Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/WRmVNCJZiSlnR3Oo8n4GOwo77RA.roa
File: WRmVNCJZiSlnR3Oo8n4GOwo77RA.roa (raw, json)
Hash identifier: 7bLo5rKdGWIC6OdgQsUV+qfD/XG1vmNFyAl/pUV/8Z4=
Subject key identifier: 59:19:95:34:22:59:89:29:67:47:73:A8:F2:7E:06:3B:0A:3B:ED:10
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 0186382842C5870A77B28FA9C0D8BBD13302
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/WRmVNCJZiSlnR3Oo8n4GOwo77RA.roa
Signing time: Thu 09 Feb 2023 21:50:08 +0000
ROA not before: Thu 09 Feb 2023 21:50:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211043
IP address blocks: 85.203.52.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:38:28:42:c5:87:0a:77:b2:8f:a9:c0:d8:bb:d1:33:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Feb 9 21:50:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5919953422598929674773a8f27e063b0a3bed10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0f:39:e9:e1:e2:ca:40:3a:5e:28:28:14:3c:
71:d7:80:e6:99:f2:47:0d:10:58:06:dc:a5:c9:45:
a0:8a:79:1a:60:e0:cd:0e:61:0f:19:c1:dd:7e:17:
b8:69:e3:35:24:ef:a1:ff:03:f2:0d:12:c4:bc:e8:
25:2a:48:ca:8a:6a:74:87:9b:f2:68:88:08:02:a6:
20:2d:58:8b:0a:d6:e6:d7:7c:b3:e2:6a:b8:8c:0a:
9e:63:16:ce:18:44:d1:d0:95:fc:21:2d:bf:1b:83:
7f:38:fe:6c:a4:71:39:4d:a1:3e:7d:fd:77:ed:de:
ac:92:11:29:09:94:aa:a1:96:73:bc:16:cf:ab:6c:
ad:48:c9:20:54:f3:b4:00:ed:52:27:7d:3b:c5:00:
17:ef:ed:57:91:1f:b7:aa:6c:19:43:f8:cd:c4:a0:
9a:29:0c:10:f0:6a:65:91:8e:c9:39:c9:3c:45:81:
fe:dc:da:38:10:44:79:14:82:f3:18:c4:07:c9:b6:
2f:ec:69:56:51:5a:2e:ee:19:ce:6f:33:c5:1f:17:
a0:48:4b:4b:4f:a9:8d:2e:39:ac:2f:2d:82:6a:57:
2d:ca:97:38:a7:b0:e8:2e:27:48:b3:42:61:f2:ea:
6a:54:76:ff:f6:14:b2:2b:9f:c0:0d:1e:4b:93:06:
79:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:19:95:34:22:59:89:29:67:47:73:A8:F2:7E:06:3B:0A:3B:ED:10
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/WRmVNCJZiSlnR3Oo8n4GOwo77RA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.52.0/24
Signature Algorithm: sha256WithRSAEncryption
07:96:6c:9a:ad:c5:91:88:cc:d4:ef:d8:3b:c9:b4:6f:45:35:
13:f1:6e:d9:c8:da:35:f3:26:c9:78:f3:06:0f:6a:30:2b:a5:
ec:f3:20:5f:27:f0:3d:73:f8:07:93:60:cc:a7:3b:78:c2:d1:
b0:05:43:11:82:6f:c9:8d:cd:ac:d2:2d:1f:c7:d9:7f:a0:d5:
37:25:73:11:eb:eb:be:70:cd:c7:2d:95:28:d9:ee:e7:fe:26:
cf:b1:08:1f:04:9c:88:e4:29:a1:a2:65:f9:ef:98:5c:28:57:
e4:92:c1:dd:2c:bf:56:ef:16:6f:a2:07:92:ac:bd:45:1e:e8:
24:b3:dd:8f:ec:cf:07:50:fa:cc:21:b3:9a:7b:25:97:d9:9a:
88:a3:51:75:27:0c:c5:4f:46:cb:95:ce:9c:94:4e:3f:90:eb:
28:88:b8:59:15:66:39:b9:9d:db:cb:e9:d7:41:c4:8e:80:c9:
db:9c:37:1b:8e:bf:8a:00:a6:99:07:76:3a:f0:fa:6d:c0:d1:
ab:f6:fd:c5:37:97:b8:e0:c3:5c:27:88:9a:12:93:3f:ef:2e:
da:ed:1e:e1:c5:03:38:81:31:2b:df:79:04:0c:63:e1:91:01:
2b:a8:4c:9d:7d:9e:e8:71:1b:e9:2a:d5:16:7b:a0:89:07:0e:
29:3d:39:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY4KELFhwp3so+pwNi70TMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjMwMjA5MjE1MDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTE5OTUzNDIyNTk4OTI5Njc0NzczYThmMjdlMDYzYjBhM2JlZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwg856eHiykA6XigoFDxx14DmmfJH
DRBYBtylyUWginkaYODNDmEPGcHdfhe4aeM1JO+h/wPyDRLEvOglKkjKimp0h5vy
aIgIAqYgLViLCtbm13yz4mq4jAqeYxbOGETR0JX8IS2/G4N/OP5spHE5TaE+ff13
7d6skhEpCZSqoZZzvBbPq2ytSMkgVPO0AO1SJ307xQAX7+1XkR+3qmwZQ/jNxKCa
KQwQ8GplkY7JOck8RYH+3No4EER5FILzGMQHybYv7GlWUVou7hnObzPFHxegSEtL
T6mNLjmsLy2Calctypc4p7DoLidIs0Jh8upqVHb/9hSyK5/ADR5LkwZ53wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFkZlTQiWYkpZ0dzqPJ+BjsKO+0QMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvV1JtVk5DSlppU2xuUjNPbzhuNEdPd283N1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcs0MA0G
CSqGSIb3DQEBCwUAA4IBAQAHlmyarcWRiMzU79g7ybRvRTUT8W7ZyNo18ybJePMG
D2owK6Xs8yBfJ/A9c/gHk2DMpzt4wtGwBUMRgm/Jjc2s0i0fx9l/oNU3JXMR6+u+
cM3HLZUo2e7n/ibPsQgfBJyI5CmhomX575hcKFfkksHdLL9W7xZvogeSrL1FHugk
s92P7M8HUPrMIbOaeyWX2ZqIo1F1JwzFT0bLlc6clE4/kOsoiLhZFWY5uZ3by+nX
QcSOgMnbnDcbjr+KAKaZB3Y68PptwNGr9v3FN5e44MNcJ4iaEpM/7y7a7R7hxQM4
gTEr33kEDGPhkQErqEydfZ7ocRvpKtUWe6CJBw4pPTmL
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:15 2024 by rpki-client on console-fra.rpki-client.org