Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/WcMnuUHqwVnLSjuIZIkjfKSlL6M.roa
File: WcMnuUHqwVnLSjuIZIkjfKSlL6M.roa (raw, json)
Hash identifier: UR9bBYAuo/N6gl7ahEIj9eRNOxOKU39xjdiD8tmWPug=
Subject key identifier: 59:C3:27:B9:41:EA:C1:59:CB:4A:3B:88:64:89:23:7C:A4:A5:2F:A3
Certificate issuer: /CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Certificate serial: 018570396BD4E2C16C5D89EBF72DF1434543
Authority key identifier: 9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/WcMnuUHqwVnLSjuIZIkjfKSlL6M.roa
Signing time: Mon 02 Jan 2023 02:04:49 +0000
ROA not before: Mon 02 Jan 2023 02:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35017
IP address blocks: 37.72.169.0/24 maxlen: 24
46.21.155.0/24 maxlen: 24
46.21.154.0/23 maxlen: 23
2a02:748:a000::/35 maxlen: 35
2a02:748:4000::/35 maxlen: 35
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:6b:d4:e2:c1:6c:5d:89:eb:f7:2d:f1:43:45:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Validity
Not Before: Jan 2 02:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59c327b941eac159cb4a3b886489237ca4a52fa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d2:9a:91:96:bb:bb:4e:9e:a3:00:85:c9:1d:
77:12:f5:90:bf:f2:1a:b4:6c:8b:a6:b4:d8:a5:a3:
3a:6c:6e:db:38:50:45:ed:24:2d:66:9e:8c:8e:3a:
3e:d2:3d:26:be:1e:6a:84:7a:78:13:d0:ad:eb:17:
7c:c4:20:a2:7d:07:23:3a:f4:7c:4b:1e:bb:5f:37:
a8:95:d6:ec:7c:3c:d5:8f:e4:bb:77:1d:91:97:30:
19:bf:bf:81:e3:af:6f:32:36:09:c8:b6:a9:05:54:
29:42:c1:2b:84:c6:47:e5:8b:bc:75:d5:1e:39:69:
57:6b:86:57:f9:0b:0a:d8:49:c0:58:98:a5:e5:92:
57:92:d0:e8:ea:f0:72:14:4c:17:7d:93:97:61:80:
71:51:56:0f:6d:26:2d:7d:6e:8f:31:bd:d0:d2:81:
00:aa:71:c3:5d:5f:46:fe:10:d2:61:ff:c7:30:b4:
37:d6:24:f0:18:6e:ec:07:d6:1b:1f:9b:f9:31:6b:
de:e0:b1:b4:de:7c:f9:10:0e:1c:f5:97:68:ff:c6:
75:1a:c0:90:c4:17:8f:ef:b3:2b:1b:f1:a4:20:fe:
db:86:3e:27:65:27:2b:a1:d4:0d:ee:cf:72:15:ba:
ab:cf:39:be:d9:e4:76:bc:db:ea:c7:84:80:cb:89:
c1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:C3:27:B9:41:EA:C1:59:CB:4A:3B:88:64:89:23:7C:A4:A5:2F:A3
X509v3 Authority Key Identifier:
keyid:9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/WcMnuUHqwVnLSjuIZIkjfKSlL6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.169.0/24
46.21.154.0/23
IPv6:
2a02:748:4000::/35
2a02:748:a000::/35
Signature Algorithm: sha256WithRSAEncryption
a0:e6:37:e1:47:ef:c2:06:27:88:6b:ad:64:d3:ba:e1:d3:cd:
f4:37:98:6b:52:aa:09:92:19:69:0e:19:23:dd:6e:55:62:c8:
bb:22:1c:98:9a:bb:78:75:98:ad:19:ec:f6:05:28:89:79:0c:
7c:39:af:f3:d1:c5:44:07:0a:6d:fe:87:48:fe:c2:f5:75:a7:
9f:47:d6:6b:64:7a:46:27:6f:6c:24:2b:84:a5:c7:07:74:ff:
e1:c0:56:6a:ca:c7:51:b5:69:76:9c:45:d1:0d:a0:0d:87:b8:
f2:16:de:f1:60:97:7e:ad:54:93:ca:18:f1:8c:f7:cf:43:ee:
47:d8:17:45:d6:83:ee:b0:96:f8:1c:f4:79:d3:ac:16:41:25:
da:ff:ea:15:51:32:93:3e:15:5d:35:8e:ec:cc:d6:b4:4e:32:
9e:e8:8c:03:83:86:39:9c:96:90:c5:c3:cc:1d:65:76:dc:4b:
08:4e:b5:de:9a:8c:0b:0b:2a:de:b4:72:f8:b6:c2:ff:b5:ff:
82:74:7a:3d:ae:d4:8b:98:78:21:98:fc:01:55:c2:83:11:49:
75:f2:de:43:83:58:4d:09:c1:7b:d2:76:9b:87:51:7b:fe:54:
3d:5a:19:1c:24:cf:74:cf:c9:76:b2:30:f0:f9:a5:a1:29:06:
07:f9:c9:ae
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVwOWvU4sFsXYnr9y3xQ0VDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjNmNGNiNGJhYjVjMTA4MDFhNzcwNjU4ZGY4OTFjZmI4
YzY4YzYwHhcNMjMwMTAyMDIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWMzMjdiOTQxZWFjMTU5Y2I0YTNiODg2NDg5MjM3Y2E0YTUyZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtKakZa7u06eowCFyR13EvWQv/Ia
tGyLprTYpaM6bG7bOFBF7SQtZp6Mjjo+0j0mvh5qhHp4E9Ct6xd8xCCifQcjOvR8
Sx67XzeoldbsfDzVj+S7dx2RlzAZv7+B469vMjYJyLapBVQpQsErhMZH5Yu8ddUe
OWlXa4ZX+QsK2EnAWJil5ZJXktDo6vByFEwXfZOXYYBxUVYPbSYtfW6PMb3Q0oEA
qnHDXV9G/hDSYf/HMLQ31iTwGG7sB9YbH5v5MWve4LG03nz5EA4c9Zdo/8Z1GsCQ
xBeP77MrG/GkIP7bhj4nZScrodQN7s9yFbqrzzm+2eR2vNvqx4SAy4nBwwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFnDJ7lB6sFZy0o7iGSJI3ykpS+jMB8GA1UdIwQY
MBaAFJ0j9MtLq1wQgBp3BljfiRz7jGjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODkt
MDE1NzdhOTI3ZmE5LzEvV2NNbnVVSHF3Vm5MU2p1SVpJa2pmS1NsTDZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODktMDE1NzdhOTI3ZmE5
LzEvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAJUipAwQB
LhWaMBYEAgACMBADBgUqAgdIQAMGBSoCB0igMA0GCSqGSIb3DQEBCwUAA4IBAQCg
5jfhR+/CBieIa61k07rh0830N5hrUqoJkhlpDhkj3W5VYsi7IhyYmrt4dZitGez2
BSiJeQx8Oa/z0cVEBwpt/odI/sL1daefR9ZrZHpGJ29sJCuEpccHdP/hwFZqysdR
tWl2nEXRDaANh7jyFt7xYJd+rVSTyhjxjPfPQ+5H2BdF1oPusJb4HPR506wWQSXa
/+oVUTKTPhVdNY7szNa0TjKe6IwDg4Y5nJaQxcPMHWV23EsITrXemowLCyretHL4
tsL/tf+CdHo9rtSLmHghmPwBVcKDEUl18t5Dg1hNCcF70nabh1F7/lQ9WhkcJM90
z8l2sjDw+aWhKQYH+cmu
-----END CERTIFICATE-----
Generated at Wed Nov 8 15:45:03 2023 by rpki-client on console-ams.rpki-client.org