Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WhSh_14i-Tij55hYxTFqyrAsmk8.roa
File: WhSh_14i-Tij55hYxTFqyrAsmk8.roa (raw, json)
Hash identifier: pdHSkCQMk6xY/A3b9/QVtOnQx401SYyWywZCE+CXEf8=
Subject key identifier: 5A:14:A1:FF:5E:22:F9:38:A3:E7:98:58:C5:31:6A:CA:B0:2C:9A:4F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188BA12CEDA30BE657F47274D56F34EC6E5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WhSh_14i-Tij55hYxTFqyrAsmk8.roa
Signing time: Wed 14 Jun 2023 13:22:54 +0000
ROA not before: Wed 14 Jun 2023 13:22:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 195.133.29.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ba:12:ce:da:30:be:65:7f:47:27:4d:56:f3:4e:c6:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 14 13:22:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a14a1ff5e22f938a3e79858c5316acab02c9a4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:58:b3:96:d1:a3:3d:a5:cf:76:80:cc:db:18:
b9:95:6b:44:fb:ff:de:f3:e5:9d:15:d9:72:bc:23:
22:53:f5:c9:18:09:41:f0:89:df:85:1a:07:71:87:
82:cb:97:af:07:76:3e:38:e8:16:cb:2e:d8:06:92:
8a:e1:a4:77:01:6f:10:01:be:61:92:45:b8:82:7e:
58:f6:ad:89:d6:fe:a6:00:75:b7:37:10:c3:9f:11:
5d:f8:d1:92:26:79:03:8b:3a:3e:6e:10:db:3e:97:
38:e7:28:7a:47:75:24:e9:96:33:35:7a:fe:14:61:
1e:fe:55:56:99:fa:6c:eb:18:f2:22:0b:b9:43:cf:
1c:14:2f:c1:44:00:68:da:fa:df:29:be:89:5a:5a:
fc:8e:f4:6b:3f:76:57:1d:b7:17:2d:0b:b7:62:9e:
5f:cb:b7:78:7b:bc:13:bb:85:b3:34:32:0d:25:c9:
16:20:a9:a8:ce:f9:27:4b:0a:55:80:ed:9b:82:d8:
1e:c6:f2:bd:d6:47:25:2c:e5:f2:cb:b7:b5:7c:6e:
18:66:1c:1f:2b:f1:21:59:8a:ee:41:ab:ba:6c:dd:
ca:d4:2a:de:a4:7e:69:c1:bd:56:24:a5:21:6e:1a:
72:e1:b6:89:14:37:48:c2:77:dc:0b:7c:4f:a4:6c:
27:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:14:A1:FF:5E:22:F9:38:A3:E7:98:58:C5:31:6A:CA:B0:2C:9A:4F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WhSh_14i-Tij55hYxTFqyrAsmk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.91.0/24
193.124.95.0/24
195.58.55.0/24
195.133.29.0/24
Signature Algorithm: sha256WithRSAEncryption
63:cc:53:8a:8f:a7:d3:30:f1:c9:71:f5:1c:eb:1f:07:e8:d6:
2e:a8:f7:38:7f:1a:dc:e8:cb:06:19:d1:7e:bb:cb:0e:4c:77:
47:44:3f:4c:c3:af:b3:7e:61:7d:f3:a2:cd:86:5a:6e:27:b6:
f3:e3:1c:16:43:a5:a0:02:88:e4:5e:0e:60:0f:f6:d0:29:34:
62:4e:81:a5:7d:f9:c8:33:b8:21:ee:80:8e:d3:0d:98:16:c1:
c2:c7:37:7e:0d:1a:40:dd:5d:76:50:a2:e5:7e:d7:21:19:01:
23:4d:66:d1:3c:d4:f0:7a:e2:63:76:a1:11:8c:85:63:f1:86:
52:c4:37:c9:ba:77:61:c0:97:89:d6:18:a9:65:2e:71:d4:05:
89:e1:8c:f1:42:f0:89:89:e0:70:6d:ec:d5:b7:ba:f5:5c:fd:
6e:47:3a:22:33:1c:2a:21:76:f3:89:71:36:1c:5b:05:03:53:
14:43:2d:d3:b9:19:dd:10:3e:46:b5:a0:63:d7:f2:dd:de:65:
e6:cf:1a:17:5e:be:cd:20:ea:99:9b:2f:e9:17:f2:ad:c4:22:
e3:bc:4f:bc:cd:c6:41:3a:6a:a3:36:04:dc:fb:b6:81:f1:3c:
1a:1a:b6:bc:e7:02:4f:7a:34:e1:10:59:a1:0f:9d:f9:4e:2e:
a9:70:44:3a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYi6Es7aML5lf0cnTVbzTsblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjE0MTMyMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTE0YTFmZjVlMjJmOTM4YTNlNzk4NThjNTMxNmFjYWIwMmM5YTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVizltGjPaXPdoDM2xi5lWtE+//e
8+WdFdlyvCMiU/XJGAlB8InfhRoHcYeCy5evB3Y+OOgWyy7YBpKK4aR3AW8QAb5h
kkW4gn5Y9q2J1v6mAHW3NxDDnxFd+NGSJnkDizo+bhDbPpc45yh6R3Uk6ZYzNXr+
FGEe/lVWmfps6xjyIgu5Q88cFC/BRABo2vrfKb6JWlr8jvRrP3ZXHbcXLQu3Yp5f
y7d4e7wTu4WzNDINJckWIKmozvknSwpVgO2bgtgexvK91kclLOXyy7e1fG4YZhwf
K/EhWYruQau6bN3K1CrepH5pwb1WJKUhbhpy4baJFDdIwnfcC3xPpGwnmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFoUof9eIvk4o+eYWMUxasqwLJpPMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvV2hTaF8xNGktVGlqNTVoWXhURnF5ckFzbWs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXxbAwQA
wXxfAwQAwzo3AwQAw4UdMA0GCSqGSIb3DQEBCwUAA4IBAQBjzFOKj6fTMPHJcfUc
6x8H6NYuqPc4fxrc6MsGGdF+u8sOTHdHRD9Mw6+zfmF986LNhlpuJ7bz4xwWQ6Wg
AojkXg5gD/bQKTRiToGlffnIM7gh7oCO0w2YFsHCxzd+DRpA3V12UKLlftchGQEj
TWbRPNTweuJjdqERjIVj8YZSxDfJundhwJeJ1hipZS5x1AWJ4YzxQvCJieBwbezV
t7r1XP1uRzoiMxwqIXbziXE2HFsFA1MUQy3TuRndED5GtaBj1/Ld3mXmzxoXXr7N
IOqZmy/pF/KtxCLjvE+8zcZBOmqjNgTc+7aB8TwaGra85wJPejThEFmhD535Ti6p
cEQ6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:05 2023 by rpki-client on console-fra.rpki-client.org