Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b2e585-f58d-4220-8bef-0da9ae8458db/1/whNjFSk_vYNpBYTz8W08Jsb6Vos.roa
File: whNjFSk_vYNpBYTz8W08Jsb6Vos.roa (raw, json)
Hash identifier: 2dReKNJq/VmBH25h4yfzuFJVVCt2ZBt8LPg00ib5WEw=
Subject key identifier: C2:13:63:15:29:3F:BD:83:69:05:84:F3:F1:6D:3C:26:C6:FA:56:8B
Certificate issuer: /CN=19b2e1fc400bbf9dcb2066ade3dbfe5c9eab2e7d
Certificate serial: 01856D81C88B3F3BB5DBF40B656A825D0B92
Authority key identifier: 19:B2:E1:FC:40:0B:BF:9D:CB:20:66:AD:E3:DB:FE:5C:9E:AB:2E:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GbLh_EALv53LIGat49v-XJ6rLn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/b2e585-f58d-4220-8bef-0da9ae8458db/1/whNjFSk_vYNpBYTz8W08Jsb6Vos.roa
Signing time: Sun 01 Jan 2023 13:25:00 +0000
ROA not before: Sun 01 Jan 2023 13:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58243
IP address blocks: 46.253.133.0/24 maxlen: 24
2a11:36c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:c8:8b:3f:3b:b5:db:f4:0b:65:6a:82:5d:0b:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19b2e1fc400bbf9dcb2066ade3dbfe5c9eab2e7d
Validity
Not Before: Jan 1 13:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2136315293fbd83690584f3f16d3c26c6fa568b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:07:28:30:48:bc:7c:29:0a:1e:fa:3d:eb:0d:
d5:bd:2d:0c:0c:df:7f:3d:bd:1b:56:12:b4:43:02:
23:b5:cd:7a:7c:71:a2:21:db:2a:97:38:c2:ed:16:
16:73:dc:62:c3:93:23:b9:e9:d4:6c:04:4a:ca:77:
16:f7:29:e0:07:dd:80:f6:04:37:fd:2f:0c:ab:ff:
e8:ce:31:4a:43:9c:c3:83:76:27:47:cf:44:e6:80:
ff:98:cf:79:ca:e4:44:a0:70:af:4d:02:8d:da:c4:
1c:ed:f2:5e:41:be:50:29:77:12:39:6f:49:4d:85:
e3:2d:6b:25:f9:75:3a:d3:98:8b:66:a3:f4:ec:fc:
3f:63:ba:11:74:fb:6c:06:94:ef:1f:8e:26:0c:62:
85:c5:fb:4c:1c:0d:59:52:46:5f:64:09:94:3d:57:
be:e2:37:5b:05:86:46:ec:e2:b0:06:b9:2e:77:43:
4b:a9:fa:55:c3:18:14:14:06:cd:23:56:52:95:8a:
da:a7:fe:07:37:f6:d1:a8:b1:ff:a1:44:00:05:b8:
44:53:0b:da:b7:86:ef:4c:39:d9:40:fc:ef:7a:fe:
49:05:ac:a3:c7:cb:b9:69:a1:19:17:9b:5c:38:27:
d1:81:cb:82:a2:32:e0:66:d6:52:f3:3d:c2:4c:f0:
82:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:13:63:15:29:3F:BD:83:69:05:84:F3:F1:6D:3C:26:C6:FA:56:8B
X509v3 Authority Key Identifier:
keyid:19:B2:E1:FC:40:0B:BF:9D:CB:20:66:AD:E3:DB:FE:5C:9E:AB:2E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GbLh_EALv53LIGat49v-XJ6rLn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b2e585-f58d-4220-8bef-0da9ae8458db/1/whNjFSk_vYNpBYTz8W08Jsb6Vos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b2e585-f58d-4220-8bef-0da9ae8458db/1/GbLh_EALv53LIGat49v-XJ6rLn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.133.0/24
IPv6:
2a11:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
8a:52:66:29:75:af:0b:09:5d:6a:95:5e:4c:27:d0:4d:24:f4:
1b:e7:22:14:df:2e:c7:84:8d:4a:f2:7a:1c:6a:2a:be:09:fb:
e7:22:53:bd:a1:7e:fd:92:20:c5:c7:ef:22:ce:66:7c:8c:79:
47:d3:d7:c7:ed:50:f4:e8:83:69:fd:10:29:17:05:a2:eb:6d:
7b:4f:cc:ae:df:be:e1:53:0c:32:14:db:9b:cd:07:de:a5:5b:
de:aa:11:b5:f4:df:5f:89:26:d1:be:bf:50:2f:ed:af:36:e2:
9a:ed:f0:f0:8e:af:2a:bb:40:60:b3:41:48:80:39:73:7d:dd:
e6:a2:16:08:18:08:9c:36:b9:d5:22:8d:ff:fc:5f:12:1a:53:
53:14:e9:57:e8:7f:5a:f2:2f:14:19:4b:50:ff:c1:41:42:33:
c5:7b:e0:7a:97:3f:9b:b9:da:8b:5a:ae:5e:02:b7:55:df:0c:
b2:c8:9c:c4:6d:9b:18:d1:29:64:56:f5:c4:ba:2f:db:83:bb:
57:d5:de:68:f2:f0:83:f7:56:58:33:ac:00:74:a2:54:35:39:
12:65:9c:71:5e:37:70:27:a4:53:ba:54:9b:32:a6:6e:01:a5:
20:71:c1:0f:dd:62:79:a1:75:5a:3b:7a:f8:34:67:b1:95:f0:
91:82:15:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtgciLPzu12/QLZWqCXQuSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YjJlMWZjNDAwYmJmOWRjYjIwNjZhZGUzZGJmZTVjOWVh
YjJlN2QwHhcNMjMwMTAxMTMyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjEzNjMxNTI5M2ZiZDgzNjkwNTg0ZjNmMTZkM2MyNmM2ZmE1NjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQcoMEi8fCkKHvo96w3VvS0MDN9/
Pb0bVhK0QwIjtc16fHGiIdsqlzjC7RYWc9xiw5MjuenUbARKyncW9yngB92A9gQ3
/S8Mq//ozjFKQ5zDg3YnR89E5oD/mM95yuREoHCvTQKN2sQc7fJeQb5QKXcSOW9J
TYXjLWsl+XU605iLZqP07Pw/Y7oRdPtsBpTvH44mDGKFxftMHA1ZUkZfZAmUPVe+
4jdbBYZG7OKwBrkud0NLqfpVwxgUFAbNI1ZSlYrap/4HN/bRqLH/oUQABbhEUwva
t4bvTDnZQPzvev5JBayjx8u5aaEZF5tcOCfRgcuCojLgZtZS8z3CTPCCcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMITYxUpP72DaQWE8/FtPCbG+laLMB8GA1UdIwQY
MBaAFBmy4fxAC7+dyyBmrePb/lyeqy59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2JMaF9FQUx2NTNMSUdhdDQ5di1YSjZyTG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iMmU1ODUtZjU4ZC00MjIwLThiZWYt
MGRhOWFlODQ1OGRiLzEvd2hOakZTa192WU5wQllUejhXMDhKc2I2Vm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9iMmU1ODUtZjU4ZC00MjIwLThiZWYtMGRhOWFlODQ1OGRi
LzEvR2JMaF9FQUx2NTNMSUdhdDQ5di1YSjZyTG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALv2FMA0E
AgACMAcDBQMqETbAMA0GCSqGSIb3DQEBCwUAA4IBAQCKUmYpda8LCV1qlV5MJ9BN
JPQb5yIU3y7HhI1K8nocaiq+CfvnIlO9oX79kiDFx+8izmZ8jHlH09fH7VD06INp
/RApFwWi6217T8yu377hUwwyFNubzQfepVveqhG19N9fiSbRvr9QL+2vNuKa7fDw
jq8qu0Bgs0FIgDlzfd3mohYIGAicNrnVIo3//F8SGlNTFOlX6H9a8i8UGUtQ/8FB
QjPFe+B6lz+budqLWq5eArdV3wyyyJzEbZsY0SlkVvXEui/bg7tX1d5o8vCD91ZY
M6wAdKJUNTkSZZxxXjdwJ6RTulSbMqZuAaUgccEP3WJ5oXVaO3r4NGexlfCRghVP
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:16 2024 by rpki-client on console-ams.rpki-client.org