Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/d2b0a2-95e3-41a0-8cdf-ff809e7daeca/1/cwazOp4CD3N1kC0OmQWweislG5A.roa
File: cwazOp4CD3N1kC0OmQWweislG5A.roa (raw, json)
Hash identifier: hRb4Mw2l4106B0rp3LWrTK4ETh6YazY7hgnbOmwng90=
Subject key identifier: 73:06:B3:3A:9E:02:0F:73:75:90:2D:0E:99:05:B0:7A:2B:25:1B:90
Certificate issuer: /CN=d2c4c3806e1f88e99bd8c5e490077f8de5d7cf06
Certificate serial: 01856CEF31BF917AC52A6D248EC1D9F58E70
Authority key identifier: D2:C4:C3:80:6E:1F:88:E9:9B:D8:C5:E4:90:07:7F:8D:E5:D7:CF:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sTDgG4fiOmb2MXkkAd_jeXXzwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/d2b0a2-95e3-41a0-8cdf-ff809e7daeca/1/cwazOp4CD3N1kC0OmQWweislG5A.roa
Signing time: Sun 01 Jan 2023 10:44:53 +0000
ROA not before: Sun 01 Jan 2023 10:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198208
IP address blocks: 91.109.208.0/21 maxlen: 24
134.19.200.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:31:bf:91:7a:c5:2a:6d:24:8e:c1:d9:f5:8e:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c4c3806e1f88e99bd8c5e490077f8de5d7cf06
Validity
Not Before: Jan 1 10:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7306b33a9e020f7375902d0e9905b07a2b251b90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:21:e4:bb:24:d9:f6:6d:93:8f:2f:ba:f8:a4:
03:69:7b:0b:a6:37:01:a4:f3:68:9f:78:d4:49:d6:
8a:f2:d8:9e:f3:27:48:44:ad:ce:38:26:09:14:06:
5c:e2:c2:fb:54:d7:82:9e:2f:f0:d7:d8:9f:0e:27:
cc:60:ac:e8:03:bc:9d:21:f0:12:66:ee:c5:0b:78:
ac:30:bf:6e:5f:fd:7a:00:a8:57:37:f8:e1:62:bc:
d2:8a:1c:c6:a7:5f:4d:e6:4b:63:6d:f0:e6:df:5b:
a0:14:63:c6:0d:19:55:b5:d4:75:15:40:4b:68:27:
88:42:35:43:26:e3:06:69:d1:5e:37:f4:c6:65:ed:
01:50:57:08:59:50:25:0d:96:c1:4b:dd:1d:93:08:
67:22:43:60:26:fe:8f:8b:f6:9d:96:b1:05:a4:81:
f1:a6:6d:6a:8a:ad:c8:95:f4:6c:c3:59:2b:48:95:
dd:bc:7b:45:34:04:ae:16:66:33:37:7c:e6:1f:bb:
6a:8e:6b:59:bc:a7:d4:99:3a:53:51:8d:e5:27:e9:
d3:61:f3:85:ae:e6:75:1b:d7:84:bd:5e:bb:ba:69:
a7:04:d0:e3:a2:86:42:a9:59:30:d3:29:4f:b3:13:
6d:6f:78:d0:8b:7d:43:0d:33:1d:4a:5f:3a:b5:89:
20:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:06:B3:3A:9E:02:0F:73:75:90:2D:0E:99:05:B0:7A:2B:25:1B:90
X509v3 Authority Key Identifier:
keyid:D2:C4:C3:80:6E:1F:88:E9:9B:D8:C5:E4:90:07:7F:8D:E5:D7:CF:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sTDgG4fiOmb2MXkkAd_jeXXzwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d2b0a2-95e3-41a0-8cdf-ff809e7daeca/1/cwazOp4CD3N1kC0OmQWweislG5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d2b0a2-95e3-41a0-8cdf-ff809e7daeca/1/0sTDgG4fiOmb2MXkkAd_jeXXzwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.208.0/21
134.19.200.0/21
Signature Algorithm: sha256WithRSAEncryption
76:3b:bf:34:2b:3c:37:b6:36:54:87:b4:27:46:a3:d2:06:ba:
e2:cc:57:36:98:65:91:8d:db:13:3b:02:19:88:6a:c5:10:98:
c5:8b:13:4b:80:fd:4c:f2:89:24:06:65:0a:99:b8:98:a5:3b:
a1:64:14:c4:af:06:c4:72:b7:e3:17:44:55:0f:ce:d0:82:a9:
20:93:fc:92:1a:70:08:d4:2e:cc:56:fe:4b:b5:71:91:7e:02:
8e:2a:34:9b:ba:5d:88:21:29:06:cc:f5:8b:a5:36:54:8b:0f:
63:88:b4:97:41:fe:63:4f:87:72:2f:70:8b:ca:4b:49:6f:21:
42:03:c7:a5:1c:32:b6:1c:6e:85:d3:c0:b3:51:8e:2c:4e:db:
95:d5:49:9d:53:df:79:7f:61:a0:a1:0a:d6:51:77:fe:69:fd:
c3:7f:f6:93:f0:08:cf:de:7f:cf:a9:d8:18:e4:67:08:08:cc:
f0:c7:68:10:eb:84:2d:bb:0e:47:74:d4:ca:15:c6:64:04:0d:
37:d6:67:ba:02:2d:34:54:a5:33:a9:b5:d4:35:e5:b5:08:6d:
43:76:a3:f5:6b:ec:09:7f:30:d6:46:59:3b:e4:24:27:65:e6:
c0:b9:3d:56:cf:c8:1d:1e:30:2a:27:92:b3:b2:e2:f8:00:67:
6d:53:14:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVs7zG/kXrFKm0kjsHZ9Y5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzRjMzgwNmUxZjg4ZTk5YmQ4YzVlNDkwMDc3ZjhkZTVk
N2NmMDYwHhcNMjMwMTAxMTA0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzA2YjMzYTllMDIwZjczNzU5MDJkMGU5OTA1YjA3YTJiMjUxYjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCHkuyTZ9m2Tjy+6+KQDaXsLpjcB
pPNon3jUSdaK8tie8ydIRK3OOCYJFAZc4sL7VNeCni/w19ifDifMYKzoA7ydIfAS
Zu7FC3isML9uX/16AKhXN/jhYrzSihzGp19N5ktjbfDm31ugFGPGDRlVtdR1FUBL
aCeIQjVDJuMGadFeN/TGZe0BUFcIWVAlDZbBS90dkwhnIkNgJv6Pi/adlrEFpIHx
pm1qiq3IlfRsw1krSJXdvHtFNASuFmYzN3zmH7tqjmtZvKfUmTpTUY3lJ+nTYfOF
ruZ1G9eEvV67ummnBNDjooZCqVkw0ylPsxNtb3jQi31DDTMdSl86tYkg1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHMGszqeAg9zdZAtDpkFsHorJRuQMB8GA1UdIwQY
MBaAFNLEw4BuH4jpm9jF5JAHf43l188GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNURGdHNGZpT21iMk1Ya2tBZF9qZVhYendZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9kMmIwYTItOTVlMy00MWEwLThjZGYt
ZmY4MDllN2RhZWNhLzEvY3dhek9wNENEM04xa0MwT21RV3dlaXNsRzVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9kMmIwYTItOTVlMy00MWEwLThjZGYtZmY4MDllN2RhZWNh
LzEvMHNURGdHNGZpT21iMk1Ya2tBZF9qZVhYendZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDW23QAwQD
hhPIMA0GCSqGSIb3DQEBCwUAA4IBAQB2O780Kzw3tjZUh7QnRqPSBrrizFc2mGWR
jdsTOwIZiGrFEJjFixNLgP1M8okkBmUKmbiYpTuhZBTErwbEcrfjF0RVD87Qgqkg
k/ySGnAI1C7MVv5LtXGRfgKOKjSbul2IISkGzPWLpTZUiw9jiLSXQf5jT4dyL3CL
yktJbyFCA8elHDK2HG6F08CzUY4sTtuV1UmdU995f2GgoQrWUXf+af3Df/aT8AjP
3n/PqdgY5GcICMzwx2gQ64Qtuw5HdNTKFcZkBA031me6Ai00VKUzqbXUNeW1CG1D
dqP1a+wJfzDWRlk75CQnZebAuT1Wz8gdHjAqJ5KzsuL4AGdtUxTU
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:39 2024 by rpki-client on console-fra.rpki-client.org