Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/w6e5TKqJgGSy4z0CL9b_WiollWk.roa
File: w6e5TKqJgGSy4z0CL9b_WiollWk.roa (raw, json)
Hash identifier: mUUKzN3SwaL+UMU2qLDOIoj1hQ86y+L6JI4SC9tL/ao=
Subject key identifier: C3:A7:B9:4C:AA:89:80:64:B2:E3:3D:02:2F:D6:FF:5A:2A:25:95:69
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187B91129D23A19535CABC4A87CBD13DD25
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/w6e5TKqJgGSy4z0CL9b_WiollWk.roa
Signing time: Tue 25 Apr 2023 15:38:42 +0000
ROA not before: Tue 25 Apr 2023 15:38:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210974
IP address blocks: 212.192.2.0/24 maxlen: 24
212.192.3.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Aug 2023 07:19:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b9:11:29:d2:3a:19:53:5c:ab:c4:a8:7c:bd:13:dd:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 25 15:38:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3a7b94caa898064b2e33d022fd6ff5a2a259569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0b:5b:1b:3a:00:c8:e3:1e:0f:f0:17:1a:03:
13:cc:80:82:85:86:be:59:c3:b8:ab:6a:e3:8a:25:
53:00:a4:59:87:01:c8:7a:dc:bc:af:dc:27:74:a9:
ab:c3:36:25:e5:5b:6e:03:8e:7c:4f:8c:01:13:fe:
da:e2:0a:71:6e:ff:87:08:68:ea:d7:b9:ef:3f:14:
7b:ac:6a:11:dc:c1:32:44:50:39:93:48:a4:68:f2:
ed:6a:fe:b9:da:9c:be:fe:59:91:02:58:5f:ae:37:
2d:f2:bd:d0:2f:26:28:34:31:61:8a:e4:9c:66:da:
e8:01:be:0a:05:75:5a:2c:91:f2:bb:63:e5:1e:c8:
c4:d5:a1:90:60:8a:ce:9b:c6:29:48:e8:e5:14:65:
ff:a2:bb:d9:f6:70:6f:3b:82:a9:7f:42:6d:a1:81:
09:2c:5c:a7:f0:97:b7:02:5a:40:a4:45:69:79:27:
c2:64:80:6c:76:50:77:62:a1:f3:ab:5c:e2:ac:08:
63:f7:8b:9d:bf:3a:c0:22:9a:d7:f0:79:75:81:28:
6f:f9:9d:b2:c2:22:ad:74:2c:13:b7:b4:fa:64:4c:
cc:8c:62:79:12:0c:12:3d:a8:56:4e:c2:a7:94:f8:
06:e7:ea:e0:1f:f4:d3:e9:8a:e4:e3:d9:5a:9c:54:
c6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:A7:B9:4C:AA:89:80:64:B2:E3:3D:02:2F:D6:FF:5A:2A:25:95:69
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/w6e5TKqJgGSy4z0CL9b_WiollWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.60.0/24
212.192.2.0/23
212.192.11.0/24
212.193.8.0/24
Signature Algorithm: sha256WithRSAEncryption
89:3f:d8:14:e2:f3:a3:6a:f2:76:2c:d7:31:9a:32:51:f2:f1:
a5:fa:5d:1b:f8:c5:fb:de:55:54:34:67:8a:3b:01:dc:ec:c9:
ed:c2:3e:dd:17:6c:fa:4a:c7:92:2d:01:58:20:5a:87:8f:53:
54:b6:a1:09:80:b4:83:4f:c3:67:6e:fd:32:af:98:e0:45:eb:
59:04:9c:83:bb:b2:0f:aa:c0:bf:d7:ce:9f:1f:2f:94:ee:93:
bf:8b:7d:1a:c2:e8:1f:75:60:d6:6e:f6:78:4a:30:c9:45:62:
9a:d9:c2:71:db:ba:73:a5:6b:3b:89:46:f3:87:01:30:89:50:
71:45:76:b2:4d:b8:75:b2:a0:04:10:1a:dd:59:57:4f:b5:a3:
32:3d:e5:ec:fe:d9:1e:88:49:3f:9c:51:c6:08:69:22:e7:67:
50:13:9d:e5:87:e6:5f:95:d3:49:7f:3f:88:11:02:f5:21:66:
b7:98:a1:82:2d:c0:98:24:6f:17:c7:64:5d:c9:39:08:9e:6a:
c9:02:0f:56:88:43:dd:a2:9d:b8:53:fc:b6:a5:e5:ed:32:78:
80:00:f1:1a:a0:9a:4f:d7:8e:c9:1d:05:c5:8c:a1:7d:80:7b:
a9:e9:1c:1b:85:b0:1f:b1:13:4a:72:36:21:c1:9c:84:b2:de:
a7:40:f9:df
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYe5ESnSOhlTXKvEqHy9E90lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDI1MTUzODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2E3Yjk0Y2FhODk4MDY0YjJlMzNkMDIyZmQ2ZmY1YTJhMjU5NTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQtbGzoAyOMeD/AXGgMTzICChYa+
WcO4q2rjiiVTAKRZhwHIety8r9wndKmrwzYl5VtuA458T4wBE/7a4gpxbv+HCGjq
17nvPxR7rGoR3MEyRFA5k0ikaPLtav652py+/lmRAlhfrjct8r3QLyYoNDFhiuSc
ZtroAb4KBXVaLJHyu2PlHsjE1aGQYIrOm8YpSOjlFGX/orvZ9nBvO4Kpf0JtoYEJ
LFyn8Je3AlpApEVpeSfCZIBsdlB3YqHzq1zirAhj94udvzrAIprX8Hl1gShv+Z2y
wiKtdCwTt7T6ZEzMjGJ5EgwSPahWTsKnlPgG5+rgH/TT6Yrk49lanFTGYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMOnuUyqiYBksuM9Ai/W/1oqJZVpMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdzZlNVRLcUpnR1N5NHowQ0w5Yl9XaW9sbFdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwzo8AwQB
1MACAwQA1MALAwQA1MEIMA0GCSqGSIb3DQEBCwUAA4IBAQCJP9gU4vOjavJ2LNcx
mjJR8vGl+l0b+MX73lVUNGeKOwHc7Mntwj7dF2z6SseSLQFYIFqHj1NUtqEJgLSD
T8Nnbv0yr5jgRetZBJyDu7IPqsC/186fHy+U7pO/i30awugfdWDWbvZ4SjDJRWKa
2cJx27pzpWs7iUbzhwEwiVBxRXayTbh1sqAEEBrdWVdPtaMyPeXs/tkeiEk/nFHG
CGki52dQE53lh+ZfldNJfz+IEQL1IWa3mKGCLcCYJG8Xx2RdyTkInmrJAg9WiEPd
op24U/y2peXtMniAAPEaoJpP147JHQXFjKF9gHup6RwbhbAfsRNKcjYhwZyEst6n
QPnf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:50 2024 by rpki-client on console-ams.rpki-client.org