Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/vwPmLXpL1JwnDgTb0lfxAg3RJ1k.roa
File: vwPmLXpL1JwnDgTb0lfxAg3RJ1k.roa (raw, json)
Hash identifier: bGKES3BiuDQEaatX9AP1aMnnGkEpb+P/URshvOHixds=
Subject key identifier: BF:03:E6:2D:7A:4B:D4:9C:27:0E:04:DB:D2:57:F1:02:0D:D1:27:59
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018E0A19B69DBAD9D2B8D674AE7D40C1A171
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/vwPmLXpL1JwnDgTb0lfxAg3RJ1k.roa
Signing time: Mon 04 Mar 2024 15:34:01 +0000
ROA not before: Mon 04 Mar 2024 15:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39087
IP address blocks: 46.8.6.0/24 maxlen: 24
46.8.7.0/24 maxlen: 24
109.248.36.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 04 Mar 2024 15:44:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0a:19:b6:9d:ba:d9:d2:b8:d6:74:ae:7d:40:c1:a1:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Mar 4 15:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf03e62d7a4bd49c270e04dbd257f1020dd12759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:97:1e:2e:37:9b:1d:f8:7a:8c:a7:f0:c4:89:
e4:b0:0f:f3:e6:36:f3:9c:bc:55:00:35:92:33:94:
12:24:53:80:65:79:14:a6:b6:a4:cc:d7:a5:05:98:
e9:c4:4c:bf:a1:a4:57:d4:00:4a:2f:97:03:6b:a9:
a1:27:62:09:73:0c:cf:a3:6f:0a:19:07:d9:b9:ba:
9a:d5:33:e4:78:b0:45:34:2d:8d:a5:56:e2:99:b0:
ab:3c:23:e4:d5:f8:92:9c:56:7f:d6:59:5c:29:e4:
6d:b1:c6:94:07:3b:6e:93:36:00:4d:ba:c3:80:19:
57:5f:0d:c6:84:f4:d2:7c:81:21:10:bf:b7:fa:d4:
6a:0d:41:30:7a:12:6a:2b:dd:49:90:d1:0e:00:c0:
1a:6a:58:9b:5b:77:c4:22:ef:d1:45:02:48:2a:a9:
26:69:58:2d:5b:37:bd:d2:5c:01:c8:fd:f7:59:04:
60:71:2a:a1:fc:59:a8:c5:b7:04:79:86:89:3b:53:
35:3a:3e:e7:2d:46:c4:b4:dc:c3:79:00:2e:39:eb:
5e:0b:df:1e:14:19:6c:30:2f:ef:b0:08:f7:51:da:
27:8e:5a:3c:77:be:26:41:28:3e:29:5a:b9:e0:f5:
c0:7f:66:18:6b:3b:ef:84:60:bd:ca:6c:a2:6a:c4:
86:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:03:E6:2D:7A:4B:D4:9C:27:0E:04:DB:D2:57:F1:02:0D:D1:27:59
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/vwPmLXpL1JwnDgTb0lfxAg3RJ1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.6.0/23
109.248.36.0/23
Signature Algorithm: sha256WithRSAEncryption
12:ae:45:49:68:f0:2c:ae:05:6a:ea:5d:10:d2:e4:89:ec:40:
9e:ba:55:50:1f:3e:bf:65:64:b7:16:9d:27:a5:a6:ba:af:02:
19:cb:c0:4f:c5:fc:a8:1f:ad:9d:7d:06:02:82:13:04:55:15:
d4:bd:14:9c:3c:d3:e6:f9:43:c0:1c:1d:d3:e8:d7:c9:2c:4b:
f2:02:e6:d2:16:2d:4a:ab:29:b4:68:42:c8:10:20:92:ea:52:
9d:56:05:18:a1:41:66:78:4f:4f:7e:66:74:ae:9c:53:3b:a5:
44:8d:cc:43:87:96:f0:8a:7b:58:1e:b0:fd:7a:dc:14:80:a0:
15:6b:d3:bd:51:bd:3f:ff:72:6d:db:5d:a5:1b:4b:75:3f:fe:
31:66:76:5c:c2:bf:6e:86:b9:f4:21:db:b9:40:6d:9f:43:5b:
b4:95:97:d5:3b:fd:b3:a8:53:91:5b:de:a9:ba:3c:f6:f0:18:
c7:db:3a:5f:2d:e9:22:e8:a9:42:68:3d:47:e5:e9:ca:0b:a4:
ff:17:af:74:66:f2:33:3d:34:1a:cb:71:b2:44:17:e5:5e:12:
69:4e:9f:94:78:82:12:e7:04:2c:23:9d:19:24:a2:73:db:5a:
80:3e:98:c1:af:88:1c:d2:50:9d:e5:da:b0:d9:c5:13:37:38:
9b:75:24:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4KGbadutnSuNZ0rn1AwaFxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMzA0MTUzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjAzZTYyZDdhNGJkNDljMjcwZTA0ZGJkMjU3ZjEwMjBkZDEyNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZceLjebHfh6jKfwxInksA/z5jbz
nLxVADWSM5QSJFOAZXkUprakzNelBZjpxEy/oaRX1ABKL5cDa6mhJ2IJcwzPo28K
GQfZubqa1TPkeLBFNC2NpVbimbCrPCPk1fiSnFZ/1llcKeRtscaUBztukzYATbrD
gBlXXw3GhPTSfIEhEL+3+tRqDUEwehJqK91JkNEOAMAaalibW3fEIu/RRQJIKqkm
aVgtWze90lwByP33WQRgcSqh/FmoxbcEeYaJO1M1Oj7nLUbEtNzDeQAuOeteC98e
FBlsMC/vsAj3Udonjlo8d74mQSg+KVq54PXAf2YYazvvhGC9ymyiasSGCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL8D5i16S9ScJw4E29JX8QIN0SdZMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvdndQbUxYcEwxSnduRGdUYjBsZnhBZzNSSjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLggGAwQB
bfgkMA0GCSqGSIb3DQEBCwUAA4IBAQASrkVJaPAsrgVq6l0Q0uSJ7ECeulVQHz6/
ZWS3Fp0npaa6rwIZy8BPxfyoH62dfQYCghMEVRXUvRScPNPm+UPAHB3T6NfJLEvy
AubSFi1Kqym0aELIECCS6lKdVgUYoUFmeE9PfmZ0rpxTO6VEjcxDh5bwintYHrD9
etwUgKAVa9O9Ub0//3Jt212lG0t1P/4xZnZcwr9uhrn0Idu5QG2fQ1u0lZfVO/2z
qFORW96pujz28BjH2zpfLeki6KlCaD1H5enKC6T/F690ZvIzPTQay3GyRBflXhJp
Tp+UeIIS5wQsI50ZJKJz21qAPpjBr4gc0lCd5dqw2cUTNzibdSQV
-----END CERTIFICATE-----
Generated at Mon Mar 4 21:56:36 2024 by rpki-client on console.sobornost.net