Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/WjeZzxkqEluBGefieW-f-2IySV4.roa
File: WjeZzxkqEluBGefieW-f-2IySV4.roa (raw, json)
Hash identifier: gv/0Y5KKbzIslifnZ5vB9gdPXrCETKW61BHWZUCD9AA=
Subject key identifier: 5A:37:99:CF:19:2A:12:5B:81:19:E7:E2:79:6F:9F:FB:62:32:49:5E
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018C72CB77AE39F5157EB0D89969D1E18265
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/WjeZzxkqEluBGefieW-f-2IySV4.roa
Signing time: Sat 16 Dec 2023 13:23:06 +0000
ROA not before: Sat 16 Dec 2023 13:23:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a0c:9a40:8060::/44 maxlen: 44
2a0c:9a40:9c20::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:72:cb:77:ae:39:f5:15:7e:b0:d8:99:69:d1:e1:82:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Dec 16 13:23:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a3799cf192a125b8119e7e2796f9ffb6232495e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:93:ff:a9:ab:6b:0d:8c:ba:fa:e3:9a:f4:6b:
72:e6:db:d0:90:4e:94:bf:2e:96:cb:47:24:d6:13:
7a:3f:d4:a1:c5:fc:40:77:1c:fe:c8:f3:d4:b7:b8:
46:cd:31:67:20:eb:55:53:12:be:0e:33:d0:a8:19:
10:b0:29:a2:84:f2:f8:c9:5d:24:ca:50:33:f6:00:
c7:38:2e:30:d9:3f:75:54:47:91:53:10:b6:24:4b:
72:41:4e:a7:dc:06:38:4e:36:29:3f:c7:41:c6:ba:
e7:22:2e:82:7d:07:b4:09:90:7e:77:7b:5c:5f:33:
31:10:a6:5b:8c:1a:cb:87:b1:9e:0e:61:77:f8:ed:
fa:44:2d:2b:8b:e6:8f:79:9c:2d:55:83:dc:c4:8d:
11:50:63:14:c2:3f:f6:a5:11:90:1e:9d:e8:20:40:
e8:b7:cb:9f:dc:35:d2:f7:5b:4a:1f:36:7b:f8:dc:
8a:ef:ef:e7:57:47:e1:67:58:ed:37:20:9f:7c:6b:
cd:86:1e:24:91:0f:63:05:ae:de:c5:49:a1:c9:8a:
99:58:cd:3a:bc:a0:f0:ec:70:97:82:55:eb:ff:2f:
f3:a5:d5:60:1f:71:b5:74:a9:25:02:c7:61:a6:e9:
04:36:45:7f:bf:1c:61:9a:d8:6b:cb:b7:64:2b:cf:
e6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:37:99:CF:19:2A:12:5B:81:19:E7:E2:79:6F:9F:FB:62:32:49:5E
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/WjeZzxkqEluBGefieW-f-2IySV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8060::/44
2a0c:9a40:9c20::/44
Signature Algorithm: sha256WithRSAEncryption
af:64:2e:73:6b:ea:24:24:40:40:9a:af:aa:a1:6d:6a:15:53:
9d:98:ae:e7:80:29:93:34:85:1a:55:f5:27:92:32:8e:12:10:
34:e7:33:d0:83:fd:c3:df:87:82:93:66:bc:cc:69:04:e7:ec:
b7:71:94:36:2c:ba:4b:22:03:d3:b1:b1:ce:57:cf:18:83:01:
0b:63:18:c2:b6:5d:78:35:18:9d:1f:e7:12:10:2e:68:22:4c:
17:52:7a:35:21:00:72:93:b1:63:d0:61:f6:b2:59:ef:5b:f5:
a3:45:ef:a4:08:7f:0e:42:ff:97:53:92:5e:26:8b:4a:ad:44:
76:48:50:58:2d:1d:b6:67:db:68:67:9e:52:91:a6:eb:2a:3a:
d4:b4:74:85:b8:48:83:a8:a9:73:15:e8:6a:3b:07:42:38:5a:
93:17:6d:c1:51:89:84:2a:90:04:07:e8:46:1e:a0:4e:7a:37:
77:3b:2c:5e:5d:7d:0d:90:ad:26:49:9d:da:5b:63:89:ee:55:
1b:a0:96:ae:09:a9:27:b2:7d:50:83:46:0a:8a:06:e7:35:8c:
34:63:bd:49:db:4b:79:f6:37:63:97:b8:5c:78:67:bd:5f:e9:
a6:0e:b6:fa:93:37:c3:26:7c:7c:7e:65:05:fd:3b:98:99:3f:
90:d5:66:e3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxyy3euOfUVfrDYmWnR4YJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMxMjE2MTMyMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTM3OTljZjE5MmExMjViODExOWU3ZTI3OTZmOWZmYjYyMzI0OTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5P/qatrDYy6+uOa9Gty5tvQkE6U
vy6Wy0ck1hN6P9ShxfxAdxz+yPPUt7hGzTFnIOtVUxK+DjPQqBkQsCmihPL4yV0k
ylAz9gDHOC4w2T91VEeRUxC2JEtyQU6n3AY4TjYpP8dBxrrnIi6CfQe0CZB+d3tc
XzMxEKZbjBrLh7GeDmF3+O36RC0ri+aPeZwtVYPcxI0RUGMUwj/2pRGQHp3oIEDo
t8uf3DXS91tKHzZ7+NyK7+/nV0fhZ1jtNyCffGvNhh4kkQ9jBa7exUmhyYqZWM06
vKDw7HCXglXr/y/zpdVgH3G1dKklAsdhpukENkV/vxxhmthry7dkK8/mGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFo3mc8ZKhJbgRnn4nlvn/tiMkleMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvV2plWnp4a3FFbHVCR2VmaWVXLWYtMkl5U1Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgyaQIBg
AwcEKgyaQJwgMA0GCSqGSIb3DQEBCwUAA4IBAQCvZC5za+okJEBAmq+qoW1qFVOd
mK7ngCmTNIUaVfUnkjKOEhA05zPQg/3D34eCk2a8zGkE5+y3cZQ2LLpLIgPTsbHO
V88YgwELYxjCtl14NRidH+cSEC5oIkwXUno1IQByk7Fj0GH2slnvW/WjRe+kCH8O
Qv+XU5JeJotKrUR2SFBYLR22Z9toZ55SkabrKjrUtHSFuEiDqKlzFehqOwdCOFqT
F23BUYmEKpAEB+hGHqBOejd3OyxeXX0NkK0mSZ3aW2OJ7lUboJauCaknsn1Qg0YK
igbnNYw0Y71J20t59jdjl7hceGe9X+mmDrb6kzfDJnx8fmUF/TuYmT+Q1Wbj
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:19 2024 by rpki-client on console-ams.rpki-client.org