Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/DW8-N00YPcUrhUd240bPAny5Xp0.roa
File: DW8-N00YPcUrhUd240bPAny5Xp0.roa (raw, json)
Hash identifier: lcspcTKWHKgsiAz1p8kZjLPgl18938xxPaPM4EU+7jY=
Subject key identifier: 0D:6F:3E:37:4D:18:3D:C5:2B:85:47:76:E3:46:CF:02:7C:B9:5E:9D
Certificate issuer: /CN=f4e018fddfd422517c3069e75658657b40e73601
Certificate serial: 0187E27619547CB67ADAEC617B86C4805273
Authority key identifier: F4:E0:18:FD:DF:D4:22:51:7C:30:69:E7:56:58:65:7B:40:E7:36:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9OAY_d_UIlF8MGnnVlhle0DnNgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/DW8-N00YPcUrhUd240bPAny5Xp0.roa
Signing time: Wed 03 May 2023 16:33:22 +0000
ROA not before: Wed 03 May 2023 16:33:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47583
IP address blocks: 141.136.33.0/24 maxlen: 24
141.136.36.0/24 maxlen: 24
141.136.35.0/24 maxlen: 24
141.136.34.0/24 maxlen: 24
141.136.39.0/24 maxlen: 24
141.136.44.0/24 maxlen: 24
141.136.44.0/23 maxlen: 23
141.136.43.0/24 maxlen: 24
141.136.42.0/24 maxlen: 24
141.136.41.0/24 maxlen: 24
141.136.47.0/24 maxlen: 24
141.136.46.0/24 maxlen: 24
141.136.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e2:76:19:54:7c:b6:7a:da:ec:61:7b:86:c4:80:52:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4e018fddfd422517c3069e75658657b40e73601
Validity
Not Before: May 3 16:33:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d6f3e374d183dc52b854776e346cf027cb95e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:06:da:3f:e0:5d:c9:3e:9d:1d:dc:d6:fb:a1:
66:18:72:33:da:1f:1a:eb:7f:46:86:68:1c:35:3e:
c2:f5:9c:1b:f1:53:bf:9b:98:7c:d7:dd:d3:53:14:
a8:3e:49:1f:c6:f1:d1:a6:b5:72:26:00:0e:37:7f:
25:0c:01:07:42:b1:91:6f:4b:f2:f5:81:86:ed:e2:
aa:cc:fb:b4:5e:ab:25:32:18:c6:35:bb:76:2c:8f:
e3:c7:a5:44:2c:3f:82:70:b1:ad:21:98:a1:c1:ca:
47:02:fa:b6:22:7e:11:1f:4d:30:e2:6f:93:5f:db:
dd:67:98:80:8c:f3:2c:38:ca:d4:78:d4:81:c1:9a:
f9:98:14:3e:0a:5d:b7:94:54:6f:f0:a6:14:30:84:
99:64:dd:01:5d:a2:72:73:e9:eb:5f:77:e2:27:1f:
3a:3c:e1:55:60:95:e3:81:4a:3a:5c:62:3d:66:8b:
5e:66:99:e4:08:05:ba:f4:25:33:c7:87:1b:6f:3e:
d9:0a:60:50:7d:70:b5:3d:fe:69:4b:21:f7:49:5e:
fc:6a:a4:1d:9e:bc:15:79:cc:d9:55:61:db:33:1a:
35:23:01:b5:a5:c1:96:53:20:70:e4:e1:81:96:ad:
a9:6b:1f:91:5a:6d:88:0e:b0:a2:b1:a2:01:b1:94:
a3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:6F:3E:37:4D:18:3D:C5:2B:85:47:76:E3:46:CF:02:7C:B9:5E:9D
X509v3 Authority Key Identifier:
keyid:F4:E0:18:FD:DF:D4:22:51:7C:30:69:E7:56:58:65:7B:40:E7:36:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9OAY_d_UIlF8MGnnVlhle0DnNgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/DW8-N00YPcUrhUd240bPAny5Xp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ad6f5f-53b5-4e07-94b4-70f94d5ee5fc/1/9OAY_d_UIlF8MGnnVlhle0DnNgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.136.33.0-141.136.36.255
141.136.39.0/24
141.136.41.0-141.136.47.255
Signature Algorithm: sha256WithRSAEncryption
79:f6:f0:aa:e7:c7:75:f8:42:f1:48:3d:b5:58:50:76:cc:00:
48:29:ff:82:ac:4f:0a:d2:3c:86:1e:e2:0a:2a:4a:f7:14:1d:
d0:81:a4:69:18:be:ea:5d:62:d0:44:01:09:f4:89:40:e1:4a:
8e:84:9e:e8:6c:5a:fa:3d:1f:12:99:05:b2:cc:74:14:3a:d8:
67:85:a2:f1:7b:7f:2d:b6:5f:b8:5d:7f:ee:2d:cf:a8:e3:09:
56:b1:23:2d:27:2c:37:2e:c2:67:c8:06:db:5d:48:1a:f7:ca:
f5:89:40:9c:b1:4a:fc:9a:60:c8:0b:f6:e6:39:e8:ed:e7:25:
ce:50:c6:ea:5d:0f:22:b5:0a:9e:08:84:b0:b3:ca:1a:51:8f:
3f:c4:ac:29:ed:88:01:8f:a2:b4:9d:65:89:18:91:fd:5b:0f:
5f:b3:44:ce:c7:90:fd:99:a9:a8:8c:7c:42:f1:3f:98:9b:b7:
f9:7a:d1:60:5c:60:41:9d:47:9a:df:fc:31:1c:f3:b3:f1:54:
84:33:30:1d:7b:da:5c:1f:a3:8e:aa:67:41:6a:c0:a6:5e:05:
16:4b:90:f1:94:fc:dc:6b:29:20:b7:68:5b:45:22:ae:86:11:
ae:3b:55:62:89:97:2a:0f:de:01:5b:2b:7e:b2:20:5e:54:3a:
45:3d:a0:c7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYfidhlUfLZ62uxhe4bEgFJzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZTAxOGZkZGZkNDIyNTE3YzMwNjllNzU2NTg2NTdiNDBl
NzM2MDEwHhcNMjMwNTAzMTYzMzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDZmM2UzNzRkMTgzZGM1MmI4NTQ3NzZlMzQ2Y2YwMjdjYjk1ZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigbaP+BdyT6dHdzW+6FmGHIz2h8a
639GhmgcNT7C9Zwb8VO/m5h8193TUxSoPkkfxvHRprVyJgAON38lDAEHQrGRb0vy
9YGG7eKqzPu0XqslMhjGNbt2LI/jx6VELD+CcLGtIZihwcpHAvq2In4RH00w4m+T
X9vdZ5iAjPMsOMrUeNSBwZr5mBQ+Cl23lFRv8KYUMISZZN0BXaJyc+nrX3fiJx86
POFVYJXjgUo6XGI9ZoteZpnkCAW69CUzx4cbbz7ZCmBQfXC1Pf5pSyH3SV78aqQd
nrwVeczZVWHbMxo1IwG1pcGWUyBw5OGBlq2pax+RWm2IDrCisaIBsZSjEQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFA1vPjdNGD3FK4VHduNGzwJ8uV6dMB8GA1UdIwQY
MBaAFPTgGP3f1CJRfDBp51ZYZXtA5zYBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU9BWV9kX1VJbEY4TUdublZsaGxlMERuTmdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9hZDZmNWYtNTNiNS00ZTA3LTk0YjQt
NzBmOTRkNWVlNWZjLzEvRFc4LU4wMFlQY1VyaFVkMjQwYlBBbnk1WHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9hZDZmNWYtNTNiNS00ZTA3LTk0YjQtNzBmOTRkNWVlNWZj
LzEvOU9BWV9kX1VJbEY4TUdublZsaGxlMERuTmdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBACNiCED
BACNiCQDBACNiCcwDAMEAI2IKQMEBI2IIDANBgkqhkiG9w0BAQsFAAOCAQEAefbw
qufHdfhC8Ug9tVhQdswASCn/gqxPCtI8hh7iCipK9xQd0IGkaRi+6l1i0EQBCfSJ
QOFKjoSe6Gxa+j0fEpkFssx0FDrYZ4Wi8Xt/LbZfuF1/7i3PqOMJVrEjLScsNy7C
Z8gG211IGvfK9YlAnLFK/JpgyAv25jno7eclzlDG6l0PIrUKngiEsLPKGlGPP8Ss
Ke2IAY+itJ1liRiR/VsPX7NEzseQ/ZmpqIx8QvE/mJu3+XrRYFxgQZ1Hmt/8MRzz
s/FUhDMwHXvaXB+jjqpnQWrApl4FFkuQ8ZT83GspILdoW0UiroYRrjtVYomXKg/e
AVsrfrIgXlQ6RT2gxw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:16 2024 by rpki-client on console-ams.rpki-client.org