Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/W655CngWv57gc2TiXqJQBreqOpE.roa
File: W655CngWv57gc2TiXqJQBreqOpE.roa (raw, json)
Hash identifier: hKx02+O/Rg2wWFAGR0oJrxSd5fwak6dUQoemfsaNaxQ=
Subject key identifier: 5B:AE:79:0A:78:16:BF:9E:E0:73:64:E2:5E:A2:50:06:B7:AA:3A:91
Certificate issuer: /CN=2a1e65f8083c859bcd0d2c52a1e061eb5131f5f1
Certificate serial: 01856E2F91BBC9F515688CFA991B7B9B748F
Authority key identifier: 2A:1E:65:F8:08:3C:85:9B:CD:0D:2C:52:A1:E0:61:EB:51:31:F5:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/W655CngWv57gc2TiXqJQBreqOpE.roa
Signing time: Sun 01 Jan 2023 16:34:49 +0000
ROA not before: Sun 01 Jan 2023 16:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207934
IP address blocks: 185.156.96.0/22 maxlen: 24
2a03:300::/29 maxlen: 48
Validation: Failed, certificate revoked on Sun 21 May 2023 21:24:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:91:bb:c9:f5:15:68:8c:fa:99:1b:7b:9b:74:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a1e65f8083c859bcd0d2c52a1e061eb5131f5f1
Validity
Not Before: Jan 1 16:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bae790a7816bf9ee07364e25ea25006b7aa3a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:3e:c8:ee:33:b2:a8:09:21:23:7f:ab:9a:3d:
13:83:e6:18:e8:e3:2e:e8:28:38:62:6f:cb:58:3a:
57:0d:73:4a:bc:b8:2e:74:cf:fe:6d:08:de:1d:e9:
b8:7e:61:3d:ff:e2:e5:11:06:2c:85:60:88:17:25:
3d:e6:26:7a:42:49:0f:b5:bc:58:86:9c:88:38:e5:
05:17:9a:62:88:94:16:73:f5:cd:ad:23:4d:3b:1f:
99:a4:21:6b:cc:14:d1:89:90:45:cf:86:e5:36:d3:
87:fe:b6:2e:d2:42:27:76:c8:a8:d2:a1:97:e8:65:
62:ee:ae:15:4d:66:74:37:06:60:ad:71:fd:77:95:
42:cd:92:82:0d:a5:a0:f6:cf:7e:ca:58:fa:da:cd:
6f:8f:ce:c6:72:77:f1:95:93:bc:b7:e6:9f:7c:c9:
13:64:3c:5a:0c:70:1e:3b:ae:56:fe:10:e0:c8:f7:
1a:e1:60:c6:19:b4:72:43:4f:cc:83:e4:3d:c7:0c:
eb:1f:b4:1d:09:78:32:8d:d0:49:31:45:88:97:ad:
ab:6e:b0:2b:c9:df:ee:66:45:eb:9e:9f:3f:98:64:
73:48:15:e5:7f:aa:70:ca:cf:12:23:bf:90:78:89:
a5:2c:6e:d5:ee:63:4c:c0:d8:d2:60:7c:4c:38:e1:
de:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:AE:79:0A:78:16:BF:9E:E0:73:64:E2:5E:A2:50:06:B7:AA:3A:91
X509v3 Authority Key Identifier:
keyid:2A:1E:65:F8:08:3C:85:9B:CD:0D:2C:52:A1:E0:61:EB:51:31:F5:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/W655CngWv57gc2TiXqJQBreqOpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.96.0/22
IPv6:
2a03:300::/29
Signature Algorithm: sha256WithRSAEncryption
8d:97:77:c3:ad:dc:84:83:80:6c:02:e5:2b:99:c8:3b:14:51:
6e:95:5b:d4:f8:5c:1a:b5:13:28:3f:2a:6f:79:97:ea:38:ca:
ea:24:30:25:63:6d:e2:82:8f:f9:2e:f8:0c:37:c7:24:c5:c2:
6d:e5:46:8c:95:f7:02:5a:ec:fe:27:64:08:48:2e:3e:4f:c4:
16:65:1c:b1:f2:fc:a2:97:df:f7:08:c1:66:ff:04:8e:1e:3f:
a9:b5:62:5a:22:02:4c:f8:f4:6d:50:e7:9a:ab:11:b5:3b:95:
95:fb:a9:4a:38:3b:0e:97:75:8d:9b:f9:f9:f1:9d:90:3f:67:
fe:f3:c8:b6:cc:d7:16:53:c9:92:98:b5:16:56:4c:36:94:28:
8e:a9:98:93:15:ac:1d:6a:4b:25:37:c2:d2:3d:cb:17:50:5c:
2c:ec:f0:8c:05:94:66:4b:bc:5b:31:23:a5:7a:93:1c:24:b5:
df:36:11:6e:a4:e3:15:96:5b:c3:26:cf:cc:79:81:bd:e8:18:
56:4e:fe:e8:be:54:b1:02:81:3f:8a:9b:98:3c:db:63:91:58:
51:de:4d:3d:fa:b5:c1:18:67:b1:6e:24:63:2a:be:31:fe:91:
ef:e5:f5:01:c5:a6:e6:5d:d2:9e:5d:28:71:73:df:eb:18:dc:
80:c0:f0:98
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuL5G7yfUVaIz6mRt7m3SPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMWU2NWY4MDgzYzg1OWJjZDBkMmM1MmExZTA2MWViNTEz
MWY1ZjEwHhcNMjMwMTAxMTYzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmFlNzkwYTc4MTZiZjllZTA3MzY0ZTI1ZWEyNTAwNmI3YWEzYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhT7I7jOyqAkhI3+rmj0Tg+YY6OMu
6Cg4Ym/LWDpXDXNKvLgudM/+bQjeHem4fmE9/+LlEQYshWCIFyU95iZ6QkkPtbxY
hpyIOOUFF5piiJQWc/XNrSNNOx+ZpCFrzBTRiZBFz4blNtOH/rYu0kIndsio0qGX
6GVi7q4VTWZ0NwZgrXH9d5VCzZKCDaWg9s9+ylj62s1vj87GcnfxlZO8t+affMkT
ZDxaDHAeO65W/hDgyPca4WDGGbRyQ0/Mg+Q9xwzrH7QdCXgyjdBJMUWIl62rbrAr
yd/uZkXrnp8/mGRzSBXlf6pwys8SI7+QeImlLG7V7mNMwNjSYHxMOOHeVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFuueQp4Fr+e4HNk4l6iUAa3qjqRMB8GA1UdIwQY
MBaAFCoeZfgIPIWbzQ0sUqHgYetRMfXxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2g1bC1BZzhoWnZORFN4U29lQmg2MUV4OWZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9kMDk3YmYtYjBmNS00M2UxLTg2YTIt
Y2ZiOGRhNTQ5MDY3LzEvVzY1NUNuZ1d2NTdnYzJUaVhxSlFCcmVxT3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9kMDk3YmYtYjBmNS00M2UxLTg2YTItY2ZiOGRhNTQ5MDY3
LzEvS2g1bC1BZzhoWnZORFN4U29lQmg2MUV4OWZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZxgMA0E
AgACMAcDBQMqAwMAMA0GCSqGSIb3DQEBCwUAA4IBAQCNl3fDrdyEg4BsAuUrmcg7
FFFulVvU+FwatRMoPypveZfqOMrqJDAlY23igo/5LvgMN8ckxcJt5UaMlfcCWuz+
J2QISC4+T8QWZRyx8vyil9/3CMFm/wSOHj+ptWJaIgJM+PRtUOeaqxG1O5WV+6lK
ODsOl3WNm/n58Z2QP2f+88i2zNcWU8mSmLUWVkw2lCiOqZiTFawdakslN8LSPcsX
UFws7PCMBZRmS7xbMSOlepMcJLXfNhFupOMVllvDJs/MeYG96BhWTv7ovlSxAoE/
ipuYPNtjkVhR3k09+rXBGGexbiRjKr4x/pHv5fUBxabmXdKeXShxc9/rGNyAwPCY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:23 2024 by rpki-client on console-fra.rpki-client.org