Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/WTRKI9aOmB3peIufpvOrifp8FgM.roa
File: WTRKI9aOmB3peIufpvOrifp8FgM.roa (raw, json)
Hash identifier: hqjtK6RhZxZfJVlm17BETmT/MJbPjcpumr4y75NjXwA=
Subject key identifier: 59:34:4A:23:D6:8E:98:1D:E9:78:8B:9F:A6:F3:AB:89:FA:7C:16:03
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 0185BAB63578E1B13B79D2365DD07D9DC68A
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/WTRKI9aOmB3peIufpvOrifp8FgM.roa
Signing time: Mon 16 Jan 2023 13:13:01 +0000
ROA not before: Mon 16 Jan 2023 13:13:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47453
IP address blocks: 87.246.49.0/24 maxlen: 24
87.246.48.0/24 maxlen: 24
87.246.47.0/24 maxlen: 24
87.246.46.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ba:b6:35:78:e1:b1:3b:79:d2:36:5d:d0:7d:9d:c6:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 16 13:13:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59344a23d68e981de9788b9fa6f3ab89fa7c1603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:32:eb:d3:fe:89:be:13:ad:72:bd:5a:64:f9:
ad:c0:0a:68:62:14:49:a7:7b:39:22:b2:dc:af:c9:
1a:c3:1d:90:e5:5d:1a:d6:22:1e:7c:c7:74:f7:17:
ae:df:da:cb:c8:21:51:ae:a4:d3:50:e3:dd:94:24:
14:92:fe:f4:82:bd:0f:24:d2:bf:e6:8e:d1:ff:6b:
88:ce:12:b5:6a:b6:52:2e:db:14:50:7c:37:a0:0d:
33:d8:fa:5f:0a:35:6b:cc:0c:ef:83:9d:95:19:69:
07:b4:f6:b1:45:8a:96:1c:36:2a:4a:2f:08:0d:8e:
b5:0d:e3:cd:63:30:8d:40:f2:75:29:05:ba:ca:5d:
8c:42:7e:f4:70:52:82:6d:c4:9f:a4:ba:99:46:72:
3b:6d:ac:e3:30:28:a1:d8:4c:40:9b:14:4d:5b:28:
c3:3b:74:48:e3:61:7a:d9:a1:d1:32:04:49:f4:eb:
8f:39:38:47:2c:58:bd:bc:c5:66:b9:fe:16:1e:92:
c8:64:33:6c:a8:5d:95:62:4b:9c:e8:c8:2b:12:8e:
00:ba:50:12:1a:4d:54:f5:57:d4:04:75:e2:b1:de:
ac:41:e4:b2:62:62:25:9a:24:23:e1:3b:68:bd:7e:
2f:3e:cb:28:c9:cc:3e:60:25:fc:4b:c2:16:bd:27:
aa:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:34:4A:23:D6:8E:98:1D:E9:78:8B:9F:A6:F3:AB:89:FA:7C:16:03
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/WTRKI9aOmB3peIufpvOrifp8FgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.246.46.0-87.246.49.255
Signature Algorithm: sha256WithRSAEncryption
8c:93:cf:5b:31:79:70:6a:95:f3:24:7f:4d:9e:91:24:15:35:
0b:ff:67:38:64:12:07:86:66:45:a5:0e:b9:35:54:e9:b8:bf:
b2:59:db:49:c9:04:ef:eb:b1:71:44:fa:92:c0:a2:cc:23:7a:
97:34:2a:09:d2:8c:83:f9:2e:52:65:e8:34:f6:73:bb:10:e8:
93:10:0a:36:8d:d7:0d:7e:6c:ad:a7:65:81:96:28:d9:43:bd:
08:94:e8:6e:25:2f:44:1b:59:b2:9d:9e:56:33:be:81:2e:42:
6b:96:7b:4d:9b:2c:cf:49:69:6d:dd:c2:e4:e6:80:3d:6f:0b:
8d:88:68:9c:c0:23:21:00:73:6f:b6:68:c7:8b:39:e6:6c:e9:
c7:f5:da:b2:5d:20:a1:dd:9e:9c:11:11:0c:cf:24:0d:25:d3:
a1:3d:25:a1:15:c3:a3:52:e2:81:4e:5c:a5:34:a0:5e:60:ec:
b6:0c:75:4e:d9:e7:07:08:1e:a1:0c:4d:ce:a0:e4:a4:d2:f2:
9e:c0:e9:11:9f:cd:2b:a2:0e:c0:eb:96:2f:01:b6:b2:65:bd:
d6:41:61:5e:41:56:c6:41:98:0a:97:e9:18:fa:4f:70:e9:b7:
fa:8a:2c:d2:12:f5:3d:e4:77:7a:2b:e7:af:2e:ba:ab:91:71:
d3:27:74:8b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYW6tjV44bE7edI2XdB9ncaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjMwMTE2MTMxMzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTM0NGEyM2Q2OGU5ODFkZTk3ODhiOWZhNmYzYWI4OWZhN2MxNjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDLr0/6JvhOtcr1aZPmtwApoYhRJ
p3s5IrLcr8kawx2Q5V0a1iIefMd09xeu39rLyCFRrqTTUOPdlCQUkv70gr0PJNK/
5o7R/2uIzhK1arZSLtsUUHw3oA0z2PpfCjVrzAzvg52VGWkHtPaxRYqWHDYqSi8I
DY61DePNYzCNQPJ1KQW6yl2MQn70cFKCbcSfpLqZRnI7bazjMCih2ExAmxRNWyjD
O3RI42F62aHRMgRJ9OuPOThHLFi9vMVmuf4WHpLIZDNsqF2VYkuc6MgrEo4AulAS
Gk1U9VfUBHXisd6sQeSyYmIlmiQj4TtovX4vPssoycw+YCX8S8IWvSeq/wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFk0SiPWjpgd6XiLn6bzq4n6fBYDMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvV1RSS0k5YU9tQjNwZUl1ZnB2T3JpZnA4RmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFX9i4D
BAFX9jAwDQYJKoZIhvcNAQELBQADggEBAIyTz1sxeXBqlfMkf02ekSQVNQv/Zzhk
EgeGZkWlDrk1VOm4v7JZ20nJBO/rsXFE+pLAoswjepc0KgnSjIP5LlJl6DT2c7sQ
6JMQCjaN1w1+bK2nZYGWKNlDvQiU6G4lL0QbWbKdnlYzvoEuQmuWe02bLM9JaW3d
wuTmgD1vC42IaJzAIyEAc2+2aMeLOeZs6cf12rJdIKHdnpwREQzPJA0l06E9JaEV
w6NS4oFOXKU0oF5g7LYMdU7Z5wcIHqEMTc6g5KTS8p7A6RGfzSuiDsDrli8BtrJl
vdZBYV5BVsZBmAqX6Rj6T3Dpt/qKLNIS9T3kd3or568uuquRcdMndIs=
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:42 2024 by rpki-client on console-fra.rpki-client.org