Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969c12-5263-4026-bfcd-0890b8051d85/1/WJc5z7yV_b0C5P2rwsFhSHmlX_g.roa
File: WJc5z7yV_b0C5P2rwsFhSHmlX_g.roa (raw, json)
Hash identifier: rm9dM9IjipBeGAJSbECvzwEdBcD9qXe0JTn+cNre8l8=
Subject key identifier: 58:97:39:CF:BC:95:FD:BD:02:E4:FD:AB:C2:C1:61:48:79:A5:5F:F8
Certificate issuer: /CN=f9c4acc67a4b0013557a74ece6641f4f9475ff2d
Certificate serial: 01856FA6E24D1EAB63360502C5A9755E2946
Authority key identifier: F9:C4:AC:C6:7A:4B:00:13:55:7A:74:EC:E6:64:1F:4F:94:75:FF:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-cSsxnpLABNVenTs5mQfT5R1_y0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969c12-5263-4026-bfcd-0890b8051d85/1/WJc5z7yV_b0C5P2rwsFhSHmlX_g.roa
Signing time: Sun 01 Jan 2023 23:24:45 +0000
ROA not before: Sun 01 Jan 2023 23:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62099
IP address blocks: 185.47.220.0/22 maxlen: 22
185.91.168.0/22 maxlen: 22
2a01:9420::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:e2:4d:1e:ab:63:36:05:02:c5:a9:75:5e:29:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9c4acc67a4b0013557a74ece6641f4f9475ff2d
Validity
Not Before: Jan 1 23:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=589739cfbc95fdbd02e4fdabc2c1614879a55ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:66:8a:be:db:82:c7:87:5d:31:92:3c:39:89:
50:85:57:a8:36:a7:61:da:49:12:31:d3:68:a4:ac:
eb:5f:c4:59:92:91:cc:75:a2:e2:fc:15:71:8e:e7:
f4:6f:a0:92:32:15:e3:96:df:72:9f:77:a8:02:48:
2d:91:89:22:ad:ec:e5:ab:b7:e8:99:2a:75:e1:b6:
1c:97:0c:3d:31:04:7f:72:eb:0c:d7:bf:68:d9:9c:
de:cf:ab:18:0f:8d:ae:96:39:ee:59:61:c0:34:a4:
3b:2d:79:b1:c6:b6:cf:f8:68:c0:5b:68:b9:6c:d4:
30:f9:45:49:4f:58:e1:86:73:ee:96:19:0a:fd:c1:
c9:2e:67:80:9d:cf:31:bb:11:de:20:89:be:03:ce:
1c:1b:aa:99:5c:86:7b:27:64:d3:58:3d:31:78:a8:
e5:cc:de:8a:10:f2:05:03:91:be:7a:7e:70:7a:83:
40:bc:da:83:b7:8c:cf:ae:92:0f:8a:e7:71:bf:5b:
39:49:ad:cc:14:a8:1a:b1:b5:36:ab:e8:1f:f5:69:
1c:2e:1b:30:53:02:c1:b2:c7:53:53:cd:d6:ad:74:
5c:09:47:9f:40:c0:cc:75:08:83:c0:58:4c:57:66:
b0:1e:e2:63:e0:77:22:f1:a2:20:f0:85:e8:77:b8:
a9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:97:39:CF:BC:95:FD:BD:02:E4:FD:AB:C2:C1:61:48:79:A5:5F:F8
X509v3 Authority Key Identifier:
keyid:F9:C4:AC:C6:7A:4B:00:13:55:7A:74:EC:E6:64:1F:4F:94:75:FF:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-cSsxnpLABNVenTs5mQfT5R1_y0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969c12-5263-4026-bfcd-0890b8051d85/1/WJc5z7yV_b0C5P2rwsFhSHmlX_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969c12-5263-4026-bfcd-0890b8051d85/1/1-cSsxnpLABNVenTs5mQfT5R1_y0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.220.0/22
185.91.168.0/22
IPv6:
2a01:9420::/32
Signature Algorithm: sha256WithRSAEncryption
85:d3:f2:74:75:67:c2:3f:d6:d7:52:6d:bc:49:55:2d:23:c0:
6a:29:d2:b3:d6:f8:8d:cb:d8:03:5a:25:a0:ce:ac:b8:a6:74:
24:ff:b8:c9:6a:33:85:66:cb:86:fa:d5:f0:c5:d5:a3:b3:99:
44:bd:a1:15:8f:ab:c2:7c:13:30:ef:52:f0:f6:cb:69:92:fb:
87:50:a4:2f:52:b1:55:fa:a2:bb:f4:17:14:87:7c:c9:b2:7b:
5b:e7:d0:6e:88:7a:27:40:5b:02:94:18:55:36:36:d2:4c:30:
cd:a0:fb:d2:07:24:52:0d:9a:4e:52:d2:5c:e6:43:14:58:f9:
4e:6c:66:f5:20:b5:d9:0a:3f:1f:b3:54:61:a6:1f:01:cd:33:
1e:69:b3:f3:d3:6b:f0:ff:cf:88:5c:5f:83:95:a3:a0:0b:e6:
4f:fe:e8:07:1b:ec:32:73:21:df:83:bb:02:a8:fc:1c:e9:19:
e1:f0:ee:63:f3:06:f4:2f:b6:9d:0f:e4:90:8b:ba:0f:79:f4:
71:72:60:2e:e6:9f:e8:de:c5:e8:69:4e:ef:ac:5c:b3:2a:b0:
f8:1b:70:e0:21:15:40:48:17:2b:be:45:db:85:2a:53:69:4b:
bf:f9:d1:ef:a7:29:e9:4d:c5:e9:28:25:7a:91:b6:0f:99:99:
fe:6d:e4:59
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvpuJNHqtjNgUCxal1XilGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5YzRhY2M2N2E0YjAwMTM1NTdhNzRlY2U2NjQxZjRmOTQ3
NWZmMmQwHhcNMjMwMTAxMjMyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODk3MzljZmJjOTVmZGJkMDJlNGZkYWJjMmMxNjE0ODc5YTU1ZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WaKvtuCx4ddMZI8OYlQhVeoNqdh
2kkSMdNopKzrX8RZkpHMdaLi/BVxjuf0b6CSMhXjlt9yn3eoAkgtkYkirezlq7fo
mSp14bYclww9MQR/cusM179o2Zzez6sYD42uljnuWWHANKQ7LXmxxrbP+GjAW2i5
bNQw+UVJT1jhhnPulhkK/cHJLmeAnc8xuxHeIIm+A84cG6qZXIZ7J2TTWD0xeKjl
zN6KEPIFA5G+en5weoNAvNqDt4zPrpIPiudxv1s5Sa3MFKgasbU2q+gf9WkcLhsw
UwLBssdTU83WrXRcCUefQMDMdQiDwFhMV2awHuJj4Hci8aIg8IXod7ipCwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFiXOc+8lf29AuT9q8LBYUh5pV/4MB8GA1UdIwQY
MBaAFPnErMZ6SwATVXp07OZkH0+Udf8tMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1jU3N4bnBMQUJOVmVuVHM1bVFmVDVSMV95MC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2EvOTY5YzEyLTUyNjMtNDAyNi1iZmNk
LTA4OTBiODA1MWQ4NS8xL1dKYzV6N3lWX2IwQzVQMnJ3c0ZoU0htbFhfZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2EvOTY5YzEyLTUyNjMtNDAyNi1iZmNkLTA4OTBiODA1MWQ4
NS8xLzEtY1NzeG5wTEFCTlZlblRzNW1RZlQ1UjFfeTAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAK5L9wD
BAK5W6gwDQQCAAIwBwMFACoBlCAwDQYJKoZIhvcNAQELBQADggEBAIXT8nR1Z8I/
1tdSbbxJVS0jwGop0rPW+I3L2ANaJaDOrLimdCT/uMlqM4Vmy4b61fDF1aOzmUS9
oRWPq8J8EzDvUvD2y2mS+4dQpC9SsVX6orv0FxSHfMmye1vn0G6IeidAWwKUGFU2
NtJMMM2g+9IHJFINmk5S0lzmQxRY+U5sZvUgtdkKPx+zVGGmHwHNMx5ps/PTa/D/
z4hcX4OVo6AL5k/+6Acb7DJzId+DuwKo/BzpGeHw7mPzBvQvtp0P5JCLug959HFy
YC7mn+jexehpTu+sXLMqsPgbcOAhFUBIFyu+RduFKlNpS7/50e+nKelNxekoJXqR
tg+Zmf5t5Fk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:56 2024 by rpki-client on console-fra.rpki-client.org