Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/wfcJ8tZFJo2RKAa7QW6PI4AR8nQ.roa
File: wfcJ8tZFJo2RKAa7QW6PI4AR8nQ.roa (raw, json)
Hash identifier: vFPEcjEU+EAEu2MfUviFC43yWzx6uMic3prKKCWsr04=
Subject key identifier: C1:F7:09:F2:D6:45:26:8D:91:28:06:BB:41:6E:8F:23:80:11:F2:74
Certificate issuer: /CN=2988a3c688e8eb1fef06c374a7aa5cf8fd778e0f
Certificate serial: 018B8B236AECC6598D11D459FB27A154F6A3
Authority key identifier: 29:88:A3:C6:88:E8:EB:1F:EF:06:C3:74:A7:AA:5C:F8:FD:77:8E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYijxojo6x_vBsN0p6pc-P13jg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/wfcJ8tZFJo2RKAa7QW6PI4AR8nQ.roa
Signing time: Wed 01 Nov 2023 13:47:15 +0000
ROA not before: Wed 01 Nov 2023 13:47:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25106
IP address blocks: 176.60.4.0/22 maxlen: 22
176.60.0.0/18 maxlen: 24
176.60.44.0/22 maxlen: 22
176.60.40.0/22 maxlen: 22
46.56.114.0/23 maxlen: 23
46.56.125.0/24 maxlen: 24
176.60.128.0/18 maxlen: 24
176.60.132.0/22 maxlen: 22
176.60.64.0/18 maxlen: 24
176.60.80.0/23 maxlen: 23
46.56.56.0/22 maxlen: 24
46.56.60.0/24 maxlen: 24
46.56.60.0/23 maxlen: 24
46.56.62.0/23 maxlen: 23
46.56.64.0/19 maxlen: 24
46.56.96.0/19 maxlen: 24
46.56.40.0/24 maxlen: 24
46.56.41.0/24 maxlen: 24
46.56.42.0/24 maxlen: 24
46.56.40.0/21 maxlen: 21
46.216.184.0/21 maxlen: 21
46.216.192.0/21 maxlen: 21
46.216.192.0/18 maxlen: 24
46.216.128.0/18 maxlen: 24
46.216.144.0/21 maxlen: 21
134.17.208.0/22 maxlen: 24
134.17.208.0/20 maxlen: 24
46.216.152.0/21 maxlen: 21
134.17.224.0/20 maxlen: 24
46.216.246.0/24 maxlen: 24
134.17.16.0/21 maxlen: 21
134.17.17.0/24 maxlen: 24
185.20.112.0/23 maxlen: 23
178.168.160.0/21 maxlen: 21
178.168.168.0/21 maxlen: 24
185.20.114.0/23 maxlen: 23
134.17.24.0/22 maxlen: 22
134.17.24.0/21 maxlen: 21
134.17.28.0/24 maxlen: 24
134.17.32.0/19 maxlen: 19
134.17.32.0/22 maxlen: 22
178.168.180.0/22 maxlen: 22
178.168.192.0/19 maxlen: 24
134.17.64.0/20 maxlen: 20
176.60.176.0/23 maxlen: 23
178.168.128.0/18 maxlen: 24
176.60.184.0/22 maxlen: 24
176.60.192.0/20 maxlen: 20
178.168.144.0/23 maxlen: 23
176.60.192.0/18 maxlen: 24
134.17.0.0/20 maxlen: 24
176.60.208.0/23 maxlen: 23
134.17.124.0/24 maxlen: 24
134.17.128.0/19 maxlen: 19
134.17.128.0/21 maxlen: 21
134.17.136.0/21 maxlen: 21
134.17.144.0/20 maxlen: 20
134.17.160.0/19 maxlen: 19
46.216.0.0/17 maxlen: 24
178.168.220.0/22 maxlen: 22
178.168.224.0/19 maxlen: 24
134.17.79.0/24 maxlen: 24
134.17.80.0/21 maxlen: 21
134.17.80.0/22 maxlen: 22
134.17.88.0/21 maxlen: 24
134.17.89.0/24 maxlen: 24
178.168.242.0/23 maxlen: 23
134.17.96.0/19 maxlen: 19
178.168.253.0/24 maxlen: 24
2a02:bf0:1000::/36 maxlen: 36
2a02:bf0:4000::/36 maxlen: 36
2a02:bf0:6000::/36 maxlen: 36
2a02:bf0:7000::/36 maxlen: 36
2a02:bf0::/32 maxlen: 32
2a02:bf0:3000::/36 maxlen: 44
2a02:bf0:5000::/36 maxlen: 44
2a02:bf0:27::/48 maxlen: 48
2a02:bf0:2::/48 maxlen: 48
2a02:bf0:1002::/48 maxlen: 48
2a02:bf0:26::/48 maxlen: 48
2a02:bf0:29::/48 maxlen: 48
2a02:bf0:10::/44 maxlen: 44
2a02:bf0:1::/48 maxlen: 48
2a02:bf0:25::/48 maxlen: 48
2a02:bf0::/48 maxlen: 48
2a02:bf0:7::/48 maxlen: 48
2a02:bf0:6::/48 maxlen: 48
2a02:bf0:28::/48 maxlen: 48
2a02:bf0:3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:23:6a:ec:c6:59:8d:11:d4:59:fb:27:a1:54:f6:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2988a3c688e8eb1fef06c374a7aa5cf8fd778e0f
Validity
Not Before: Nov 1 13:47:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1f709f2d645268d912806bb416e8f238011f274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:47:da:e3:61:bd:9e:b3:e7:6e:64:4a:49:61:
93:34:16:6e:fa:1d:04:b5:ec:f7:4e:4c:0f:d3:29:
ee:ae:5a:75:83:0b:71:fa:0e:7d:83:43:24:18:67:
67:ba:47:76:6e:cc:d6:1f:cb:de:bd:61:d9:c2:f0:
91:19:fd:fd:e8:81:c2:5e:55:ff:4f:f3:49:43:09:
26:1a:19:70:de:eb:1a:c9:05:c2:3d:09:5a:bd:e4:
68:9a:23:16:73:8e:4c:71:a6:64:61:83:c1:88:df:
69:67:a4:4a:e0:8a:c0:73:ed:0b:45:14:67:27:98:
08:79:ac:cc:94:c8:7a:2c:d1:10:52:6b:ce:45:8b:
89:9b:93:a4:ad:74:ad:d3:df:70:69:51:d0:6c:80:
6e:23:b0:90:f2:98:4f:9a:59:bd:ac:7c:df:03:bb:
a2:bb:24:91:42:a5:93:6f:c7:e5:a1:15:77:b8:11:
d1:a3:3c:78:44:8e:ae:74:22:22:7d:47:c9:09:b5:
e9:45:ac:d7:30:a6:38:da:7f:2b:e2:e7:08:26:56:
4c:58:1f:27:0b:4a:4b:8e:7f:bd:19:14:ab:e1:e4:
cc:b2:a8:6d:1c:25:dc:6c:93:c1:ae:00:d7:81:a8:
c7:41:78:d9:7c:62:af:ca:f0:bf:f5:c7:28:c4:90:
cd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F7:09:F2:D6:45:26:8D:91:28:06:BB:41:6E:8F:23:80:11:F2:74
X509v3 Authority Key Identifier:
keyid:29:88:A3:C6:88:E8:EB:1F:EF:06:C3:74:A7:AA:5C:F8:FD:77:8E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYijxojo6x_vBsN0p6pc-P13jg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/wfcJ8tZFJo2RKAa7QW6PI4AR8nQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/KYijxojo6x_vBsN0p6pc-P13jg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.56.40.0/21
46.56.56.0-46.56.127.255
46.216.0.0/16
134.17.0.0-134.17.191.255
134.17.208.0-134.17.239.255
176.60.0.0/16
178.168.128.0/17
185.20.112.0/22
IPv6:
2a02:bf0::/32
Signature Algorithm: sha256WithRSAEncryption
34:86:6c:84:03:b7:a3:d1:5b:f8:a1:85:bb:24:07:09:e5:30:
5d:bc:ca:33:df:71:1a:d2:44:17:c3:6a:69:15:c1:ae:12:de:
34:d5:6f:ca:a2:e4:6b:a3:58:46:ca:ae:a3:be:f7:15:c9:6a:
b9:ed:05:53:a0:1c:c3:18:3a:ba:17:48:ba:a7:1f:74:8b:2f:
85:45:a2:b7:b6:b0:75:7f:23:ff:d7:3d:c3:63:be:07:b0:62:
93:eb:16:e4:71:24:df:8d:94:66:de:a7:ee:57:01:e3:2d:be:
b9:12:16:57:0f:c6:b3:64:0e:30:17:ec:cb:87:ee:20:fd:d9:
da:19:c9:1d:dd:49:b5:72:17:ad:3c:5d:8d:a9:e2:80:40:56:
89:46:5a:82:23:f1:a0:7d:e0:6f:94:13:32:a0:59:a9:87:97:
75:a1:11:e4:c7:97:00:32:a6:5c:67:e3:e4:84:c6:05:eb:f8:
d1:6d:27:d8:92:0a:47:74:7c:6d:26:4b:18:8a:b8:bc:8f:a6:
1a:c9:3b:d7:ac:e5:31:1b:3d:bd:14:21:8a:1f:b2:8b:7d:10:
9e:6f:2d:36:45:ed:a8:fa:04:5a:d4:85:6a:65:30:10:5d:8f:
63:62:17:32:9d:d2:d6:86:f9:2a:64:c8:1e:c9:60:29:8f:41:
c6:eb:06:a7
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYuLI2rsxlmNEdRZ+yehVPajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODhhM2M2ODhlOGViMWZlZjA2YzM3NGE3YWE1Y2Y4ZmQ3
NzhlMGYwHhcNMjMxMTAxMTM0NzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWY3MDlmMmQ2NDUyNjhkOTEyODA2YmI0MTZlOGYyMzgwMTFmMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkfa42G9nrPnbmRKSWGTNBZu+h0E
tez3TkwP0ynurlp1gwtx+g59g0MkGGdnukd2bszWH8vevWHZwvCRGf396IHCXlX/
T/NJQwkmGhlw3usayQXCPQlaveRomiMWc45McaZkYYPBiN9pZ6RK4IrAc+0LRRRn
J5gIeazMlMh6LNEQUmvORYuJm5OkrXSt099waVHQbIBuI7CQ8phPmlm9rHzfA7ui
uySRQqWTb8floRV3uBHRozx4RI6udCIifUfJCbXpRazXMKY42n8r4ucIJlZMWB8n
C0pLjn+9GRSr4eTMsqhtHCXcbJPBrgDXgajHQXjZfGKvyvC/9ccoxJDNIwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFMH3CfLWRSaNkSgGu0FujyOAEfJ0MB8GA1UdIwQY
MBaAFCmIo8aI6Osf7wbDdKeqXPj9d44PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lpanhvam82eF92QnNOMHA2cGMtUDEzamc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85ZjUyZDEtYzk1ZC00NTViLWFmMDgt
Y2VjMGRiYzhkMjQ2LzEvd2ZjSjh0WkZKbzJSS0FhN1FXNlBJNEFSOG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85ZjUyZDEtYzk1ZC00NTViLWFmMDgtY2VjMGRiYzhkMjQ2
LzEvS1lpanhvam82eF92QnNOMHA2cGMtUDEzamc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBLBAIAATBFAwQDLjgoMAwD
BAMuODgDBAcuOAADAwAu2DALAwMAhhEDBAaGEYAwDAMEBIYR0AMEBIYR4AMDALA8
AwQHsqiAAwQCuRRwMA0EAgACMAcDBQAqAgvwMA0GCSqGSIb3DQEBCwUAA4IBAQA0
hmyEA7ej0Vv4oYW7JAcJ5TBdvMoz33Ea0kQXw2ppFcGuEt401W/KouRro1hGyq6j
vvcVyWq57QVToBzDGDq6F0i6px90iy+FRaK3trB1fyP/1z3DY74HsGKT6xbkcSTf
jZRm3qfuVwHjLb65EhZXD8azZA4wF+zLh+4g/dnaGckd3Um1chetPF2NqeKAQFaJ
RlqCI/GgfeBvlBMyoFmph5d1oRHkx5cAMqZcZ+PkhMYF6/jRbSfYkgpHdHxtJksY
iri8j6YayTvXrOUxGz29FCGKH7KLfRCeby02Re2o+gRa1IVqZTAQXY9jYhcyndLW
hvkqZMgeyWApj0HG6wan
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:53 2023 by rpki-client on console.sobornost.net