Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/WJQggQ73aWPivOiQTJesSQOQt4g.roa
File: WJQggQ73aWPivOiQTJesSQOQt4g.roa (raw, json)
Hash identifier: lI0UKr+yC2HTxDOZaaYbAHgpcaXFjkHbR66Ckf6j7M8=
Subject key identifier: 58:94:20:81:0E:F7:69:63:E2:BC:E8:90:4C:97:AC:49:03:90:B7:88
Certificate issuer: /CN=719e59b5017bfe634411949eff2d70ba0a07c540
Certificate serial: 018CC2DAF1A7342BC85047194F387072ABB6
Authority key identifier: 71:9E:59:B5:01:7B:FE:63:44:11:94:9E:FF:2D:70:BA:0A:07:C5:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZ5ZtQF7_mNEEZSe_y1wugoHxUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/WJQggQ73aWPivOiQTJesSQOQt4g.roa
Signing time: Mon 01 Jan 2024 02:29:37 +0000
ROA not before: Mon 01 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 46.28.58.0/24 maxlen: 24
46.28.59.0/24 maxlen: 24
46.28.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f1:a7:34:2b:c8:50:47:19:4f:38:70:72:ab:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=719e59b5017bfe634411949eff2d70ba0a07c540
Validity
Not Before: Jan 1 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=589420810ef76963e2bce8904c97ac490390b788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3a:09:bb:d9:ad:98:e5:53:3a:56:89:d0:12:
a6:c9:5d:b2:bd:30:6e:7b:bd:68:0c:cd:c0:90:39:
bf:92:87:de:9d:88:52:38:a0:8b:0d:fe:37:65:1d:
2d:4e:5c:48:74:e0:69:07:fd:43:2a:09:6a:c6:26:
df:5c:cc:10:6b:50:b4:06:cf:94:9f:7c:c0:3f:ab:
a9:5b:cf:cc:51:8e:2e:bd:82:a7:a3:e3:f0:70:63:
2a:36:55:89:bf:aa:c8:67:cf:44:83:66:3a:73:89:
b2:d5:b2:51:83:e8:87:41:e7:eb:aa:20:76:e2:b2:
3f:11:e1:83:1f:ba:fe:5d:e0:08:8e:e5:26:78:cd:
98:b0:43:13:26:45:fd:fa:43:75:8a:fe:b1:a0:22:
f4:48:55:e6:83:94:91:eb:2d:70:f4:ce:93:4a:bc:
7d:ea:02:85:4f:74:98:f4:1e:e0:83:fe:58:6c:24:
bc:6a:06:5e:0a:36:a4:a0:04:10:64:5e:cc:39:17:
87:2e:67:f4:63:c5:07:29:db:8d:15:c5:30:39:e2:
06:d0:bf:67:5b:90:1f:cc:7b:63:1e:7a:7b:da:6b:
46:eb:f6:1c:42:f0:91:d9:25:85:b9:46:23:50:8b:
2a:6c:5f:8c:2d:14:1d:b2:17:e9:aa:c4:93:28:ae:
de:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:94:20:81:0E:F7:69:63:E2:BC:E8:90:4C:97:AC:49:03:90:B7:88
X509v3 Authority Key Identifier:
keyid:71:9E:59:B5:01:7B:FE:63:44:11:94:9E:FF:2D:70:BA:0A:07:C5:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZ5ZtQF7_mNEEZSe_y1wugoHxUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/WJQggQ73aWPivOiQTJesSQOQt4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/cZ5ZtQF7_mNEEZSe_y1wugoHxUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.58.0/23
46.28.63.0/24
Signature Algorithm: sha256WithRSAEncryption
80:2c:37:c4:6e:c1:81:46:78:b8:77:8d:73:14:eb:5b:44:ad:
55:ba:78:40:8d:b6:1d:18:03:5c:f7:52:6e:6b:fc:d6:45:4b:
a6:db:8c:e4:db:73:2f:5e:fc:7e:c7:80:70:18:32:94:8e:f9:
5b:c0:63:8b:20:2d:05:c2:44:fc:89:bc:45:4e:83:b2:ac:63:
2d:c1:a8:79:80:ec:8e:f4:2b:fe:84:c2:ef:0f:e2:5d:27:01:
92:b1:f0:19:62:77:59:c9:a1:cc:79:c3:f9:a5:87:fe:ae:61:
54:a6:8c:ba:01:4f:f6:39:0e:ae:7e:43:4e:1b:40:88:9c:4a:
3c:cb:4d:1c:59:eb:06:16:9c:49:c2:fa:79:7d:b6:b9:b6:a3:
93:a2:db:81:0b:c5:00:7d:d1:d1:a4:0f:81:50:37:42:d9:b4:
d9:e9:71:a9:2b:d8:18:7f:b0:48:96:4a:a7:58:59:82:40:e3:
55:b1:7d:6b:43:f2:c6:dc:f4:8b:7a:25:8f:5f:cf:8b:92:82:
02:55:fe:8f:c5:88:c7:3c:d4:17:3f:91:5e:d2:65:e3:a6:56:
d9:12:20:f4:25:4a:de:5f:2d:70:2a:aa:46:06:bb:69:13:0c:
5e:bf:69:2b:cd:33:33:20:5b:18:58:06:3a:d4:28:5c:b0:d9:
1e:59:ad:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2vGnNCvIUEcZTzhwcqu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOWU1OWI1MDE3YmZlNjM0NDExOTQ5ZWZmMmQ3MGJhMGEw
N2M1NDAwHhcNMjQwMTAxMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODk0MjA4MTBlZjc2OTYzZTJiY2U4OTA0Yzk3YWM0OTAzOTBiNzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDoJu9mtmOVTOlaJ0BKmyV2yvTBu
e71oDM3AkDm/kofenYhSOKCLDf43ZR0tTlxIdOBpB/1DKglqxibfXMwQa1C0Bs+U
n3zAP6upW8/MUY4uvYKno+PwcGMqNlWJv6rIZ89Eg2Y6c4my1bJRg+iHQefrqiB2
4rI/EeGDH7r+XeAIjuUmeM2YsEMTJkX9+kN1iv6xoCL0SFXmg5SR6y1w9M6TSrx9
6gKFT3SY9B7gg/5YbCS8agZeCjakoAQQZF7MOReHLmf0Y8UHKduNFcUwOeIG0L9n
W5AfzHtjHnp72mtG6/YcQvCR2SWFuUYjUIsqbF+MLRQdshfpqsSTKK7eawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFiUIIEO92lj4rzokEyXrEkDkLeIMB8GA1UdIwQY
MBaAFHGeWbUBe/5jRBGUnv8tcLoKB8VAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1o1WnRRRjdfbU5FRVpTZV95MXd1Z29IeFVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xZjllNmMtZTZiOC00YWQ0LTk5NDEt
ZjQ2ZjlkNjc0ZjZjLzEvV0pRZ2dRNzNhV1Bpdk9pUVRKZXNTUU9RdDRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xZjllNmMtZTZiOC00YWQ0LTk5NDEtZjQ2ZjlkNjc0ZjZj
LzEvY1o1WnRRRjdfbU5FRVpTZV95MXd1Z29IeFVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLhw6AwQA
Lhw/MA0GCSqGSIb3DQEBCwUAA4IBAQCALDfEbsGBRni4d41zFOtbRK1VunhAjbYd
GANc91Jua/zWRUum24zk23MvXvx+x4BwGDKUjvlbwGOLIC0FwkT8ibxFToOyrGMt
wah5gOyO9Cv+hMLvD+JdJwGSsfAZYndZyaHMecP5pYf+rmFUpoy6AU/2OQ6ufkNO
G0CInEo8y00cWesGFpxJwvp5fba5tqOTotuBC8UAfdHRpA+BUDdC2bTZ6XGpK9gY
f7BIlkqnWFmCQONVsX1rQ/LG3PSLeiWPX8+LkoICVf6PxYjHPNQXP5Fe0mXjplbZ
EiD0JUreXy1wKqpGBrtpEwxev2krzTMzIFsYWAY61ChcsNkeWa0S
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:13:57 2025 by rpki-client