wknGDkNZnGpoouvYheWtdcezBb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.113.0/24
Signature Algorithm: sha256WithRSAEncryption
83:2c:c9:f4:01:3a:75:7e:4c:2b:02:80:60:3c:c6:a0:5e:29:
66:a8:23:20:2a:3e:71:46:0f:1f:09:8f:2c:23:88:e7:70:c1:
2e:d9:91:57:58:52:fb:58:ef:27:45:8c:30:b3:15:2a:a3:9c:
24:3f:b7:a3:5f:9e:53:fe:a5:78:0a:79:87:11:20:44:dd:a0:
c3:60:72:69:cd:07:30:0d:ca:ac:93:b9:de:72:0d:7f:5d:f7:
de:e2:cf:20:60:1c:f5:f4:b7:28:ff:5b:4a:74:f2:a1:96:b6:
e1:6c:5d:1f:43:e3:84:d8:a0:5b:d8:44:19:83:82:d5:37:46:
74:e8:16:83:49:71:ff:a9:15:03:d5:57:41:75:f1:20:2f:28:
b4:b8:19:a4:55:f2:3d:13:f5:75:a1:2e:ab:b2:d2:fd:2c:92:
57:44:20:8f:45:3e:be:8a:ca:1e:38:53:6f:4c:6d:19:73:fc:
8d:18:a7:08:f8:f8:74:8c:75:38:c1:06:f9:28:5b:11:f5:e6:
26:55:c1:03:72:16:6f:2c:22:8f:9f:3f:9d:6c:f7:53:31:d7:
8d:e4:71:d5:f2:a9:d9:76:5a:d6:e8:f3:c0:eb:90:52:70:bd:
fa:97:1f:d0:ec:86:8c:ed:4f:84:0f:fb:17:bf:30:e1:6e:d1:
57:dc:b4:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwijgqvJaL1r9fPVt8k+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjMwMTAxMTkxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjQ5YzYwZTQzNTk5YzZhNjhhMmViZDg4NWU1YWQ3NWM3YjMwNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYV5mYpemkk7A7Gc42vNKKwjOLXe
IEGLmb7MZaiCILfval2jMa+HeD4dv5dwbSY2rHog9vpuerBtBn+BWFVZXbn+bSuZ
VJ2TzCMfLF35RfTaIgG4E07ITvIR65ubf0rAlWI0yyxsFPMhmpdd6Qmz6hK5ARLf
GRlqA9V+Um2lOPz9+SUw+Pjlx8PYaIYH2l6mvMqmznzAAxmaJqWz7dkGcYkHeSUd
U2Jm1s0Hp14rbpNA2jwgW8MQwXeYwYpIJ5wg9x3GtYd8U0lo8KeOznYdh9eGEA6x
nDjgWs/Cz/jXxpWA1iAS2JFrOstq0jC6D+Wj+oYRKhuKFt8wQels/XMwbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMJJxg5DWZxqaKLr2IXlrXXHswW9MB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvd2tuR0RrTlpuR3Bvb3V2WWhlV3RkY2V6QmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYRxMA0G
CSqGSIb3DQEBCwUAA4IBAQCDLMn0ATp1fkwrAoBgPMagXilmqCMgKj5xRg8fCY8s
I4jncMEu2ZFXWFL7WO8nRYwwsxUqo5wkP7ejX55T/qV4CnmHESBE3aDDYHJpzQcw
Dcqsk7necg1/Xffe4s8gYBz19Lco/1tKdPKhlrbhbF0fQ+OE2KBb2EQZg4LVN0Z0
6BaDSXH/qRUD1VdBdfEgLyi0uBmkVfI9E/V1oS6rstL9LJJXRCCPRT6+isoeOFNv
TG0Zc/yNGKcI+Ph0jHU4wQb5KFsR9eYmVcEDchZvLCKPnz+dbPdTMdeN5HHV8qnZ
dlrW6PPA65BScL36lx/Q7IaM7U+ED/sXvzDhbtFX3LTo
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:40 2024 by rpki-client on console-fra.rpki-client.org