Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/u2XMJLjtvNiLDhFV4yybZrGeUh4.roa
File: u2XMJLjtvNiLDhFV4yybZrGeUh4.roa (raw, json)
Hash identifier: hWytydWgLOt4iym7HR1pGPb+8DHtQ+9YaqTbOxrbYaw=
Subject key identifier: BB:65:CC:24:B8:ED:BC:D8:8B:0E:11:55:E3:2C:9B:66:B1:9E:52:1E
Certificate issuer: /CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Certificate serial: 018AF60874C5DCEFB6C635B662356A699956
Authority key identifier: C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/u2XMJLjtvNiLDhFV4yybZrGeUh4.roa
Signing time: Tue 03 Oct 2023 14:54:23 +0000
ROA not before: Tue 03 Oct 2023 14:54:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31593
IP address blocks: 46.33.32.0/21 maxlen: 21
46.33.40.0/22 maxlen: 22
46.33.56.0/22 maxlen: 22
2a03:1240:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f6:08:74:c5:dc:ef:b6:c6:35:b6:62:35:6a:69:99:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Validity
Not Before: Oct 3 14:54:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb65cc24b8edbcd88b0e1155e32c9b66b19e521e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:47:ab:60:30:2c:b8:e1:7c:a1:74:2a:47:94:
cb:d3:ed:34:1e:14:9f:1f:21:61:89:88:a8:09:77:
8d:59:38:df:77:cf:d3:97:19:c4:69:8c:97:a0:21:
d7:4b:90:00:9d:8b:5e:ff:39:3d:a8:30:de:2d:a9:
23:21:38:bd:47:ed:40:a0:a7:06:1f:b9:24:2f:78:
3f:48:1d:c3:33:94:0b:97:92:1b:72:16:0a:15:ee:
dd:ba:68:0c:dc:ea:4b:81:18:ab:4b:85:aa:0c:b4:
dc:e2:2a:f8:4d:9a:5b:0f:6e:35:c8:e7:b4:1c:06:
a6:67:51:82:48:f7:a9:b3:d8:41:9b:f6:cf:b0:6d:
b0:7d:78:bd:4e:97:c3:c8:7d:0d:1f:38:9f:04:94:
73:06:52:7b:b6:60:af:6e:51:c4:69:dc:ec:26:5a:
28:60:08:f6:8c:d5:a5:51:cb:7f:00:c5:63:79:9e:
ae:42:2d:32:5f:a1:93:ba:36:ee:e3:ae:a5:91:db:
7f:b1:8c:ec:22:dc:a3:b7:f3:41:5f:94:f3:b1:60:
1a:08:30:c8:4c:11:81:f7:e3:8c:62:7c:4d:46:d6:
8b:a4:d7:ca:77:94:be:1b:cd:3e:1a:cc:f3:e3:19:
84:0a:50:38:86:14:35:7a:f9:b8:7a:5e:2b:2e:81:
e4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:65:CC:24:B8:ED:BC:D8:8B:0E:11:55:E3:2C:9B:66:B1:9E:52:1E
X509v3 Authority Key Identifier:
keyid:C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/u2XMJLjtvNiLDhFV4yybZrGeUh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.32.0-46.33.43.255
46.33.56.0/22
IPv6:
2a03:1240:2::/48
Signature Algorithm: sha256WithRSAEncryption
50:20:07:4a:91:7b:81:b5:07:1b:5e:44:65:7a:b7:8a:ee:23:
53:cd:24:9f:d3:a8:85:86:77:91:b0:0c:aa:89:33:14:77:39:
d6:98:a1:dc:7d:84:fc:d7:9d:87:05:27:00:d6:3c:4a:77:b1:
bd:6c:e4:89:cb:5c:d3:57:e2:37:d5:f3:5a:24:21:0f:56:76:
24:31:e3:49:ca:5a:e4:3a:fe:83:ce:ee:ec:7f:e2:e7:d4:81:
4f:59:05:9c:a3:20:dc:21:ed:04:b1:ee:7f:8a:dd:c5:fa:91:
82:ee:86:65:96:de:aa:bf:a9:08:0f:f2:cc:3c:44:11:25:c0:
18:22:f3:e6:61:27:63:96:ca:17:3c:9d:bb:26:7c:5d:c9:b4:
fd:15:0b:4d:5c:90:b0:3a:34:64:12:03:b8:eb:43:a7:fe:01:
e0:0d:c8:ac:53:f1:15:f6:36:55:80:3c:c0:eb:0b:7b:2b:5f:
92:c6:a5:4f:b3:99:ea:f9:a2:07:24:de:0d:77:03:d1:5e:c5:
d0:44:4a:55:e0:0b:d5:a5:44:f9:73:b3:e6:fa:57:e6:a6:39:
fa:35:ef:df:1e:48:0d:e1:f2:75:61:71:dd:c3:e1:7f:33:f9:
6f:6d:ad:0f:d1:e7:a8:63:24:cd:1e:ac:7f:68:6e:e0:0b:85:
29:61:c1:7a
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYr2CHTF3O+2xjW2YjVqaZlWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmY4ZjNlNjA5MDcyODg5ZTc0ZGQwZmI0ZTI3ZjliYWM0
N2IzYjAwHhcNMjMxMDAzMTQ1NDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjY1Y2MyNGI4ZWRiY2Q4OGIwZTExNTVlMzJjOWI2NmIxOWU1MjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEerYDAsuOF8oXQqR5TL0+00HhSf
HyFhiYioCXeNWTjfd8/TlxnEaYyXoCHXS5AAnYte/zk9qDDeLakjITi9R+1AoKcG
H7kkL3g/SB3DM5QLl5IbchYKFe7dumgM3OpLgRirS4WqDLTc4ir4TZpbD241yOe0
HAamZ1GCSPeps9hBm/bPsG2wfXi9TpfDyH0NHzifBJRzBlJ7tmCvblHEadzsJloo
YAj2jNWlUct/AMVjeZ6uQi0yX6GTujbu466lkdt/sYzsItyjt/NBX5TzsWAaCDDI
TBGB9+OMYnxNRtaLpNfKd5S+G80+Gszz4xmEClA4hhQ1evm4el4rLoHkUQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFLtlzCS47bzYiw4RVeMsm2axnlIeMB8GA1UdIwQY
MBaAFMG/jz5gkHKInnTdD7Tif5usR7OwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQt
MGQwZGEwZDEwNDMyLzEvdTJYTUpManR2TmlMRGhGVjR5eWJackdlVWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQtMGQwZGEwZDEwNDMy
LzEvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAUuISAD
BAIuISgDBAIuITgwDwQCAAIwCQMHACoDEkAAAjANBgkqhkiG9w0BAQsFAAOCAQEA
UCAHSpF7gbUHG15EZXq3iu4jU80kn9OohYZ3kbAMqokzFHc51pih3H2E/NedhwUn
ANY8SnexvWzkictc01fiN9XzWiQhD1Z2JDHjScpa5Dr+g87u7H/i59SBT1kFnKMg
3CHtBLHuf4rdxfqRgu6GZZbeqr+pCA/yzDxEESXAGCLz5mEnY5bKFzyduyZ8Xcm0
/RULTVyQsDo0ZBIDuOtDp/4B4A3IrFPxFfY2VYA8wOsLeytfksalT7OZ6vmiByTe
DXcD0V7F0ERKVeAL1aVE+XOz5vpX5qY5+jXv3x5IDeHydWFx3cPhfzP5b22tD9Hn
qGMkzR6sf2hu4AuFKWHBeg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:52 2024 by rpki-client on console.sobornost.net