Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WtA220LcvwsIBJ52UbtPZGqhVI8.roa
File: WtA220LcvwsIBJ52UbtPZGqhVI8.roa (raw, json)
Hash identifier: dPueHRLAJObsvRx5J4LddEFDtqn81Ave1SyO8TZLbMo=
Subject key identifier: 5A:D0:36:DB:42:DC:BF:0B:08:04:9E:76:51:BB:4F:64:6A:A1:54:8F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B9437F1CCF866DCFA1106C74FF52EBFFF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WtA220LcvwsIBJ52UbtPZGqhVI8.roa
Signing time: Fri 03 Nov 2023 08:06:16 +0000
ROA not before: Fri 03 Nov 2023 08:06:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 194.85.250.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:37:f1:cc:f8:66:dc:fa:11:06:c7:4f:f5:2e:bf:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 3 08:06:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ad036db42dcbf0b08049e7651bb4f646aa1548f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7c:7b:d7:77:bb:5e:37:29:2d:c7:e7:27:c4:
1d:92:ab:fb:8b:9f:bd:26:81:56:e5:09:d9:5e:e4:
5e:4f:a9:e3:e6:a2:66:1d:bb:4f:0d:c9:5d:f6:47:
14:a6:2b:92:7c:61:64:45:7e:41:94:65:7d:de:13:
7a:a2:2a:ee:3c:b5:bd:c9:8e:2c:e5:f9:33:2d:8f:
58:8d:3e:0e:f3:3a:18:f6:7f:88:7e:2b:d5:f0:11:
3d:65:a6:d3:72:bf:f3:16:77:a7:2c:1d:dc:62:04:
13:5d:f4:fb:f6:12:58:78:c8:e0:0e:0f:a9:b4:e1:
34:1b:fb:c9:89:a3:41:de:fd:d1:47:cc:72:a9:1c:
13:67:58:24:f8:4a:63:cf:d6:03:dd:15:6f:c3:c5:
a0:32:20:2f:0b:a2:4a:a7:de:88:37:04:ac:e1:53:
55:88:67:f4:fa:72:ae:f3:39:7a:d7:ab:8d:93:67:
2e:11:ba:d7:6b:bc:ff:d4:54:74:73:f6:b4:c8:be:
37:5d:1b:54:20:5b:7e:5f:19:78:68:81:19:7b:69:
d5:81:e9:00:84:68:b5:51:00:79:9d:00:a9:4e:d3:
19:54:95:fc:e5:6f:2b:76:f5:12:bc:09:ef:04:43:
c1:cb:52:ec:93:75:9f:09:95:63:11:e8:cd:64:7a:
bc:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D0:36:DB:42:DC:BF:0B:08:04:9E:76:51:BB:4F:64:6A:A1:54:8F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WtA220LcvwsIBJ52UbtPZGqhVI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.250.0/24
195.133.38.0/23
212.192.245.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:e8:d9:c1:34:ef:40:9b:67:ff:c2:75:02:46:d2:66:06:5b:
95:93:0e:4f:22:be:96:76:3b:8a:d4:29:c3:3f:fb:b0:0f:f2:
91:39:1e:65:00:80:0f:5f:9e:74:42:ab:36:54:99:27:c3:09:
a3:5c:39:e5:1d:c7:4f:89:d2:be:31:1c:c9:cf:0e:30:af:ef:
f8:bc:b0:7f:aa:c6:ee:ad:03:ce:0d:8e:4c:ec:ff:09:c6:d1:
e9:cf:4b:4b:32:bf:3b:22:5f:78:90:7f:a1:c7:45:74:60:a7:
ac:be:0d:02:fc:7a:bd:84:65:97:5c:89:0c:86:19:1f:89:97:
43:e2:0e:ad:ef:71:29:41:11:f3:3a:e3:eb:24:d1:2d:15:0d:
01:f5:e5:97:f8:eb:e3:46:ec:07:21:f9:f9:b1:0b:86:eb:fc:
06:d7:ba:65:bf:14:eb:50:e9:67:57:33:1d:02:42:03:bb:70:
e4:96:a9:29:54:6a:48:f2:e4:e9:db:13:81:79:0a:ca:e1:29:
de:1c:de:7c:46:84:ac:12:45:9b:f3:9e:8f:a8:e6:24:cd:d8:
db:88:d4:9f:bb:e7:4c:e4:f9:c1:7c:b6:4b:2d:38:85:33:fc:
0b:e8:d2:8f:18:6d:69:54:bf:d4:57:a6:c1:d0:f9:a6:da:65:
64:81:18:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuUN/HM+Gbc+hEGx0/1Lr//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTAzMDgwNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWQwMzZkYjQyZGNiZjBiMDgwNDllNzY1MWJiNGY2NDZhYTE1NDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3x713e7XjcpLcfnJ8Qdkqv7i5+9
JoFW5QnZXuReT6nj5qJmHbtPDcld9kcUpiuSfGFkRX5BlGV93hN6oiruPLW9yY4s
5fkzLY9YjT4O8zoY9n+IfivV8BE9ZabTcr/zFnenLB3cYgQTXfT79hJYeMjgDg+p
tOE0G/vJiaNB3v3RR8xyqRwTZ1gk+Epjz9YD3RVvw8WgMiAvC6JKp96INwSs4VNV
iGf0+nKu8zl616uNk2cuEbrXa7z/1FR0c/a0yL43XRtUIFt+Xxl4aIEZe2nVgekA
hGi1UQB5nQCpTtMZVJX85W8rdvUSvAnvBEPBy1Lsk3WfCZVjEejNZHq88wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFrQNttC3L8LCASedlG7T2RqoVSPMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvV3RBMjIwTGN2d3NJQko1MlVidFBaR3FoVkk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlX6AwQB
w4UmAwQA1MD1MA0GCSqGSIb3DQEBCwUAA4IBAQCN6NnBNO9Am2f/wnUCRtJmBluV
kw5PIr6WdjuK1CnDP/uwD/KROR5lAIAPX550Qqs2VJknwwmjXDnlHcdPidK+MRzJ
zw4wr+/4vLB/qsburQPODY5M7P8JxtHpz0tLMr87Il94kH+hx0V0YKesvg0C/Hq9
hGWXXIkMhhkfiZdD4g6t73EpQRHzOuPrJNEtFQ0B9eWX+OvjRuwHIfn5sQuG6/wG
17plvxTrUOlnVzMdAkIDu3DklqkpVGpI8uTp2xOBeQrK4SneHN58RoSsEkWb856P
qOYkzdjbiNSfu+dM5PnBfLZLLTiFM/wL6NKPGG1pVL/UV6bB0Pmm2mVkgRiP
-----END CERTIFICATE-----
Generated at Fri Nov 10 05:57:18 2023 by rpki-client on console-fra.rpki-client.org