Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/_WWN3yCqK6kJee9YKM10-u-pBeo.roa
File: _WWN3yCqK6kJee9YKM10-u-pBeo.roa (raw, json)
Hash identifier: OyowGnVmWLx7pn+dI8mV3SdxjMJwfVOpOvliEbw1jk8=
Subject key identifier: FD:65:8D:DF:20:AA:2B:A9:09:79:EF:58:28:CD:74:FA:EF:A9:05:EA
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 0188AFE3D9CEED668D8179C7A5959C077D61
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/_WWN3yCqK6kJee9YKM10-u-pBeo.roa
Signing time: Mon 12 Jun 2023 13:55:25 +0000
ROA not before: Mon 12 Jun 2023 13:55:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.233.38.0/24 maxlen: 24
46.233.39.0/24 maxlen: 24
46.233.42.0/24 maxlen: 24
46.233.42.0/23 maxlen: 23
46.233.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Jun 2023 18:17:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:e3:d9:ce:ed:66:8d:81:79:c7:a5:95:9c:07:7d:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Jun 12 13:55:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd658ddf20aa2ba90979ef5828cd74faefa905ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:73:23:af:52:3a:6f:94:b2:3a:13:5c:5b:61:
17:5b:d1:52:dd:f2:21:1b:82:f1:e0:00:87:fb:6c:
d4:cb:4e:c1:28:7b:cf:8f:75:eb:11:5f:84:c3:14:
ed:79:86:c9:a6:4a:c4:8b:ac:76:71:c3:55:f9:8b:
1d:70:7e:2e:2c:dc:fd:69:48:31:50:18:68:49:f5:
32:24:17:b5:78:5b:50:81:77:e6:db:25:24:d9:ca:
88:04:72:96:67:54:cf:c1:82:17:d4:79:cc:2b:7c:
e1:e8:78:d9:b1:f9:ff:05:69:b9:43:fb:6b:cb:c2:
2a:b7:74:6b:74:96:6a:96:a3:bb:22:49:39:8e:3b:
0a:52:00:dc:e5:d4:3d:38:fb:49:5d:46:a1:70:4e:
bf:8a:51:ae:da:0c:d7:c6:96:7e:65:07:0d:af:cd:
33:95:01:57:19:1f:01:ea:7d:0d:9c:e0:88:4b:69:
ec:d1:f3:15:9a:2d:65:3b:76:e9:54:10:ae:c0:8b:
63:78:cd:83:1f:8d:58:15:4e:6b:ce:39:5e:9c:d7:
8e:25:6a:94:69:41:aa:88:e6:08:77:fe:45:4a:77:
c5:ea:fd:7f:36:56:85:ac:8e:ef:50:4a:0a:cd:7b:
17:74:66:87:a4:30:61:5c:bd:94:34:7a:74:90:cc:
2f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:65:8D:DF:20:AA:2B:A9:09:79:EF:58:28:CD:74:FA:EF:A9:05:EA
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/_WWN3yCqK6kJee9YKM10-u-pBeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.38.0/23
46.233.42.0-46.233.45.255
Signature Algorithm: sha256WithRSAEncryption
04:e2:dc:87:c9:d9:ec:9e:b0:e3:18:05:c2:37:78:b6:ee:c0:
61:05:99:38:91:40:89:c5:35:75:4e:60:52:4d:5a:20:19:37:
82:82:09:ea:bd:52:2e:2a:95:07:c1:00:0d:5a:ac:5c:44:2d:
b7:ff:3c:5d:64:03:36:a2:6a:b9:bd:08:41:2f:31:65:08:03:
f0:bd:48:63:15:e7:42:61:88:dd:46:b0:c1:b2:0e:f6:54:5b:
5d:0f:42:de:96:31:44:c3:97:83:da:89:43:dd:67:65:6d:8e:
0a:39:77:2b:bb:d5:87:78:a4:40:d0:bd:f5:7a:c6:a9:34:21:
3d:eb:ca:64:01:84:7f:cb:e3:cd:9f:57:dc:80:da:86:57:97:
4a:b5:b7:b3:4e:c0:a4:5b:10:63:1b:44:49:97:cf:8f:86:84:
11:97:a9:09:05:d7:d7:5c:0b:ff:b3:ba:c4:e4:d4:d8:6c:1b:
c5:9c:dd:a4:df:a2:7a:8c:c9:63:41:c2:70:1d:d3:8a:eb:48:
dd:9f:24:5c:1b:27:ce:53:cf:c5:48:d3:c1:a5:b8:9c:8f:0f:
82:84:3a:8a:97:24:b2:67:5e:be:57:b5:8d:aa:f8:f3:04:f9:
5c:74:b1:1c:35:fc:bb:c7:e8:18:81:07:bf:92:f1:06:69:34:
4e:90:49:7a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYiv49nO7WaNgXnHpZWcB31hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjMwNjEyMTM1NTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDY1OGRkZjIwYWEyYmE5MDk3OWVmNTgyOGNkNzRmYWVmYTkwNWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnMjr1I6b5SyOhNcW2EXW9FS3fIh
G4Lx4ACH+2zUy07BKHvPj3XrEV+EwxTteYbJpkrEi6x2ccNV+YsdcH4uLNz9aUgx
UBhoSfUyJBe1eFtQgXfm2yUk2cqIBHKWZ1TPwYIX1HnMK3zh6HjZsfn/BWm5Q/tr
y8Iqt3RrdJZqlqO7Ikk5jjsKUgDc5dQ9OPtJXUahcE6/ilGu2gzXxpZ+ZQcNr80z
lQFXGR8B6n0NnOCIS2ns0fMVmi1lO3bpVBCuwItjeM2DH41YFU5rzjlenNeOJWqU
aUGqiOYId/5FSnfF6v1/NlaFrI7vUEoKzXsXdGaHpDBhXL2UNHp0kMwvTwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFP1ljd8gqiupCXnvWCjNdPrvqQXqMB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvX1dXTjN5Q3FLNmtKZWU5WUtNMTAtdS1wQmVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBLukmMAwD
BAEu6SoDBAEu6SwwDQYJKoZIhvcNAQELBQADggEBAATi3IfJ2eyesOMYBcI3eLbu
wGEFmTiRQInFNXVOYFJNWiAZN4KCCeq9Ui4qlQfBAA1arFxELbf/PF1kAzaiarm9
CEEvMWUIA/C9SGMV50JhiN1GsMGyDvZUW10PQt6WMUTDl4PaiUPdZ2Vtjgo5dyu7
1Yd4pEDQvfV6xqk0IT3rymQBhH/L482fV9yA2oZXl0q1t7NOwKRbEGMbREmXz4+G
hBGXqQkF19dcC/+zusTk1NhsG8Wc3aTfonqMyWNBwnAd04rrSN2fJFwbJ85Tz8VI
08GluJyPD4KEOoqXJLJnXr5XtY2q+PME+Vx0sRw1/LvH6BiBB7+S8QZpNE6QSXo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:09 2024 by rpki-client on console-ams.rpki-client.org