Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b597c4-6a32-4008-b2ee-2da625eb7242/1/wBhL0KI9pQP7uWIobhGnvORrQ0o.roa
File: wBhL0KI9pQP7uWIobhGnvORrQ0o.roa (raw, json)
Hash identifier: /3udN5hzUTJxQkWVYb9Slq9CWzzmTbvg/2+IHG7t+qA=
Subject key identifier: C0:18:4B:D0:A2:3D:A5:03:FB:B9:62:28:6E:11:A7:BC:E4:6B:43:4A
Certificate issuer: /CN=0024b1f1359110bff991e9ac6f51469fdcb487af
Certificate serial: 018571DE9727B7038D3FA29BBEE64CE40B95
Authority key identifier: 00:24:B1:F1:35:91:10:BF:F9:91:E9:AC:6F:51:46:9F:DC:B4:87:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACSx8TWREL_5kemsb1FGn9y0h68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b597c4-6a32-4008-b2ee-2da625eb7242/1/wBhL0KI9pQP7uWIobhGnvORrQ0o.roa
Signing time: Mon 02 Jan 2023 09:44:51 +0000
ROA not before: Mon 02 Jan 2023 09:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47894
IP address blocks: 94.103.33.0/24 maxlen: 24
94.103.35.0/24 maxlen: 24
94.103.32.0/24 maxlen: 24
94.103.34.0/24 maxlen: 24
94.103.44.0/24 maxlen: 24
94.103.46.0/24 maxlen: 24
94.103.45.0/24 maxlen: 24
94.103.47.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:97:27:b7:03:8d:3f:a2:9b:be:e6:4c:e4:0b:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0024b1f1359110bff991e9ac6f51469fdcb487af
Validity
Not Before: Jan 2 09:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0184bd0a23da503fbb962286e11a7bce46b434a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8c:5c:e4:cc:b8:50:2d:5b:5c:2b:c9:df:72:
c3:d8:c7:2d:c0:35:9a:4e:3c:45:05:95:20:73:f1:
25:d4:61:c7:21:d7:f3:ce:17:46:c9:b6:01:81:82:
54:9c:34:12:c0:d9:ab:fd:2c:1e:12:52:65:5e:1d:
1d:f6:57:cc:78:89:d2:d8:b3:da:71:fe:aa:81:2c:
e3:b0:e4:ff:75:9c:28:fd:9a:fe:a2:f1:38:4f:99:
d4:d2:4e:1c:4c:f4:65:31:4f:77:d0:3e:24:b6:36:
ea:ec:cd:51:db:b2:4f:0a:35:c2:f2:9d:20:a5:bc:
41:36:09:16:e2:29:39:16:47:91:14:9b:25:36:a6:
70:ac:5d:26:dd:eb:c9:e1:60:73:dd:65:70:9b:31:
f6:ed:ba:9f:ba:4c:8d:70:69:12:da:e5:1c:ec:b9:
2e:87:40:77:a3:04:ac:83:32:5e:59:c7:0f:5e:2c:
7a:05:ba:f5:88:ce:a3:ec:f2:5f:cf:da:c9:b6:99:
cb:21:4d:da:d3:b8:73:3d:9f:2a:6c:e7:21:15:6c:
01:2c:30:ef:57:c1:38:51:86:b4:6d:36:20:fc:cf:
f1:f3:61:fd:f8:d3:38:f2:d2:7a:14:d9:68:a6:be:
74:5c:81:61:bc:da:dd:ae:6d:be:ca:a9:2b:16:d9:
b3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:18:4B:D0:A2:3D:A5:03:FB:B9:62:28:6E:11:A7:BC:E4:6B:43:4A
X509v3 Authority Key Identifier:
keyid:00:24:B1:F1:35:91:10:BF:F9:91:E9:AC:6F:51:46:9F:DC:B4:87:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACSx8TWREL_5kemsb1FGn9y0h68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b597c4-6a32-4008-b2ee-2da625eb7242/1/wBhL0KI9pQP7uWIobhGnvORrQ0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b597c4-6a32-4008-b2ee-2da625eb7242/1/ACSx8TWREL_5kemsb1FGn9y0h68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.32.0/22
94.103.44.0/22
Signature Algorithm: sha256WithRSAEncryption
14:7a:52:49:ae:9d:01:e1:df:fc:39:74:4f:63:eb:c9:c8:ce:
ef:ea:ef:98:55:cf:f2:4e:77:be:c5:e4:17:10:da:f8:78:08:
70:5e:ff:f1:e2:a5:12:3b:9c:b9:86:47:23:83:d1:a4:a6:52:
ed:1c:c4:26:b9:00:de:03:05:25:6a:76:cc:e2:be:d0:20:fd:
75:e8:59:a4:66:93:f8:4a:9c:32:ea:4f:aa:6e:9c:f7:39:4a:
d2:b9:49:4c:14:54:f8:82:52:4d:f9:67:0d:47:d7:29:c5:8e:
52:bd:5c:5a:03:2c:17:8e:bb:25:fe:d3:c5:04:84:73:a4:43:
45:af:40:41:da:4a:a0:64:c2:aa:3d:0e:e5:72:59:7e:b3:bd:
75:88:b6:f9:0c:35:c4:82:cb:e7:2e:db:6e:3c:ff:70:f6:2d:
e1:ff:86:1f:49:7d:a6:49:ac:98:6c:c4:d7:14:5e:04:a4:a0:
d5:2f:55:96:c6:f4:60:d3:14:3b:72:cc:4d:72:e2:75:5f:4a:
40:89:e2:27:4f:1e:22:24:b1:f9:e4:fa:9e:9f:39:c7:0b:b6:
97:e6:e1:70:c2:d8:a8:7e:87:58:0c:22:1b:a3:b7:7c:5c:ed:
bd:a7:b1:c7:ad:0c:7a:99:cd:ab:e9:60:cd:9b:06:5f:ad:38:
86:61:79:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx3pcntwONP6KbvuZM5AuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMjRiMWYxMzU5MTEwYmZmOTkxZTlhYzZmNTE0NjlmZGNi
NDg3YWYwHhcNMjMwMTAyMDk0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDE4NGJkMGEyM2RhNTAzZmJiOTYyMjg2ZTExYTdiY2U0NmI0MzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYxc5My4UC1bXCvJ33LD2MctwDWa
TjxFBZUgc/El1GHHIdfzzhdGybYBgYJUnDQSwNmr/SweElJlXh0d9lfMeInS2LPa
cf6qgSzjsOT/dZwo/Zr+ovE4T5nU0k4cTPRlMU930D4ktjbq7M1R27JPCjXC8p0g
pbxBNgkW4ik5FkeRFJslNqZwrF0m3evJ4WBz3WVwmzH27bqfukyNcGkS2uUc7Lku
h0B3owSsgzJeWccPXix6Bbr1iM6j7PJfz9rJtpnLIU3a07hzPZ8qbOchFWwBLDDv
V8E4UYa0bTYg/M/x82H9+NM48tJ6FNlopr50XIFhvNrdrm2+yqkrFtmzQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMAYS9CiPaUD+7liKG4Rp7zka0NKMB8GA1UdIwQY
MBaAFAAksfE1kRC/+ZHprG9RRp/ctIevMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUNTeDhUV1JFTF81a2Vtc2IxRkduOXkwaDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iNTk3YzQtNmEzMi00MDA4LWIyZWUt
MmRhNjI1ZWI3MjQyLzEvd0JoTDBLSTlwUVA3dVdJb2JoR252T1JyUTBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iNTk3YzQtNmEzMi00MDA4LWIyZWUtMmRhNjI1ZWI3MjQy
LzEvQUNTeDhUV1JFTF81a2Vtc2IxRkduOXkwaDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXmcgAwQC
XmcsMA0GCSqGSIb3DQEBCwUAA4IBAQAUelJJrp0B4d/8OXRPY+vJyM7v6u+YVc/y
Tne+xeQXENr4eAhwXv/x4qUSO5y5hkcjg9GkplLtHMQmuQDeAwUlanbM4r7QIP11
6FmkZpP4Spwy6k+qbpz3OUrSuUlMFFT4glJN+WcNR9cpxY5SvVxaAywXjrsl/tPF
BIRzpENFr0BB2kqgZMKqPQ7lcll+s711iLb5DDXEgsvnLttuPP9w9i3h/4YfSX2m
SayYbMTXFF4EpKDVL1WWxvRg0xQ7csxNcuJ1X0pAieInTx4iJLH55PqenznHC7aX
5uFwwtiofodYDCIbo7d8XO29p7HHrQx6mc2r6WDNmwZfrTiGYXlZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:26 2024 by rpki-client on console-ams.rpki-client.org