Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/LdgwqVAtaVDvTnisp9cFnN-BxHE.roa
File: LdgwqVAtaVDvTnisp9cFnN-BxHE.roa (raw, json)
Hash identifier: doXryGcoy+3bHBJXDyP22rK3xR+uHi9C2slVdtrP/x0=
Subject key identifier: 2D:D8:30:A9:50:2D:69:50:EF:4E:78:AC:A7:D7:05:9C:DF:81:C4:71
Certificate issuer: /CN=719e59b5017bfe634411949eff2d70ba0a07c540
Certificate serial: 018CC2DAF2251929C890932C0DF8EA5EB23A
Authority key identifier: 71:9E:59:B5:01:7B:FE:63:44:11:94:9E:FF:2D:70:BA:0A:07:C5:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZ5ZtQF7_mNEEZSe_y1wugoHxUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/LdgwqVAtaVDvTnisp9cFnN-BxHE.roa
Signing time: Mon 01 Jan 2024 02:29:37 +0000
ROA not before: Mon 01 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 46.28.58.0/24 maxlen: 24
46.28.59.0/24 maxlen: 24
46.28.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f2:25:19:29:c8:90:93:2c:0d:f8:ea:5e:b2:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=719e59b5017bfe634411949eff2d70ba0a07c540
Validity
Not Before: Jan 1 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dd830a9502d6950ef4e78aca7d7059cdf81c471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:73:1b:58:9a:1f:6a:cd:5d:03:ba:7d:49:1b:
86:e8:ca:d3:7a:42:8a:9f:e8:28:cd:44:02:20:06:
3e:00:db:fd:41:7d:95:e0:c3:a2:6a:b6:e1:64:c2:
83:2e:f7:96:3c:78:dc:7b:bc:76:51:ad:60:ab:2e:
06:5d:78:ee:ba:c7:d1:db:82:ce:50:e7:3c:b2:f6:
f0:23:0b:ef:d6:12:af:ca:e0:a8:2c:33:25:30:09:
0b:aa:50:51:c1:60:a0:b6:08:a5:4c:77:34:ef:2b:
76:6f:ce:84:43:4f:2e:37:91:43:66:e6:d9:78:18:
15:97:aa:98:09:b7:75:3e:31:a8:68:dd:d0:76:26:
27:84:a7:1e:7e:c2:cf:6a:70:ae:8c:e7:11:51:c2:
5c:9d:46:ba:14:9d:ba:fb:ab:56:10:1e:d3:5f:a4:
6a:7a:4f:74:70:1f:4f:35:fa:03:44:63:2a:c9:33:
8f:8c:c6:06:ba:3b:fd:33:60:d1:ad:80:41:6d:a1:
86:b0:98:80:24:25:da:f2:a7:2b:98:b9:af:d7:2d:
51:a9:56:43:b8:67:d9:47:6d:b4:f2:49:86:ff:1e:
46:c6:1c:93:48:a8:09:65:18:54:6b:2c:6d:ee:6b:
7c:6e:fc:ee:e6:fd:19:6a:03:ea:55:1f:15:88:2b:
a6:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D8:30:A9:50:2D:69:50:EF:4E:78:AC:A7:D7:05:9C:DF:81:C4:71
X509v3 Authority Key Identifier:
keyid:71:9E:59:B5:01:7B:FE:63:44:11:94:9E:FF:2D:70:BA:0A:07:C5:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZ5ZtQF7_mNEEZSe_y1wugoHxUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/LdgwqVAtaVDvTnisp9cFnN-BxHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/cZ5ZtQF7_mNEEZSe_y1wugoHxUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.58.0/23
46.28.63.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:a7:70:df:10:3d:0d:05:59:f0:f5:38:47:67:a9:07:c6:c8:
67:de:4b:76:1c:93:a6:bf:f5:7b:55:01:69:64:72:51:09:de:
85:ed:7f:f0:81:69:23:31:c4:6f:2f:d7:df:4e:21:a8:a9:2d:
00:0e:49:c8:fe:d5:56:55:7b:38:29:1c:c5:a1:22:10:c4:50:
23:21:2d:39:97:ae:0b:89:68:06:55:54:ad:8f:b8:6a:df:a6:
56:b9:7d:19:3a:78:6b:d5:82:95:aa:f0:dc:9c:47:71:c8:c6:
17:1b:12:0a:7c:22:b8:06:c7:0d:f7:24:ec:b6:94:50:4a:b9:
e8:6a:4c:88:a6:a8:6d:ee:1d:06:f8:f1:da:fc:72:cc:30:23:
1f:7c:b6:29:3c:e8:c7:75:db:45:ab:ab:eb:7f:b7:b5:be:b4:
c2:74:af:d9:7e:ac:5e:a8:79:94:9e:66:59:df:cd:e0:14:b2:
67:b7:1d:6d:81:8c:a2:b4:9e:98:ff:de:56:c3:67:01:13:b1:
b2:9d:a8:a9:3d:1f:7e:cf:3d:df:09:97:08:b3:e6:5c:e9:0d:
c7:c1:24:3d:7d:ea:73:21:b1:a8:1d:ee:4a:9c:e8:aa:00:0b:
e6:85:c4:04:ff:85:c0:f9:c6:38:4a:b4:ec:4c:90:c3:ad:7b:
9a:42:7c:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2vIlGSnIkJMsDfjqXrI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOWU1OWI1MDE3YmZlNjM0NDExOTQ5ZWZmMmQ3MGJhMGEw
N2M1NDAwHhcNMjQwMTAxMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQ4MzBhOTUwMmQ2OTUwZWY0ZTc4YWNhN2Q3MDU5Y2RmODFjNDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHMbWJofas1dA7p9SRuG6MrTekKK
n+gozUQCIAY+ANv9QX2V4MOiarbhZMKDLveWPHjce7x2Ua1gqy4GXXjuusfR24LO
UOc8svbwIwvv1hKvyuCoLDMlMAkLqlBRwWCgtgilTHc07yt2b86EQ08uN5FDZubZ
eBgVl6qYCbd1PjGoaN3QdiYnhKcefsLPanCujOcRUcJcnUa6FJ26+6tWEB7TX6Rq
ek90cB9PNfoDRGMqyTOPjMYGujv9M2DRrYBBbaGGsJiAJCXa8qcrmLmv1y1RqVZD
uGfZR2208kmG/x5GxhyTSKgJZRhUayxt7mt8bvzu5v0ZagPqVR8ViCum5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC3YMKlQLWlQ7054rKfXBZzfgcRxMB8GA1UdIwQY
MBaAFHGeWbUBe/5jRBGUnv8tcLoKB8VAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1o1WnRRRjdfbU5FRVpTZV95MXd1Z29IeFVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xZjllNmMtZTZiOC00YWQ0LTk5NDEt
ZjQ2ZjlkNjc0ZjZjLzEvTGRnd3FWQXRhVkR2VG5pc3A5Y0ZuTi1CeEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xZjllNmMtZTZiOC00YWQ0LTk5NDEtZjQ2ZjlkNjc0ZjZj
LzEvY1o1WnRRRjdfbU5FRVpTZV95MXd1Z29IeFVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLhw6AwQA
Lhw/MA0GCSqGSIb3DQEBCwUAA4IBAQCLp3DfED0NBVnw9ThHZ6kHxshn3kt2HJOm
v/V7VQFpZHJRCd6F7X/wgWkjMcRvL9ffTiGoqS0ADknI/tVWVXs4KRzFoSIQxFAj
IS05l64LiWgGVVStj7hq36ZWuX0ZOnhr1YKVqvDcnEdxyMYXGxIKfCK4BscN9yTs
tpRQSrnoakyIpqht7h0G+PHa/HLMMCMffLYpPOjHddtFq6vrf7e1vrTCdK/Zfqxe
qHmUnmZZ383gFLJntx1tgYyitJ6Y/95Ww2cBE7GynaipPR9+zz3fCZcIs+Zc6Q3H
wSQ9fepzIbGoHe5KnOiqAAvmhcQE/4XA+cY4SrTsTJDDrXuaQnxA
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:29:06 2025 by rpki-client