Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WIZztXNIkt3CHcxT_dNyE_GcLvs.roa
File: WIZztXNIkt3CHcxT_dNyE_GcLvs.roa (raw, json)
Hash identifier: s1uypyHEEpmBXPP/Y6nZfGjKYdMmerUlfi7VNElN604=
Subject key identifier: 58:86:73:B5:73:48:92:DD:C2:1D:CC:53:FD:D3:72:13:F1:9C:2E:FB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0189AC249C3DE8E8FC1314BC179545D43EAB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WIZztXNIkt3CHcxT_dNyE_GcLvs.roa
Signing time: Mon 31 Jul 2023 13:30:27 +0000
ROA not before: Mon 31 Jul 2023 13:30:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204729
IP address blocks: 81.161.238.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ac:24:9c:3d:e8:e8:fc:13:14:bc:17:95:45:d4:3e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 31 13:30:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=588673b5734892ddc21dcc53fdd37213f19c2efb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8b:b1:1d:46:e4:00:f1:62:30:8d:c2:73:0d:
2f:00:4b:82:69:72:ec:e4:47:61:85:45:bf:ef:eb:
96:6e:2b:fd:d7:1a:41:11:92:cb:7a:4b:f6:9c:fe:
f7:4e:e1:b6:a5:ad:2e:2c:d9:bb:53:00:88:e0:33:
ed:7b:c6:da:52:6b:11:59:15:cb:56:0e:f5:ad:12:
6e:65:08:41:fc:62:7d:86:78:d0:b2:ab:ba:92:d2:
72:12:03:f3:b6:6d:ee:cb:9c:0d:12:c4:2e:51:49:
37:22:a6:8f:a4:fb:f2:e8:27:41:27:62:55:3e:20:
d4:a8:88:a4:af:41:30:89:de:8d:b6:21:6e:c9:76:
84:51:61:e9:87:40:6e:67:d9:cf:0e:ed:90:40:23:
3b:6e:a2:f7:24:85:57:bf:28:9a:bc:7e:4e:04:b4:
0a:23:2d:80:60:1f:cb:25:57:60:c5:de:56:01:a4:
94:e5:0b:3b:30:ca:f9:72:e2:1e:0f:bd:c2:4f:f7:
30:4f:26:e4:8d:62:11:e3:b4:f4:7d:93:58:e6:31:
23:45:b0:4e:7a:32:04:e9:e9:b5:82:09:85:b4:ef:
b5:b3:60:f4:df:58:93:a3:d1:2b:0e:40:8c:5b:e0:
80:bb:3a:68:8f:88:e3:81:4d:90:7e:04:b5:b6:78:
64:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:86:73:B5:73:48:92:DD:C2:1D:CC:53:FD:D3:72:13:F1:9C:2E:FB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WIZztXNIkt3CHcxT_dNyE_GcLvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.238.0/24
178.215.224.0/24
Signature Algorithm: sha256WithRSAEncryption
08:ed:a6:9c:29:5e:28:ce:92:a4:f9:a7:6c:f2:cc:05:07:45:
6e:b4:ce:25:f2:fc:b9:1a:89:76:a4:6e:e2:1e:4d:b6:36:6d:
4d:6b:6b:f8:5a:90:94:83:28:db:e3:9b:f7:ff:de:84:9c:54:
b5:a8:46:19:82:fa:d5:70:4c:ac:6d:0b:2b:fc:f0:0f:ff:1a:
51:35:44:4f:94:98:06:61:15:4b:fc:e8:bf:0a:e1:3b:55:07:
68:a9:52:e4:fa:d9:57:ce:d0:f1:a0:8b:c3:53:a2:16:a6:5e:
7b:5f:7a:ec:9b:d6:01:98:3c:a2:ec:7d:ea:61:fb:ec:d1:8a:
1b:a9:98:f4:87:f8:d7:fb:41:47:7b:f6:89:9c:81:82:80:33:
d1:94:d0:ae:71:ea:fd:83:b9:d4:52:1b:05:61:54:5d:5b:4c:
76:2e:bd:dd:94:59:5a:02:7e:4a:a6:c0:b8:f3:b9:ae:3b:e5:
f9:0a:91:a5:4a:e2:0e:be:9b:2a:3e:bf:92:92:e9:2b:16:9b:
f6:4b:88:0f:43:d5:f4:a2:41:5c:25:33:2e:79:d2:14:81:c5:
c5:df:70:f5:69:c3:52:61:8f:29:01:21:a4:57:cd:9e:96:94:
8d:a2:0f:e6:bf:8c:f5:ad:14:31:c3:39:30:96:5c:24:5c:31:
76:9c:fc:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmsJJw96Oj8ExS8F5VF1D6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzMxMTMzMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODg2NzNiNTczNDg5MmRkYzIxZGNjNTNmZGQzNzIxM2YxOWMyZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYuxHUbkAPFiMI3Ccw0vAEuCaXLs
5EdhhUW/7+uWbiv91xpBEZLLekv2nP73TuG2pa0uLNm7UwCI4DPte8baUmsRWRXL
Vg71rRJuZQhB/GJ9hnjQsqu6ktJyEgPztm3uy5wNEsQuUUk3IqaPpPvy6CdBJ2JV
PiDUqIikr0Ewid6NtiFuyXaEUWHph0BuZ9nPDu2QQCM7bqL3JIVXvyiavH5OBLQK
Iy2AYB/LJVdgxd5WAaSU5Qs7MMr5cuIeD73CT/cwTybkjWIR47T0fZNY5jEjRbBO
ejIE6em1ggmFtO+1s2D031iTo9ErDkCMW+CAuzpoj4jjgU2QfgS1tnhk7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFiGc7VzSJLdwh3MU/3TchPxnC77MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvV0laenRYTklrdDNDSGN4VF9kTnlFX0djTHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUaHuAwQA
stfgMA0GCSqGSIb3DQEBCwUAA4IBAQAI7aacKV4ozpKk+ads8swFB0VutM4l8vy5
Gol2pG7iHk22Nm1Na2v4WpCUgyjb45v3/96EnFS1qEYZgvrVcEysbQsr/PAP/xpR
NURPlJgGYRVL/Oi/CuE7VQdoqVLk+tlXztDxoIvDU6IWpl57X3rsm9YBmDyi7H3q
Yfvs0YobqZj0h/jX+0FHe/aJnIGCgDPRlNCucer9g7nUUhsFYVRdW0x2Lr3dlFla
An5KpsC487muO+X5CpGlSuIOvpsqPr+SkukrFpv2S4gPQ9X0okFcJTMuedIUgcXF
33D1acNSYY8pASGkV82elpSNog/mv4z1rRQxwzkwllwkXDF2nPxD
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:11 2024 by rpki-client on console-ams.rpki-client.org