Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/49d859-610a-4242-8ddf-37a0e474ab15/1/WXveUPX36bZXSTICSmccIK-OqDA.roa
File: WXveUPX36bZXSTICSmccIK-OqDA.roa (raw, json)
Hash identifier: c2N3Nt0MwFuNXYzbjqsqacXDt3ef68lHe+EoSFX3sAw=
Subject key identifier: 59:7B:DE:50:F5:F7:E9:B6:57:49:32:02:4A:67:1C:20:AF:8E:A8:30
Certificate issuer: /CN=d9ff9e17b9b41988a92599cbcaba0391ffb61a20
Certificate serial: 0185718C132DAE2631859E2C9FA81CD879D5
Authority key identifier: D9:FF:9E:17:B9:B4:19:88:A9:25:99:CB:CA:BA:03:91:FF:B6:1A:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2f-eF7m0GYipJZnLyroDkf-2GiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/49d859-610a-4242-8ddf-37a0e474ab15/1/WXveUPX36bZXSTICSmccIK-OqDA.roa
Signing time: Mon 02 Jan 2023 08:14:43 +0000
ROA not before: Mon 02 Jan 2023 08:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24951
IP address blocks: 195.234.64.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:13:2d:ae:26:31:85:9e:2c:9f:a8:1c:d8:79:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ff9e17b9b41988a92599cbcaba0391ffb61a20
Validity
Not Before: Jan 2 08:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=597bde50f5f7e9b6574932024a671c20af8ea830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:65:56:1f:72:58:80:27:61:0e:90:de:fa:90:
14:7b:e3:11:71:c8:e0:78:6e:54:c7:62:ed:10:2e:
33:af:73:1c:f0:c6:b9:1f:1c:d2:87:fe:86:9e:43:
88:31:71:4c:7f:08:76:5d:10:6b:07:35:ad:22:3e:
2d:fb:4b:9a:2d:58:f5:9a:26:32:56:ae:f3:56:4d:
fd:25:39:68:fc:b8:96:d8:4e:be:90:c6:93:70:38:
4b:dd:b6:c0:51:c1:3f:ad:2b:97:9a:45:6b:7c:08:
bf:17:4f:0c:e5:53:78:4c:67:28:12:f1:d9:60:23:
ba:f1:6c:d6:a2:bd:f6:4b:cf:26:0a:83:00:47:ab:
e9:35:58:61:e4:c9:91:70:35:43:42:4e:5a:65:7c:
8d:32:d5:9c:d0:90:9f:3a:d6:d4:8f:c0:e9:44:fc:
c0:ff:ce:de:8c:62:e0:dd:15:b0:88:f9:f6:d2:c5:
11:ec:b7:90:a0:9d:62:9b:7d:69:df:36:86:cb:0e:
82:bc:4f:d6:2e:89:80:53:88:80:cf:ab:5d:62:8f:
06:33:86:bb:0b:df:a6:f0:3b:d4:29:30:08:56:23:
c6:de:93:85:fe:e7:7a:74:01:4c:b4:b8:d9:2c:1d:
07:7d:b7:4d:9d:1e:ae:cf:bb:68:12:34:80:68:72:
0e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:7B:DE:50:F5:F7:E9:B6:57:49:32:02:4A:67:1C:20:AF:8E:A8:30
X509v3 Authority Key Identifier:
keyid:D9:FF:9E:17:B9:B4:19:88:A9:25:99:CB:CA:BA:03:91:FF:B6:1A:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f-eF7m0GYipJZnLyroDkf-2GiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/49d859-610a-4242-8ddf-37a0e474ab15/1/WXveUPX36bZXSTICSmccIK-OqDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/49d859-610a-4242-8ddf-37a0e474ab15/1/2f-eF7m0GYipJZnLyroDkf-2GiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.64.0/22
Signature Algorithm: sha256WithRSAEncryption
09:51:c5:74:34:99:2e:2e:5c:34:d2:94:e9:83:07:e5:6f:eb:
ed:d1:3c:bf:c7:2f:9b:76:9e:25:c5:61:ea:c0:ce:ff:c1:a1:
03:d4:9a:a8:56:ec:5b:85:70:50:9f:bd:0f:fd:63:c1:f0:2d:
21:91:51:46:aa:6a:21:e4:db:c9:62:03:63:d4:27:43:b3:f1:
b3:c6:6e:ad:9a:42:06:14:3a:9f:78:c9:5c:d5:e5:de:55:16:
16:a8:84:a4:13:cc:7f:6e:c1:2a:c1:80:4b:d9:8d:ad:d0:96:
a2:72:64:77:82:2c:3b:07:2f:19:6b:56:0e:bb:0a:e5:95:ff:
c0:cc:b6:a8:18:b0:c7:75:6d:7f:4f:63:20:2b:3d:a4:ff:72:
b0:0e:81:1a:1c:1c:4c:96:01:93:01:9a:31:fa:31:4b:de:4d:
64:fc:56:fd:40:33:18:48:fa:cd:36:df:f5:99:27:de:83:21:
c7:d9:00:c4:03:50:f0:a7:44:ca:36:ed:cd:e2:97:1a:ac:56:
b9:48:66:87:2e:1b:e4:46:db:11:da:af:54:23:36:85:b3:ce:
32:b7:86:80:e6:9f:30:73:53:39:d5:fd:22:a1:69:99:32:1d:
5c:c7:9c:6a:59:77:88:b9:fe:21:ab:b2:46:1e:3f:c3:ac:ce:
d5:ad:7b:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxjBMtriYxhZ4sn6gc2HnVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmY5ZTE3YjliNDE5ODhhOTI1OTljYmNhYmEwMzkxZmZi
NjFhMjAwHhcNMjMwMTAyMDgxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTdiZGU1MGY1ZjdlOWI2NTc0OTMyMDI0YTY3MWMyMGFmOGVhODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2VWH3JYgCdhDpDe+pAUe+MRccjg
eG5Ux2LtEC4zr3Mc8Ma5HxzSh/6GnkOIMXFMfwh2XRBrBzWtIj4t+0uaLVj1miYy
Vq7zVk39JTlo/LiW2E6+kMaTcDhL3bbAUcE/rSuXmkVrfAi/F08M5VN4TGcoEvHZ
YCO68WzWor32S88mCoMAR6vpNVhh5MmRcDVDQk5aZXyNMtWc0JCfOtbUj8DpRPzA
/87ejGLg3RWwiPn20sUR7LeQoJ1im31p3zaGyw6CvE/WLomAU4iAz6tdYo8GM4a7
C9+m8DvUKTAIViPG3pOF/ud6dAFMtLjZLB0HfbdNnR6uz7toEjSAaHIOlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFl73lD19+m2V0kyAkpnHCCvjqgwMB8GA1UdIwQY
MBaAFNn/nhe5tBmIqSWZy8q6A5H/thogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmYtZUY3bTBHWWlwSlpuTHlyb0RrZi0yR2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy80OWQ4NTktNjEwYS00MjQyLThkZGYt
MzdhMGU0NzRhYjE1LzEvV1h2ZVVQWDM2YlpYU1RJQ1NtY2NJSy1PcURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy80OWQ4NTktNjEwYS00MjQyLThkZGYtMzdhMGU0NzRhYjE1
LzEvMmYtZUY3bTBHWWlwSlpuTHlyb0RrZi0yR2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw+pAMA0G
CSqGSIb3DQEBCwUAA4IBAQAJUcV0NJkuLlw00pTpgwflb+vt0Ty/xy+bdp4lxWHq
wM7/waED1JqoVuxbhXBQn70P/WPB8C0hkVFGqmoh5NvJYgNj1CdDs/Gzxm6tmkIG
FDqfeMlc1eXeVRYWqISkE8x/bsEqwYBL2Y2t0JaicmR3giw7By8Za1YOuwrllf/A
zLaoGLDHdW1/T2MgKz2k/3KwDoEaHBxMlgGTAZox+jFL3k1k/Fb9QDMYSPrNNt/1
mSfegyHH2QDEA1Dwp0TKNu3N4pcarFa5SGaHLhvkRtsR2q9UIzaFs84yt4aA5p8w
c1M51f0ioWmZMh1cx5xqWXeIuf4hq7JGHj/DrM7VrXvU
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:43 2024 by rpki-client on console-ams.rpki-client.org