Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/d69525-7cfb-47c8-9c4f-ef4458ea20cd/1/WkOYorGc8um4jRp0cmf9oFr4tiM.roa
File: WkOYorGc8um4jRp0cmf9oFr4tiM.roa (raw, json)
Hash identifier: +O2ZJfWOusewyx2OBjUGd7UOZHPKZ73nqLknQ3WGoho=
Subject key identifier: 5A:43:98:A2:B1:9C:F2:E9:B8:8D:1A:74:72:67:FD:A0:5A:F8:B6:23
Certificate issuer: /CN=07aef190f44bfc1db0c50f1a73fdf017081afe16
Certificate serial: 0185708CE7D3929C012304A6BB6CFEF1BDA6
Authority key identifier: 07:AE:F1:90:F4:4B:FC:1D:B0:C5:0F:1A:73:FD:F0:17:08:1A:FE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B67xkPRL_B2wxQ8ac_3wFwga_hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/d69525-7cfb-47c8-9c4f-ef4458ea20cd/1/WkOYorGc8um4jRp0cmf9oFr4tiM.roa
Signing time: Mon 02 Jan 2023 03:36:00 +0000
ROA not before: Mon 02 Jan 2023 03:36:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211018
IP address blocks: 194.99.159.0/24 maxlen: 24
2a11:8e00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:e7:d3:92:9c:01:23:04:a6:bb:6c:fe:f1:bd:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07aef190f44bfc1db0c50f1a73fdf017081afe16
Validity
Not Before: Jan 2 03:36:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a4398a2b19cf2e9b88d1a747267fda05af8b623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8d:4a:8d:87:5c:b6:0c:d3:4a:5b:5c:bb:58:
a7:16:10:78:7a:45:38:36:44:9e:55:a6:44:05:43:
ff:ea:dd:e1:7c:7f:0c:5e:68:46:cb:c2:fa:46:9f:
11:6e:a0:ad:20:cf:88:df:3a:e9:a5:39:ee:8a:97:
21:cc:66:7b:f8:f2:64:42:70:da:a9:f7:2d:2c:87:
a3:99:49:fe:c5:cf:53:48:f8:54:96:1d:d6:2f:f2:
1a:45:52:16:2e:43:a0:6d:7b:64:07:68:de:57:c2:
60:75:81:ba:c6:24:2d:8c:45:59:ec:56:db:85:7d:
62:d9:f7:73:81:2f:32:39:b8:b4:b1:0e:66:41:53:
a4:e0:38:b9:fd:b4:ab:14:64:53:25:de:72:c4:6f:
e2:b1:c5:e9:7b:32:68:1a:4b:b7:e3:06:d0:a0:18:
3b:1f:60:01:5b:73:52:f2:cb:c2:f9:7e:9d:c6:1d:
35:3c:02:eb:82:9b:8f:c2:ec:41:73:00:50:7c:0c:
3b:4b:5b:a0:f3:8c:bf:d4:b4:b1:d3:5a:51:27:68:
58:2f:91:7b:7a:86:d8:52:be:2b:ed:ad:15:ee:f1:
c6:f6:da:77:a9:46:8c:a2:eb:8a:52:89:27:63:83:
b2:da:74:46:5a:30:ab:c6:4a:0d:70:60:f1:15:e4:
ee:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:43:98:A2:B1:9C:F2:E9:B8:8D:1A:74:72:67:FD:A0:5A:F8:B6:23
X509v3 Authority Key Identifier:
keyid:07:AE:F1:90:F4:4B:FC:1D:B0:C5:0F:1A:73:FD:F0:17:08:1A:FE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B67xkPRL_B2wxQ8ac_3wFwga_hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d69525-7cfb-47c8-9c4f-ef4458ea20cd/1/WkOYorGc8um4jRp0cmf9oFr4tiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d69525-7cfb-47c8-9c4f-ef4458ea20cd/1/B67xkPRL_B2wxQ8ac_3wFwga_hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.99.159.0/24
IPv6:
2a11:8e00::/29
Signature Algorithm: sha256WithRSAEncryption
09:34:5c:c8:24:dd:04:ad:b1:da:62:a8:69:4f:88:c8:f6:87:
1b:4b:9a:14:f1:3f:45:cc:8d:89:46:a4:08:40:ac:da:0b:5d:
c3:f8:f9:b9:59:14:c2:f7:b3:87:40:c2:b6:fd:73:2e:f3:e6:
62:63:55:7c:b0:75:d5:15:6a:6b:f7:fb:b7:7f:45:8c:a4:01:
a6:e8:2f:a2:2c:f6:24:3a:20:de:15:2d:f8:e6:54:3b:77:c0:
c7:65:5c:75:c6:90:e7:07:25:c2:55:42:00:76:01:b8:81:3a:
9f:47:88:9f:06:f3:61:a2:62:64:1f:33:8d:a1:ab:fe:0c:59:
55:40:20:14:60:34:37:c9:d0:38:e2:cb:94:62:a8:69:79:8d:
dc:ef:f8:ff:3b:99:0b:cc:9b:13:49:2c:1d:f1:79:0c:6b:b2:
38:98:33:10:60:9c:c3:d9:16:44:22:36:ad:bf:49:62:c0:63:
fc:81:43:c4:41:4d:a5:b9:05:90:d6:e7:c2:b0:5b:7b:d0:50:
43:22:96:c2:89:15:88:6e:b8:6e:f1:d3:5b:27:4d:e8:71:dd:
bc:3b:bb:30:bc:43:8e:29:8d:08:02:17:85:42:52:f6:6d:48:
18:49:d1:85:87:09:42:25:3f:aa:53:ff:4c:30:29:44:a7:ac:
17:e8:5c:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwjOfTkpwBIwSmu2z+8b2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YWVmMTkwZjQ0YmZjMWRiMGM1MGYxYTczZmRmMDE3MDgx
YWZlMTYwHhcNMjMwMTAyMDMzNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTQzOThhMmIxOWNmMmU5Yjg4ZDFhNzQ3MjY3ZmRhMDVhZjhiNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAko1KjYdctgzTSltcu1inFhB4ekU4
NkSeVaZEBUP/6t3hfH8MXmhGy8L6Rp8RbqCtIM+I3zrppTnuipchzGZ7+PJkQnDa
qfctLIejmUn+xc9TSPhUlh3WL/IaRVIWLkOgbXtkB2jeV8JgdYG6xiQtjEVZ7Fbb
hX1i2fdzgS8yObi0sQ5mQVOk4Di5/bSrFGRTJd5yxG/iscXpezJoGku34wbQoBg7
H2ABW3NS8svC+X6dxh01PALrgpuPwuxBcwBQfAw7S1ug84y/1LSx01pRJ2hYL5F7
eobYUr4r7a0V7vHG9tp3qUaMouuKUoknY4Oy2nRGWjCrxkoNcGDxFeTuxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFpDmKKxnPLpuI0adHJn/aBa+LYjMB8GA1UdIwQY
MBaAFAeu8ZD0S/wdsMUPGnP98BcIGv4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjY3eGtQUkxfQjJ3eFE4YWNfM3dGd2dhX2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kNjk1MjUtN2NmYi00N2M4LTljNGYt
ZWY0NDU4ZWEyMGNkLzEvV2tPWW9yR2M4dW00alJwMGNtZjlvRnI0dGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kNjk1MjUtN2NmYi00N2M4LTljNGYtZWY0NDU4ZWEyMGNk
LzEvQjY3eGtQUkxfQjJ3eFE4YWNfM3dGd2dhX2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwmOfMA0E
AgACMAcDBQMqEY4AMA0GCSqGSIb3DQEBCwUAA4IBAQAJNFzIJN0ErbHaYqhpT4jI
9ocbS5oU8T9FzI2JRqQIQKzaC13D+Pm5WRTC97OHQMK2/XMu8+ZiY1V8sHXVFWpr
9/u3f0WMpAGm6C+iLPYkOiDeFS345lQ7d8DHZVx1xpDnByXCVUIAdgG4gTqfR4if
BvNhomJkHzONoav+DFlVQCAUYDQ3ydA44suUYqhpeY3c7/j/O5kLzJsTSSwd8XkM
a7I4mDMQYJzD2RZEIjatv0liwGP8gUPEQU2luQWQ1ufCsFt70FBDIpbCiRWIbrhu
8dNbJ03ocd28O7swvEOOKY0IAheFQlL2bUgYSdGFhwlCJT+qU/9MMClEp6wX6Fzd
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:49:18 2024 by rpki-client on console-fra.rpki-client.org