Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WfsWcFLAYfDWVm8wtRIF2NspwtU.roa
File: WfsWcFLAYfDWVm8wtRIF2NspwtU.roa (raw, json)
Hash identifier: yTYSzMhfOm6uIXwYszQcclvpyxgjL5BivRV7v6p9S8w=
Subject key identifier: 59:FB:16:70:52:C0:61:F0:D6:56:6F:30:B5:12:05:D8:DB:29:C2:D5
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 018BB41B6A46928F579AFF7863D8BEB009E0
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WfsWcFLAYfDWVm8wtRIF2NspwtU.roa
Signing time: Thu 09 Nov 2023 12:42:57 +0000
ROA not before: Thu 09 Nov 2023 12:42:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201771
IP address blocks: 46.49.128.0/24 maxlen: 24
46.49.133.0/24 maxlen: 24
46.49.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Nov 2023 12:58:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b4:1b:6a:46:92:8f:57:9a:ff:78:63:d8:be:b0:09:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Nov 9 12:42:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59fb167052c061f0d6566f30b51205d8db29c2d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ab:cd:bd:38:f3:31:e9:0d:b3:06:80:6b:32:
96:4a:b8:d8:8c:17:96:bb:38:5f:82:2a:68:3c:ad:
f8:2b:e8:34:d3:00:d8:13:14:98:aa:54:7d:84:81:
9a:0d:5e:aa:2d:21:e8:18:54:6e:9a:4e:04:c4:1a:
37:3a:97:d3:fb:17:99:85:0f:c0:e4:2d:77:8f:20:
5b:e3:a7:39:48:16:e7:91:d7:78:cd:a8:fb:6f:53:
b5:9b:95:1a:cd:22:bf:b7:66:cf:ec:52:55:c8:3d:
02:ed:c0:cb:73:0c:27:46:77:53:f5:50:83:48:ac:
c5:38:2d:8b:14:21:fd:47:d4:48:55:17:1e:53:5c:
04:ec:e4:d1:cf:c6:cb:70:49:b5:92:6b:2f:68:1c:
fc:7b:32:48:ef:89:37:f5:3a:a6:b3:bc:96:6d:85:
dc:20:13:2c:36:7b:5b:6f:07:cc:6e:ce:0a:6b:4a:
78:f1:66:17:6f:0c:94:0c:0a:21:3e:10:02:96:35:
43:e2:d1:a5:f1:6a:6e:ab:6a:58:2f:f3:0f:4f:9b:
81:58:9b:d1:38:a0:ce:8b:35:fd:5e:3a:13:ad:0c:
1f:36:8a:56:3f:bd:fc:74:c3:ff:18:a9:90:7e:c8:
3d:6d:d2:0b:ff:b7:fe:ad:9a:5a:61:69:dd:eb:30:
33:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:FB:16:70:52:C0:61:F0:D6:56:6F:30:B5:12:05:D8:DB:29:C2:D5
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WfsWcFLAYfDWVm8wtRIF2NspwtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.49.128.0/24
46.49.133.0/24
46.49.154.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:4d:b7:e7:15:67:bd:b7:ec:b7:65:40:a4:b1:17:2e:7e:fd:
7c:e7:73:97:01:c5:8e:b8:8f:8d:63:5d:49:75:aa:37:d3:7c:
56:c7:c7:72:26:8e:10:72:ce:b3:90:87:5e:09:7c:d9:63:dd:
97:63:2f:69:b5:25:fa:0d:f5:5e:4d:81:20:81:ee:d0:14:c9:
ca:99:2f:0b:92:3e:de:be:3e:5b:cd:51:5b:8a:2d:06:17:fc:
d1:2f:90:a2:ff:8a:8e:29:1d:e2:df:d3:f9:2a:28:0d:89:f1:
90:5f:87:25:d3:d6:3e:54:a4:38:0e:9a:37:78:5b:cb:f1:49:
cb:b7:e2:83:4c:f7:0a:9b:bc:df:92:84:2d:03:70:1d:63:49:
f6:1b:de:0c:4c:eb:67:d9:67:17:01:fd:2c:1e:b9:18:37:5b:
af:84:8e:68:be:48:dc:70:89:08:44:cf:81:3f:76:48:b9:0e:
d3:5f:10:e7:d9:2b:45:ce:a1:6a:01:ba:9b:11:d0:91:52:cf:
a5:19:20:02:c9:1b:6e:7f:f5:82:a4:b5:58:74:78:e8:db:39:
78:8e:54:f8:5a:9b:b0:a6:c1:e8:fc:8a:89:5c:c6:a9:c3:22:
68:9d:f5:d0:5b:be:f1:2f:df:95:37:79:52:e9:84:5c:9e:92:
d0:ab:83:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYu0G2pGko9Xmv94Y9i+sAngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjMxMTA5MTI0MjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWZiMTY3MDUyYzA2MWYwZDY1NjZmMzBiNTEyMDVkOGRiMjljMmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6vNvTjzMekNswaAazKWSrjYjBeW
uzhfgipoPK34K+g00wDYExSYqlR9hIGaDV6qLSHoGFRumk4ExBo3OpfT+xeZhQ/A
5C13jyBb46c5SBbnkdd4zaj7b1O1m5UazSK/t2bP7FJVyD0C7cDLcwwnRndT9VCD
SKzFOC2LFCH9R9RIVRceU1wE7OTRz8bLcEm1kmsvaBz8ezJI74k39Tqms7yWbYXc
IBMsNntbbwfMbs4Ka0p48WYXbwyUDAohPhACljVD4tGl8Wpuq2pYL/MPT5uBWJvR
OKDOizX9XjoTrQwfNopWP738dMP/GKmQfsg9bdIL/7f+rZpaYWnd6zAzxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFn7FnBSwGHw1lZvMLUSBdjbKcLVMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvV2ZzV2NGTEFZZkRXVm04d3RSSUYyTnNwd3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALjGAAwQA
LjGFAwQALjGaMA0GCSqGSIb3DQEBCwUAA4IBAQCoTbfnFWe9t+y3ZUCksRcufv18
53OXAcWOuI+NY11Jdao303xWx8dyJo4Qcs6zkIdeCXzZY92XYy9ptSX6DfVeTYEg
ge7QFMnKmS8Lkj7evj5bzVFbii0GF/zRL5Ci/4qOKR3i39P5KigNifGQX4cl09Y+
VKQ4Dpo3eFvL8UnLt+KDTPcKm7zfkoQtA3AdY0n2G94MTOtn2WcXAf0sHrkYN1uv
hI5ovkjccIkIRM+BP3ZIuQ7TXxDn2StFzqFqAbqbEdCRUs+lGSACyRtuf/WCpLVY
dHjo2zl4jlT4WpuwpsHo/IqJXMapwyJonfXQW77xL9+VN3lS6YRcnpLQq4Nm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:50 2024 by rpki-client on console-ams.rpki-client.org