Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/hKSO2i5ZpswGurMqKcfV059hZ00.roa
File: hKSO2i5ZpswGurMqKcfV059hZ00.roa (raw, json)
Hash identifier: LvoAEsDEOqO8Sl7f2PrG94VbvN58lMIsNvafqMQez9U=
Subject key identifier: 84:A4:8E:DA:2E:59:A6:CC:06:BA:B3:2A:29:C7:D5:D3:9F:61:67:4D
Certificate issuer: /CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Certificate serial: 018570DE5997BC2B1CF3EB4D8378FEFBD00A
Authority key identifier: C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/hKSO2i5ZpswGurMqKcfV059hZ00.roa
Signing time: Mon 02 Jan 2023 05:04:58 +0000
ROA not before: Mon 02 Jan 2023 05:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207114
IP address blocks: 46.33.32.0/21 maxlen: 21
46.33.40.0/22 maxlen: 22
46.33.56.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:59:97:bc:2b:1c:f3:eb:4d:83:78:fe:fb:d0:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Validity
Not Before: Jan 2 05:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84a48eda2e59a6cc06bab32a29c7d5d39f61674d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4b:e0:41:5e:cf:e7:f5:25:c7:df:18:89:39:
3d:82:f5:2d:71:47:c0:7c:ba:bc:56:1d:64:f2:1e:
5b:fd:b9:81:5b:52:69:5a:41:30:be:1f:a4:21:e5:
1b:62:c1:fa:cb:49:4d:42:99:b4:e7:ea:ef:2c:93:
44:6f:6c:3a:ba:68:9b:ef:3b:7c:ff:09:28:e0:64:
33:76:93:62:df:af:ad:8b:64:8f:4b:4e:8c:ef:4a:
62:80:71:40:5a:2b:60:4e:15:36:5d:6c:ed:ea:f9:
89:41:17:be:0c:32:9c:4d:9a:75:ff:b9:9c:8e:ff:
3d:29:40:eb:b7:94:41:17:99:29:a2:4b:15:61:08:
cf:fb:63:13:09:76:c4:78:91:95:65:4d:b0:51:95:
fc:a3:43:1f:30:2a:49:ec:a7:70:ab:5f:a7:c4:22:
92:4c:6a:c8:66:b2:f9:4c:fc:f2:4e:f0:2b:3b:2c:
fe:af:f1:d3:0c:75:b7:43:3a:8d:8a:1c:9b:6f:ee:
a2:13:24:e4:53:22:39:5f:2d:a6:df:17:b3:d0:b2:
38:28:f7:56:26:cc:ff:2b:34:86:b3:92:08:5b:fe:
93:13:f5:a3:87:37:36:bb:32:62:f5:f0:7f:53:e1:
c7:29:74:14:2f:c3:4e:ee:aa:90:95:03:4d:2c:1b:
b1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A4:8E:DA:2E:59:A6:CC:06:BA:B3:2A:29:C7:D5:D3:9F:61:67:4D
X509v3 Authority Key Identifier:
keyid:C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/hKSO2i5ZpswGurMqKcfV059hZ00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.32.0-46.33.43.255
46.33.56.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:db:2a:fe:62:c0:e2:4c:5c:35:84:b9:0b:ee:c8:ec:4f:d6:
92:c2:fa:83:11:25:41:ad:d6:77:30:39:58:e7:5c:8c:b6:74:
36:4a:f1:bc:1e:42:b0:4c:9b:d6:56:bf:bc:2b:3c:70:72:83:
94:19:fc:13:f5:61:e8:6f:0d:d0:60:94:0d:0b:b3:29:45:2a:
4e:c7:8d:dd:bd:d8:70:cb:93:c1:56:6c:7e:8a:45:ea:67:82:
c2:2e:e2:d8:2e:a3:88:bb:cf:aa:55:ff:80:f0:5a:cd:f3:a4:
2d:57:77:e4:e7:b3:98:80:d5:d0:a9:16:c6:52:e0:04:82:62:
97:8d:ae:65:fa:a1:7a:46:3a:bb:ac:0d:30:fb:b0:a3:b0:ad:
69:8b:5c:9b:29:62:b2:81:fa:1c:78:ed:8d:26:7b:b4:80:1d:
a6:c4:41:78:e1:62:e6:e7:3f:8f:16:b7:bb:de:e7:64:0d:74:
dd:5b:96:63:03:1e:19:07:4e:55:b2:65:e0:5b:ab:b7:bb:e3:
02:40:b8:31:31:e1:e6:7d:0e:13:89:55:8b:74:dd:18:6e:35:
f6:e9:d7:7c:6a:93:0c:3e:fd:9a:07:a7:9e:ec:72:06:94:7c:
0a:89:04:3f:0b:cb:42:93:b7:be:d8:75:08:cc:ba:00:3a:d7:
58:9a:68:26
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVw3lmXvCsc8+tNg3j++9AKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmY4ZjNlNjA5MDcyODg5ZTc0ZGQwZmI0ZTI3ZjliYWM0
N2IzYjAwHhcNMjMwMTAyMDUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGE0OGVkYTJlNTlhNmNjMDZiYWIzMmEyOWM3ZDVkMzlmNjE2NzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0vgQV7P5/Ulx98YiTk9gvUtcUfA
fLq8Vh1k8h5b/bmBW1JpWkEwvh+kIeUbYsH6y0lNQpm05+rvLJNEb2w6umib7zt8
/wko4GQzdpNi36+ti2SPS06M70pigHFAWitgThU2XWzt6vmJQRe+DDKcTZp1/7mc
jv89KUDrt5RBF5kpoksVYQjP+2MTCXbEeJGVZU2wUZX8o0MfMCpJ7Kdwq1+nxCKS
TGrIZrL5TPzyTvArOyz+r/HTDHW3QzqNihybb+6iEyTkUyI5Xy2m3xez0LI4KPdW
Jsz/KzSGs5IIW/6TE/Wjhzc2uzJi9fB/U+HHKXQUL8NO7qqQlQNNLBuxQQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFISkjtouWabMBrqzKinH1dOfYWdNMB8GA1UdIwQY
MBaAFMG/jz5gkHKInnTdD7Tif5usR7OwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQt
MGQwZGEwZDEwNDMyLzEvaEtTTzJpNVpwc3dHdXJNcUtjZlYwNTloWjAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQtMGQwZGEwZDEwNDMy
LzEvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAUuISAD
BAIuISgDBAIuITgwDQYJKoZIhvcNAQELBQADggEBABrbKv5iwOJMXDWEuQvuyOxP
1pLC+oMRJUGt1ncwOVjnXIy2dDZK8bweQrBMm9ZWv7wrPHByg5QZ/BP1YehvDdBg
lA0LsylFKk7Hjd292HDLk8FWbH6KRepngsIu4tguo4i7z6pV/4DwWs3zpC1Xd+Tn
s5iA1dCpFsZS4ASCYpeNrmX6oXpGOrusDTD7sKOwrWmLXJspYrKB+hx47Y0me7SA
HabEQXjhYubnP48Wt7ve52QNdN1blmMDHhkHTlWyZeBbq7e74wJAuDEx4eZ9DhOJ
VYt03RhuNfbp13xqkww+/ZoHp57scgaUfAqJBD8Ly0KTt77YdQjMugA611iaaCY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:52 2024 by rpki-client on console.sobornost.net