Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b2e585-f58d-4220-8bef-0da9ae8458db/1/h_1coeKea9kEMKLS3_ygaYHE8aw.roa
File: h_1coeKea9kEMKLS3_ygaYHE8aw.roa (raw, json)
Hash identifier: DY/wxN++p3h+5z6uyq172RPrEfvM9p6L7V7SjsmJ70s=
Subject key identifier: 87:FD:5C:A1:E2:9E:6B:D9:04:30:A2:D2:DF:FC:A0:69:81:C4:F1:AC
Certificate issuer: /CN=19b2e1fc400bbf9dcb2066ade3dbfe5c9eab2e7d
Certificate serial: 018CC86F8C77A53CC9C3BE5D0B73B5FEDE69
Authority key identifier: 19:B2:E1:FC:40:0B:BF:9D:CB:20:66:AD:E3:DB:FE:5C:9E:AB:2E:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GbLh_EALv53LIGat49v-XJ6rLn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/b2e585-f58d-4220-8bef-0da9ae8458db/1/h_1coeKea9kEMKLS3_ygaYHE8aw.roa
Signing time: Tue 02 Jan 2024 04:30:02 +0000
ROA not before: Tue 02 Jan 2024 04:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58243
IP address blocks: 46.253.133.0/24 maxlen: 24
2a11:36c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:8c:77:a5:3c:c9:c3:be:5d:0b:73:b5:fe:de:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19b2e1fc400bbf9dcb2066ade3dbfe5c9eab2e7d
Validity
Not Before: Jan 2 04:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87fd5ca1e29e6bd90430a2d2dffca06981c4f1ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:77:bc:0e:64:ab:4a:b1:dd:81:f5:df:19:df:
f9:0f:e1:8c:64:ac:36:42:19:a3:4b:f2:22:0c:41:
b3:3f:6e:d7:61:54:1f:00:10:a3:03:9c:a7:0c:a3:
df:a6:c7:e0:79:5b:d9:7e:82:20:96:22:29:88:23:
17:17:71:7f:8b:55:41:17:18:24:b5:31:7e:59:88:
c6:a2:20:1f:c4:bb:2a:ff:05:49:12:14:50:77:74:
cc:13:df:75:da:84:ed:01:6e:0b:f7:7c:bd:9c:fc:
64:61:38:63:0b:e7:d7:7b:2f:4b:48:8a:42:6a:62:
45:32:e6:70:9a:80:80:b8:71:de:f4:6b:65:bc:53:
10:c0:6a:66:02:9d:bc:8e:6b:27:18:9f:63:5b:ac:
a3:d8:24:cd:9c:cc:70:ae:83:27:a2:2a:65:da:ad:
06:67:26:7b:6c:7c:d3:46:13:5f:06:a0:dc:ed:f8:
84:de:cb:51:c8:89:2d:8f:88:6d:52:56:6b:fc:95:
aa:5c:ff:e9:cf:9f:3c:62:fa:69:6d:c1:f3:29:a7:
74:29:78:26:9f:b5:a0:91:35:ee:10:bc:d9:82:52:
f3:30:00:9c:53:a8:5e:f1:e1:57:9d:50:86:3c:f0:
5d:bf:db:49:94:76:0a:b9:e8:d2:61:07:30:2c:aa:
a7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:FD:5C:A1:E2:9E:6B:D9:04:30:A2:D2:DF:FC:A0:69:81:C4:F1:AC
X509v3 Authority Key Identifier:
keyid:19:B2:E1:FC:40:0B:BF:9D:CB:20:66:AD:E3:DB:FE:5C:9E:AB:2E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GbLh_EALv53LIGat49v-XJ6rLn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b2e585-f58d-4220-8bef-0da9ae8458db/1/h_1coeKea9kEMKLS3_ygaYHE8aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b2e585-f58d-4220-8bef-0da9ae8458db/1/GbLh_EALv53LIGat49v-XJ6rLn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.133.0/24
IPv6:
2a11:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
91:d1:98:04:48:a0:08:04:d1:91:28:78:6c:52:68:c9:c5:bf:
28:68:42:c5:31:f7:6c:28:fb:b3:b7:9c:e2:90:26:ff:f4:ea:
0c:06:66:ef:f5:21:5f:5a:f6:37:e0:48:48:c3:75:73:07:84:
a0:02:f5:9b:75:2c:fc:87:86:81:8c:b7:9b:88:9a:72:92:33:
36:90:ea:1d:61:0b:37:54:0c:da:8a:a2:d0:2e:6b:c2:71:0e:
be:9e:96:91:d2:71:d2:02:85:13:ee:33:a4:7f:f1:98:cf:a1:
36:ec:1e:d4:60:8c:0b:50:25:ea:bb:fb:df:28:d2:39:76:a3:
05:ac:9c:fd:a3:0d:ad:d8:20:86:76:a8:91:5c:ef:61:d1:d9:
0a:f2:ec:37:d2:e1:a9:d2:74:e8:3d:8f:1d:55:e1:62:6c:08:
45:c4:74:56:6d:dc:5a:a4:a9:77:d9:96:d7:cd:c7:83:8a:9e:
57:0f:bf:7b:41:8c:a1:95:e7:55:01:85:61:36:47:21:4c:0f:
78:e3:b5:94:91:67:52:9b:88:b1:d7:e1:2e:5b:b2:25:41:dc:
4f:7f:c0:e4:ed:91:66:a3:a2:68:28:75:8f:c7:7a:a6:54:ba:
d5:36:00:45:39:22:6b:64:19:01:a6:a6:f4:93:5b:98:8b:f9:
3b:62:b2:0c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb4x3pTzJw75dC3O1/t5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YjJlMWZjNDAwYmJmOWRjYjIwNjZhZGUzZGJmZTVjOWVh
YjJlN2QwHhcNMjQwMTAyMDQzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2ZkNWNhMWUyOWU2YmQ5MDQzMGEyZDJkZmZjYTA2OTgxYzRmMWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3e8DmSrSrHdgfXfGd/5D+GMZKw2
QhmjS/IiDEGzP27XYVQfABCjA5ynDKPfpsfgeVvZfoIgliIpiCMXF3F/i1VBFxgk
tTF+WYjGoiAfxLsq/wVJEhRQd3TME9912oTtAW4L93y9nPxkYThjC+fXey9LSIpC
amJFMuZwmoCAuHHe9GtlvFMQwGpmAp28jmsnGJ9jW6yj2CTNnMxwroMnoipl2q0G
ZyZ7bHzTRhNfBqDc7fiE3stRyIktj4htUlZr/JWqXP/pz588YvppbcHzKad0KXgm
n7WgkTXuELzZglLzMACcU6he8eFXnVCGPPBdv9tJlHYKuejSYQcwLKqn0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIf9XKHinmvZBDCi0t/8oGmBxPGsMB8GA1UdIwQY
MBaAFBmy4fxAC7+dyyBmrePb/lyeqy59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2JMaF9FQUx2NTNMSUdhdDQ5di1YSjZyTG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iMmU1ODUtZjU4ZC00MjIwLThiZWYt
MGRhOWFlODQ1OGRiLzEvaF8xY29lS2VhOWtFTUtMUzNfeWdhWUhFOGF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9iMmU1ODUtZjU4ZC00MjIwLThiZWYtMGRhOWFlODQ1OGRi
LzEvR2JMaF9FQUx2NTNMSUdhdDQ5di1YSjZyTG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALv2FMA0E
AgACMAcDBQMqETbAMA0GCSqGSIb3DQEBCwUAA4IBAQCR0ZgESKAIBNGRKHhsUmjJ
xb8oaELFMfdsKPuzt5zikCb/9OoMBmbv9SFfWvY34EhIw3VzB4SgAvWbdSz8h4aB
jLebiJpykjM2kOodYQs3VAzaiqLQLmvCcQ6+npaR0nHSAoUT7jOkf/GYz6E27B7U
YIwLUCXqu/vfKNI5dqMFrJz9ow2t2CCGdqiRXO9h0dkK8uw30uGp0nToPY8dVeFi
bAhFxHRWbdxapKl32ZbXzceDip5XD797QYyhledVAYVhNkchTA9447WUkWdSm4ix
1+EuW7IlQdxPf8Dk7ZFmo6JoKHWPx3qmVLrVNgBFOSJrZBkBpqb0k1uYi/k7YrIM
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:45 2025 by rpki-client