Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/14ead9-cbb1-4639-81a7-d8b8202d7786/1/WXsxx5K9h9hap7h8apxqNGNMagY.roa
File: WXsxx5K9h9hap7h8apxqNGNMagY.roa (raw, json)
Hash identifier: S6hti+aDywcRbS4loJ7UciHw5vVkNW1eDlCZ67U94Sg=
Subject key identifier: 59:7B:31:C7:92:BD:87:D8:5A:A7:B8:7C:6A:9C:6A:34:63:4C:6A:06
Certificate issuer: /CN=9f1bd9732e6cdd6e7494d79187fca855b5199909
Certificate serial: 01857315F058457990A03402F9C535F24713
Authority key identifier: 9F:1B:D9:73:2E:6C:DD:6E:74:94:D7:91:87:FC:A8:55:B5:19:99:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nxvZcy5s3W50lNeRh_yoVbUZmQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/14ead9-cbb1-4639-81a7-d8b8202d7786/1/WXsxx5K9h9hap7h8apxqNGNMagY.roa
Signing time: Mon 02 Jan 2023 15:24:55 +0000
ROA not before: Mon 02 Jan 2023 15:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 193.33.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:f0:58:45:79:90:a0:34:02:f9:c5:35:f2:47:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f1bd9732e6cdd6e7494d79187fca855b5199909
Validity
Not Before: Jan 2 15:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=597b31c792bd87d85aa7b87c6a9c6a34634c6a06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:17:3b:ae:e6:a2:86:84:81:83:c8:27:27:83:
b4:95:98:08:77:f5:54:26:34:27:b5:ca:39:59:94:
89:53:c9:9e:d8:42:5e:ec:7b:01:9e:f1:37:e7:84:
c9:db:a6:a7:9a:5d:66:6a:e9:b6:12:3a:50:4a:09:
e8:5d:6a:cf:81:e8:9a:fa:2e:d5:02:0d:50:c1:69:
e5:1f:3b:cd:4c:f0:b2:91:6b:b2:b3:9b:8b:a1:cc:
22:7d:bc:73:01:a9:df:f2:b9:4a:a0:1f:e0:a5:81:
bb:6d:56:1a:80:3b:95:2a:bc:d0:29:39:1d:3d:22:
e5:e2:ad:76:b7:94:09:b4:2d:3a:81:f7:d1:6c:f5:
48:1f:c9:ca:3d:58:ce:5b:a2:72:c9:85:18:7c:f6:
f5:4a:f8:14:68:d7:50:45:89:64:55:a0:db:89:01:
c1:7f:61:0c:a2:8f:de:4d:cd:de:61:b3:cc:53:5b:
9c:58:7a:2b:3c:91:ae:56:47:d6:e1:93:b3:63:04:
39:87:0e:8b:b0:40:b6:23:12:25:dc:94:ba:eb:d9:
f5:1d:77:0b:88:79:a1:f0:53:19:f7:87:7a:58:c6:
a6:b8:b2:63:cd:f2:e1:78:93:41:c5:af:70:ae:82:
a3:48:ca:5e:4d:08:34:38:f2:3f:ab:0b:19:9e:0c:
19:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:7B:31:C7:92:BD:87:D8:5A:A7:B8:7C:6A:9C:6A:34:63:4C:6A:06
X509v3 Authority Key Identifier:
keyid:9F:1B:D9:73:2E:6C:DD:6E:74:94:D7:91:87:FC:A8:55:B5:19:99:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nxvZcy5s3W50lNeRh_yoVbUZmQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/14ead9-cbb1-4639-81a7-d8b8202d7786/1/WXsxx5K9h9hap7h8apxqNGNMagY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/14ead9-cbb1-4639-81a7-d8b8202d7786/1/nxvZcy5s3W50lNeRh_yoVbUZmQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.137.0/24
Signature Algorithm: sha256WithRSAEncryption
18:a5:a0:a9:12:c9:f3:7e:63:4f:0f:d5:03:12:1d:ee:15:a6:
63:6d:db:b2:01:70:ab:be:e4:9e:74:fe:93:2d:26:80:31:d2:
1b:78:07:60:8c:00:c5:de:dd:a2:9a:e4:fc:88:0b:61:86:ca:
de:6f:86:63:23:38:ca:52:01:47:f0:84:e0:44:99:8d:29:29:
52:5a:c0:e8:c5:36:3c:12:f3:d8:26:91:d5:4f:ec:24:ec:c5:
5c:1f:51:d7:f2:f8:d7:a0:11:eb:b6:02:17:6e:ba:4d:4e:7c:
1c:9e:5e:5a:69:fd:12:90:96:51:6c:44:b8:5b:49:84:05:d7:
1f:69:26:97:76:14:a7:18:67:0e:5f:08:d9:0e:16:10:9c:65:
7d:b0:5f:b7:c9:ad:e4:c6:5d:ce:b2:d7:db:ef:d5:51:5e:7c:
d9:28:97:82:7c:08:7d:11:75:94:5a:33:e2:56:49:d0:ec:82:
b8:bd:35:3f:5a:3b:66:5f:d5:4b:96:00:6c:07:8d:83:cc:47:
15:f4:0e:20:1e:86:44:9b:7a:77:a1:a3:5b:77:0e:06:8b:44:
d1:83:7d:44:57:3a:94:0f:e4:f7:8a:0c:05:7e:e4:e1:7f:11:
68:1e:86:01:97:ae:da:4f:7d:26:3a:60:f4:4d:53:ff:2c:ed:
dc:17:7e:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFfBYRXmQoDQC+cU18kcTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMWJkOTczMmU2Y2RkNmU3NDk0ZDc5MTg3ZmNhODU1YjUx
OTk5MDkwHhcNMjMwMTAyMTUyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTdiMzFjNzkyYmQ4N2Q4NWFhN2I4N2M2YTljNmEzNDYzNGM2YTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRc7ruaihoSBg8gnJ4O0lZgId/VU
JjQntco5WZSJU8me2EJe7HsBnvE354TJ26anml1maum2EjpQSgnoXWrPgeia+i7V
Ag1QwWnlHzvNTPCykWuys5uLocwifbxzAanf8rlKoB/gpYG7bVYagDuVKrzQKTkd
PSLl4q12t5QJtC06gffRbPVIH8nKPVjOW6JyyYUYfPb1SvgUaNdQRYlkVaDbiQHB
f2EMoo/eTc3eYbPMU1ucWHorPJGuVkfW4ZOzYwQ5hw6LsEC2IxIl3JS669n1HXcL
iHmh8FMZ94d6WMamuLJjzfLheJNBxa9wroKjSMpeTQg0OPI/qwsZngwZSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFl7MceSvYfYWqe4fGqcajRjTGoGMB8GA1UdIwQY
MBaAFJ8b2XMubN1udJTXkYf8qFW1GZkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnh2WmN5NXMzVzUwbE5lUmhfeW9WYlVabVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xNGVhZDktY2JiMS00NjM5LTgxYTct
ZDhiODIwMmQ3Nzg2LzEvV1hzeHg1SzloOWhhcDdoOGFweHFOR05NYWdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xNGVhZDktY2JiMS00NjM5LTgxYTctZDhiODIwMmQ3Nzg2
LzEvbnh2WmN5NXMzVzUwbE5lUmhfeW9WYlVabVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSGJMA0G
CSqGSIb3DQEBCwUAA4IBAQAYpaCpEsnzfmNPD9UDEh3uFaZjbduyAXCrvuSedP6T
LSaAMdIbeAdgjADF3t2imuT8iAthhsreb4ZjIzjKUgFH8ITgRJmNKSlSWsDoxTY8
EvPYJpHVT+wk7MVcH1HX8vjXoBHrtgIXbrpNTnwcnl5aaf0SkJZRbES4W0mEBdcf
aSaXdhSnGGcOXwjZDhYQnGV9sF+3ya3kxl3Ostfb79VRXnzZKJeCfAh9EXWUWjPi
VknQ7IK4vTU/WjtmX9VLlgBsB42DzEcV9A4gHoZEm3p3oaNbdw4Gi0TRg31EVzqU
D+T3igwFfuThfxFoHoYBl67aT30mOmD0TVP/LO3cF34t
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:17 2024 by rpki-client on console-ams.rpki-client.org