Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/wAaF47V37iXKsD75qw4DQO2R0dg.roa
File: wAaF47V37iXKsD75qw4DQO2R0dg.roa (raw, json)
Hash identifier: H10Qz/6LPQ8FgHWkxdf2ByuHcy+/ZbxeTRGs/7ihx4g=
Subject key identifier: C0:06:85:E3:B5:77:EE:25:CA:B0:3E:F9:AB:0E:03:40:ED:91:D1:D8
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 018AFFD7246379370A2459FFE54D00A6B5DC
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/wAaF47V37iXKsD75qw4DQO2R0dg.roa
Signing time: Thu 05 Oct 2023 12:36:44 +0000
ROA not before: Thu 05 Oct 2023 12:36:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53356
IP address blocks: 194.64.164.0/22 maxlen: 22
194.233.40.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:d7:24:63:79:37:0a:24:59:ff:e5:4d:00:a6:b5:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Oct 5 12:36:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c00685e3b577ee25cab03ef9ab0e0340ed91d1d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:68:19:7f:e0:3a:4d:9b:42:1e:9f:5d:43:96:
45:75:a1:6c:15:61:ea:a9:4d:57:eb:c9:5f:ca:1b:
2a:30:3b:3f:a6:8a:16:82:cf:06:3c:87:9e:b6:5b:
33:1d:6b:6a:5a:c4:12:ff:0a:29:eb:a6:48:f3:55:
ca:d8:00:2d:a9:25:5b:70:d1:10:87:28:6f:8a:84:
9b:fc:85:3c:61:36:01:47:7b:0d:f9:fb:a0:c3:37:
f2:49:b3:31:27:65:c0:eb:17:7c:60:cb:8c:d4:9d:
01:39:2a:77:90:79:30:35:51:f9:77:0a:63:db:47:
1e:c6:f3:52:e4:84:e8:f7:6d:d1:50:3b:17:32:23:
56:f4:79:cd:a4:11:d0:26:b7:54:c3:f7:e5:bb:5f:
f5:94:d6:35:23:21:b4:54:7a:83:37:a2:02:b7:e1:
30:b4:8e:53:6b:e7:ed:95:ce:f0:1c:45:b5:cb:38:
9c:e2:2d:2d:01:3d:22:ef:00:fc:28:77:cb:91:3d:
8b:0d:33:56:93:2c:e8:2e:8c:1c:82:67:73:8b:64:
7c:d7:45:30:49:c3:23:f6:31:79:47:78:e4:12:01:
30:c0:3c:36:be:93:bd:4d:86:ee:b1:a1:97:5b:9e:
36:eb:94:08:98:11:30:75:2f:fd:41:23:29:65:de:
63:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:06:85:E3:B5:77:EE:25:CA:B0:3E:F9:AB:0E:03:40:ED:91:D1:D8
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/wAaF47V37iXKsD75qw4DQO2R0dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.164.0/22
194.233.40.0/22
Signature Algorithm: sha256WithRSAEncryption
29:f4:ae:29:a9:41:99:9e:35:92:01:6a:65:90:31:17:6a:64:
b9:54:6b:95:8c:36:48:a6:8d:b8:4a:38:23:f5:ab:01:5a:5c:
61:e1:76:30:dd:48:9e:46:a1:cd:61:b4:ee:ee:22:31:50:9c:
3c:f2:6c:24:70:36:a9:4f:45:73:8d:a5:48:71:cd:86:29:63:
0e:b0:36:13:cd:f4:ce:80:d5:39:bd:26:b1:fa:e2:b2:15:97:
38:94:f2:3d:50:be:1e:59:10:b0:23:fe:80:98:dd:af:43:c1:
6a:15:e3:b1:c9:5c:e7:fc:3e:3a:5d:ff:35:ed:e4:fa:e7:29:
61:e9:2a:05:56:34:95:89:27:7c:7c:6b:eb:6f:67:05:27:44:
c3:f4:5c:c8:ba:94:ed:7c:3b:e7:2f:1c:39:94:3f:dc:df:28:
7f:1c:88:07:cc:0d:e2:35:70:eb:27:90:78:09:a9:3a:7b:f7:
73:84:dd:92:74:80:7a:f8:7f:90:25:cd:d3:cf:ee:4b:2e:1d:
2a:16:b0:64:9f:50:71:90:2a:9c:05:07:d1:9b:e1:ac:da:97:
cd:66:7c:8e:08:ac:18:57:4f:ba:9e:ec:c1:e5:ec:d0:5d:dc:
91:65:43:47:db:1c:42:b5:8e:04:f1:ce:d8:a1:04:12:69:93:
4c:39:4a:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYr/1yRjeTcKJFn/5U0AprXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMxMDA1MTIzNjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDA2ODVlM2I1NzdlZTI1Y2FiMDNlZjlhYjBlMDM0MGVkOTFkMWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmgZf+A6TZtCHp9dQ5ZFdaFsFWHq
qU1X68lfyhsqMDs/pooWgs8GPIeetlszHWtqWsQS/wop66ZI81XK2AAtqSVbcNEQ
hyhvioSb/IU8YTYBR3sN+fugwzfySbMxJ2XA6xd8YMuM1J0BOSp3kHkwNVH5dwpj
20cexvNS5ITo923RUDsXMiNW9HnNpBHQJrdUw/flu1/1lNY1IyG0VHqDN6ICt+Ew
tI5Ta+ftlc7wHEW1yzic4i0tAT0i7wD8KHfLkT2LDTNWkyzoLowcgmdzi2R810Uw
ScMj9jF5R3jkEgEwwDw2vpO9TYbusaGXW54265QImBEwdS/9QSMpZd5jHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMAGheO1d+4lyrA++asOA0DtkdHYMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvd0FhRjQ3VjM3aVhLc0Q3NXF3NERRTzJSMGRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwkCkAwQC
wukoMA0GCSqGSIb3DQEBCwUAA4IBAQAp9K4pqUGZnjWSAWplkDEXamS5VGuVjDZI
po24Sjgj9asBWlxh4XYw3UieRqHNYbTu7iIxUJw88mwkcDapT0VzjaVIcc2GKWMO
sDYTzfTOgNU5vSax+uKyFZc4lPI9UL4eWRCwI/6AmN2vQ8FqFeOxyVzn/D46Xf81
7eT65ylh6SoFVjSViSd8fGvrb2cFJ0TD9FzIupTtfDvnLxw5lD/c3yh/HIgHzA3i
NXDrJ5B4Cak6e/dzhN2SdIB6+H+QJc3Tz+5LLh0qFrBkn1BxkCqcBQfRm+Gs2pfN
ZnyOCKwYV0+6nuzB5ezQXdyRZUNH2xxCtY4E8c7YoQQSaZNMOUqC
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:12 2024 by rpki-client on console-fra.rpki-client.org