Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/WZh1yMLC0tvmW9IjPCyolNLrzN0.roa
File: WZh1yMLC0tvmW9IjPCyolNLrzN0.roa (raw, json)
Hash identifier: B4QJKnqZSmDegxKvVqSXq5byUKla403sjvvKzuJSo28=
Subject key identifier: 59:98:75:C8:C2:C2:D2:DB:E6:5B:D2:23:3C:2C:A8:94:D2:EB:CC:DD
Certificate issuer: /CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Certificate serial: 01856E2FAF44591F992BD418186B5AE74E47
Authority key identifier: D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/WZh1yMLC0tvmW9IjPCyolNLrzN0.roa
Signing time: Sun 01 Jan 2023 16:34:56 +0000
ROA not before: Sun 01 Jan 2023 16:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206774
IP address blocks: 46.252.1.0/24 maxlen: 24
46.252.3.0/24 maxlen: 24
46.252.9.0/24 maxlen: 24
46.252.8.0/24 maxlen: 24
46.252.5.0/24 maxlen: 24
46.252.10.0/24 maxlen: 24
46.252.7.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:af:44:59:1f:99:2b:d4:18:18:6b:5a:e7:4e:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Validity
Not Before: Jan 1 16:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=599875c8c2c2d2dbe65bd2233c2ca894d2ebccdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8c:15:f8:b6:2d:e8:4d:ac:5f:ff:c8:cb:52:
47:2b:86:f5:ad:5f:c5:06:75:fc:43:c9:e6:f5:99:
72:99:33:ab:ba:87:27:37:99:c1:da:0e:1d:71:25:
07:f8:b5:f4:21:7c:59:6b:36:e3:33:b5:54:fb:6b:
aa:e2:a5:ef:d2:e9:e4:be:62:0c:2a:93:43:e1:03:
fc:9e:1d:cd:ec:45:1a:83:55:57:0a:44:01:df:36:
74:ba:ff:49:17:20:16:f4:3b:6e:cf:6d:e5:56:5a:
89:e2:a6:5a:f4:e9:f6:1e:a6:47:2b:4b:6c:54:c9:
d4:a3:b4:2e:6b:f7:a3:e8:72:8c:0a:87:92:10:e4:
be:69:5a:cb:2a:82:6b:a8:3e:da:74:1c:64:df:61:
cf:62:b9:6c:f4:8f:d7:59:a4:46:81:20:1b:6f:3e:
51:38:d9:ad:d8:87:25:c5:95:b5:b0:32:71:d7:1f:
ef:78:80:0c:a3:39:85:99:b3:d5:c6:f9:f2:fe:8d:
b1:25:9c:04:8b:f3:c1:8b:7b:46:70:d5:05:82:fb:
3a:13:d5:55:b8:d1:d8:50:26:3a:0f:4e:33:fa:b8:
08:1f:2f:9e:c5:ae:58:23:d4:0b:05:ce:2f:40:a8:
c4:68:e9:f5:e2:92:61:34:d8:06:fa:61:17:74:b9:
d5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:98:75:C8:C2:C2:D2:DB:E6:5B:D2:23:3C:2C:A8:94:D2:EB:CC:DD
X509v3 Authority Key Identifier:
keyid:D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/WZh1yMLC0tvmW9IjPCyolNLrzN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.1.0/24
46.252.3.0/24
46.252.5.0/24
46.252.7.0-46.252.10.255
Signature Algorithm: sha256WithRSAEncryption
c8:de:ed:fc:06:80:95:4f:a5:40:23:f1:de:76:a0:5c:43:eb:
18:44:3d:60:99:5b:c0:de:a0:66:a4:5b:4f:a2:0f:bf:6c:8e:
d3:80:a0:96:44:64:c5:3a:08:1a:6d:cd:0a:cf:b8:9f:9a:7a:
e6:1e:89:d7:dc:2f:e6:88:8b:da:f2:de:62:39:4a:1a:9b:0e:
21:6d:58:28:05:bb:8b:d8:e6:78:24:52:a3:68:c2:e2:fe:5d:
f1:ab:6d:4a:2e:7c:36:ae:58:b5:93:f7:c6:7d:2f:2f:d4:a2:
61:2f:44:7d:12:53:cd:2b:c1:fa:ef:5f:06:db:f4:93:1c:d8:
f7:f0:4a:d1:f4:ad:76:79:7a:a7:19:49:c3:52:bd:b7:c3:1b:
21:77:dc:5c:38:1f:4c:1e:68:6b:2b:f8:1d:72:46:da:c1:5a:
09:b8:bc:2b:2a:43:32:d1:b6:74:a2:0d:8b:2c:3c:ad:e5:d1:
a4:8c:76:0b:a7:23:9c:18:50:e3:3c:5e:82:f9:29:d9:fd:a5:
48:23:81:14:90:2e:ec:86:7b:95:78:b1:82:ce:f9:05:c8:d1:
c7:40:f0:a3:cc:bc:68:cb:bf:52:f0:a0:19:ca:8b:54:4b:f9:
ff:43:a4:16:3f:e0:41:e4:17:b6:1a:60:d0:c2:46:2f:00:bd:
a8:78:33:cf
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVuL69EWR+ZK9QYGGta505HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Mjg0ZjE4Y2Q0NDYwNGJkZDZkMDhmNGQ4NzhkYzYxNDU2
YzQwZmQwHhcNMjMwMTAxMTYzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTk4NzVjOGMyYzJkMmRiZTY1YmQyMjMzYzJjYTg5NGQyZWJjY2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnowV+LYt6E2sX//Iy1JHK4b1rV/F
BnX8Q8nm9ZlymTOruocnN5nB2g4dcSUH+LX0IXxZazbjM7VU+2uq4qXv0unkvmIM
KpND4QP8nh3N7EUag1VXCkQB3zZ0uv9JFyAW9Dtuz23lVlqJ4qZa9On2HqZHK0ts
VMnUo7Qua/ej6HKMCoeSEOS+aVrLKoJrqD7adBxk32HPYrls9I/XWaRGgSAbbz5R
ONmt2IclxZW1sDJx1x/veIAMozmFmbPVxvny/o2xJZwEi/PBi3tGcNUFgvs6E9VV
uNHYUCY6D04z+rgIHy+exa5YI9QLBc4vQKjEaOn14pJhNNgG+mEXdLnVOwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFmYdcjCwtLb5lvSIzwsqJTS68zdMB8GA1UdIwQY
MBaAFNgoTxjNRGBL3W0I9Nh43GFFbED9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0Zjgt
Yzc4NjkxMjg1ODJjLzEvV1poMXlNTEMwdHZtVzlJalBDeW9sTkxyek4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0ZjgtYzc4NjkxMjg1ODJj
LzEvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALvwBAwQA
LvwDAwQALvwFMAwDBAAu/AcDBAAu/AowDQYJKoZIhvcNAQELBQADggEBAMje7fwG
gJVPpUAj8d52oFxD6xhEPWCZW8DeoGakW0+iD79sjtOAoJZEZMU6CBptzQrPuJ+a
euYeidfcL+aIi9ry3mI5ShqbDiFtWCgFu4vY5ngkUqNowuL+XfGrbUoufDauWLWT
98Z9Ly/UomEvRH0SU80rwfrvXwbb9JMc2PfwStH0rXZ5eqcZScNSvbfDGyF33Fw4
H0weaGsr+B1yRtrBWgm4vCsqQzLRtnSiDYssPK3l0aSMdgunI5wYUOM8XoL5Kdn9
pUgjgRSQLuyGe5V4sYLO+QXI0cdA8KPMvGjLv1LwoBnKi1RL+f9DpBY/4EHkF7Ya
YNDCRi8Avah4M88=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:16:32 2024 by rpki-client on console.sobornost.net