Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/I_WGkBHRGQRSbji9V_8c0S045E4.roa
File: I_WGkBHRGQRSbji9V_8c0S045E4.roa (raw, json)
Hash identifier: SBuyA4RsrZi8dReVde62rfz+ghKGAWBbaSRKK4Xhduo=
Subject key identifier: 23:F5:86:90:11:D1:19:04:52:6E:38:BD:57:FF:1C:D1:2D:38:E4:4E
Certificate issuer: /CN=18caeb14a01ee16d836565e14fa53b4ab3c3cd26
Certificate serial: 018571A7B180AA12F0A66B0A252EBC589A7B
Authority key identifier: 18:CA:EB:14:A0:1E:E1:6D:83:65:65:E1:4F:A5:3B:4A:B3:C3:CD:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GMrrFKAe4W2DZWXhT6U7SrPDzSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/I_WGkBHRGQRSbji9V_8c0S045E4.roa
Signing time: Mon 02 Jan 2023 08:44:53 +0000
ROA not before: Mon 02 Jan 2023 08:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197208
IP address blocks: 46.28.112.0/21 maxlen: 21
194.99.56.0/24 maxlen: 24
194.31.3.0/24 maxlen: 24
194.76.29.0/24 maxlen: 24
2a01:6ac0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:b1:80:aa:12:f0:a6:6b:0a:25:2e:bc:58:9a:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18caeb14a01ee16d836565e14fa53b4ab3c3cd26
Validity
Not Before: Jan 2 08:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23f5869011d11904526e38bd57ff1cd12d38e44e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ce:54:77:fe:ce:f8:ee:d5:31:d2:5c:43:51:
90:72:e8:81:ad:5b:ea:42:62:46:b6:ef:25:e1:5f:
a0:51:45:6c:5d:9c:23:9c:88:5d:04:d7:9f:06:a6:
23:45:f2:3b:e9:22:11:10:ed:92:b4:04:c2:69:63:
f1:99:f3:bc:3d:45:49:4a:3a:5d:72:12:c4:cb:d4:
4a:b0:d4:4c:74:29:ba:73:d1:c0:12:ea:2d:db:a0:
52:30:d3:f5:78:07:1e:a6:7b:fb:28:be:2f:e0:85:
04:91:1a:38:48:59:eb:8b:4d:e4:3a:33:2b:fd:8d:
10:5b:04:06:03:7d:4f:33:fa:10:55:a1:b9:7a:20:
49:56:ee:55:61:45:1f:b8:3c:04:b7:11:79:b7:38:
19:71:5c:1f:95:e9:d8:dc:9b:29:7b:50:c0:3e:0f:
bf:af:6e:63:be:71:50:2b:31:0f:c2:06:1b:e6:f8:
f5:28:43:4e:6f:92:2d:47:1b:5f:54:3c:14:49:2b:
bd:98:fa:ee:02:bd:2b:6f:05:42:ad:8e:e5:1b:7e:
ce:91:ef:8c:63:d1:e8:af:a9:ab:0e:b6:90:f8:e2:
38:29:b6:42:a8:bb:22:ea:59:64:55:8d:a3:bb:ae:
8d:e2:4a:45:7c:78:bd:89:13:88:74:9f:0b:5e:82:
60:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F5:86:90:11:D1:19:04:52:6E:38:BD:57:FF:1C:D1:2D:38:E4:4E
X509v3 Authority Key Identifier:
keyid:18:CA:EB:14:A0:1E:E1:6D:83:65:65:E1:4F:A5:3B:4A:B3:C3:CD:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GMrrFKAe4W2DZWXhT6U7SrPDzSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/I_WGkBHRGQRSbji9V_8c0S045E4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/GMrrFKAe4W2DZWXhT6U7SrPDzSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.112.0/21
194.31.3.0/24
194.76.29.0/24
194.99.56.0/24
IPv6:
2a01:6ac0::/32
Signature Algorithm: sha256WithRSAEncryption
ae:fe:6b:1f:dc:f2:9d:d8:5c:c3:23:5f:d3:02:b9:f8:0f:d3:
da:80:ab:00:2f:3f:6d:0d:79:7c:85:8f:93:51:17:f4:46:81:
46:14:7b:bf:cc:bd:7d:a5:2f:16:dc:2e:1a:47:4a:e6:8f:45:
37:9e:0d:b8:46:70:f4:b2:bf:d8:10:f8:9d:90:65:6d:e3:a8:
94:58:bc:af:20:44:17:1a:cd:19:8a:65:70:e9:fa:7f:a6:35:
fd:e7:64:46:91:f2:e4:f7:93:95:5b:0c:6d:56:2f:b4:6d:71:
27:68:c4:5c:2a:ea:53:22:3b:f9:3c:76:bb:58:67:c4:3e:3b:
1c:fb:4a:a6:44:a5:40:7e:13:ca:bd:8e:d6:3a:40:7d:a9:94:
e7:ae:0e:4e:c3:9f:87:80:4d:39:36:85:a2:c3:73:4c:5b:4b:
07:e2:e9:b5:89:eb:39:63:fc:bb:14:53:e6:54:25:7e:16:70:
85:17:fe:8d:e7:96:f0:b7:5e:67:03:6e:66:02:fd:59:1f:3e:
34:b6:c4:06:16:09:23:43:be:4f:fa:40:9e:15:15:01:1e:28:
49:1d:7b:35:3e:15:75:46:f1:65:bb:70:fa:a3:85:62:03:68:
42:e1:8f:08:cb:93:d1:a2:54:f3:b5:c8:81:56:2b:4d:43:b0:
a5:f2:07:f9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVxp7GAqhLwpmsKJS68WJp7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4Y2FlYjE0YTAxZWUxNmQ4MzY1NjVlMTRmYTUzYjRhYjNj
M2NkMjYwHhcNMjMwMTAyMDg0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2Y1ODY5MDExZDExOTA0NTI2ZTM4YmQ1N2ZmMWNkMTJkMzhlNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwc5Ud/7O+O7VMdJcQ1GQcuiBrVvq
QmJGtu8l4V+gUUVsXZwjnIhdBNefBqYjRfI76SIREO2StATCaWPxmfO8PUVJSjpd
chLEy9RKsNRMdCm6c9HAEuot26BSMNP1eAcepnv7KL4v4IUEkRo4SFnri03kOjMr
/Y0QWwQGA31PM/oQVaG5eiBJVu5VYUUfuDwEtxF5tzgZcVwflenY3Jspe1DAPg+/
r25jvnFQKzEPwgYb5vj1KENOb5ItRxtfVDwUSSu9mPruAr0rbwVCrY7lG37Oke+M
Y9Hor6mrDraQ+OI4KbZCqLsi6llkVY2ju66N4kpFfHi9iROIdJ8LXoJglQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCP1hpAR0RkEUm44vVf/HNEtOOROMB8GA1UdIwQY
MBaAFBjK6xSgHuFtg2Vl4U+lO0qzw80mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR01yckZLQWU0VzJEWldYaFQ2VTdTclBEelNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9lN2IxZDctM2Q3YS00NmFiLTgxMGYt
ZWRkZjIzYzFiYTZkLzEvSV9XR2tCSFJHUVJTYmppOVZfOGMwUzA0NUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9lN2IxZDctM2Q3YS00NmFiLTgxMGYtZWRkZjIzYzFiYTZk
LzEvR01yckZLQWU0VzJEWldYaFQ2VTdTclBEelNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLhxwAwQA
wh8DAwQAwkwdAwQAwmM4MA0EAgACMAcDBQAqAWrAMA0GCSqGSIb3DQEBCwUAA4IB
AQCu/msf3PKd2FzDI1/TArn4D9PagKsALz9tDXl8hY+TURf0RoFGFHu/zL19pS8W
3C4aR0rmj0U3ng24RnD0sr/YEPidkGVt46iUWLyvIEQXGs0ZimVw6fp/pjX952RG
kfLk95OVWwxtVi+0bXEnaMRcKupTIjv5PHa7WGfEPjsc+0qmRKVAfhPKvY7WOkB9
qZTnrg5Ow5+HgE05NoWiw3NMW0sH4um1ies5Y/y7FFPmVCV+FnCFF/6N55bwt15n
A25mAv1ZHz40tsQGFgkjQ75P+kCeFRUBHihJHXs1PhV1RvFlu3D6o4ViA2hC4Y8I
y5PRolTztciBVitNQ7Cl8gf5
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:08 2024 by rpki-client on console-ams.rpki-client.org