Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/WeLRnWhCqM6bxUngxUxAhQVopIQ.roa
File: WeLRnWhCqM6bxUngxUxAhQVopIQ.roa (raw, json)
Hash identifier: 7OmLzpsqBSuJswnQe55MdlEplVOjldnrv2qoaT2UNx0=
Subject key identifier: 59:E2:D1:9D:68:42:A8:CE:9B:C5:49:E0:C5:4C:40:85:05:68:A4:84
Certificate issuer: /CN=68f60683b377257427dbbf6ece35e2c585a3b01d
Certificate serial: 01857102F5D71B2C7292BCF89208FB11FEE8
Authority key identifier: 68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/WeLRnWhCqM6bxUngxUxAhQVopIQ.roa
Signing time: Mon 02 Jan 2023 05:44:57 +0000
ROA not before: Mon 02 Jan 2023 05:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8304
IP address blocks: 193.186.192.0/22 maxlen: 24
87.252.0.0/19 maxlen: 24
193.239.120.0/22 maxlen: 24
195.13.58.0/23 maxlen: 24
2a0a:4d40::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:f5:d7:1b:2c:72:92:bc:f8:92:08:fb:11:fe:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68f60683b377257427dbbf6ece35e2c585a3b01d
Validity
Not Before: Jan 2 05:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59e2d19d6842a8ce9bc549e0c54c40850568a484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0e:34:b7:38:c9:3f:17:7f:a5:00:30:12:18:
d4:3d:e6:2f:41:73:8c:dd:ac:2d:e0:cb:62:4f:d5:
db:26:e8:c3:95:37:3b:d6:0f:a5:cc:76:11:e2:b0:
04:2b:87:9d:0e:65:8a:f4:c8:3f:34:02:94:20:ac:
be:91:8e:69:82:a2:3e:6f:1b:bc:c2:9b:69:1c:aa:
81:48:c3:a0:f9:c6:b2:56:8d:c5:15:59:bd:8d:2e:
b2:95:1a:b5:4e:2f:28:83:04:e6:f4:86:78:99:21:
51:02:a2:f5:db:1c:a3:9d:23:74:05:75:96:84:0b:
18:31:58:3e:b8:65:28:81:1d:07:ef:e9:4e:9b:90:
bc:1b:82:17:38:2f:b9:eb:f6:37:b1:31:37:09:a6:
a6:af:9e:c7:a0:3d:6c:d1:63:b2:ba:1e:58:73:7f:
aa:4c:47:1c:a4:15:a5:3c:d8:b3:ff:7b:d6:66:68:
30:77:a6:fe:94:fc:47:f0:1f:28:66:6a:af:11:23:
36:2d:58:72:d7:82:cb:44:75:10:b6:4e:3f:06:c4:
f9:d6:5f:e1:af:6f:34:ea:6d:df:6e:a5:55:66:9a:
bb:30:21:9e:58:63:06:e4:0d:b0:d2:0d:eb:58:85:
ad:8b:5d:5a:74:bf:43:5a:da:c0:29:26:40:d0:fd:
ac:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:E2:D1:9D:68:42:A8:CE:9B:C5:49:E0:C5:4C:40:85:05:68:A4:84
X509v3 Authority Key Identifier:
keyid:68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/WeLRnWhCqM6bxUngxUxAhQVopIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.252.0.0/19
193.186.192.0/22
193.239.120.0/22
195.13.58.0/23
IPv6:
2a0a:4d40::/32
Signature Algorithm: sha256WithRSAEncryption
3e:2b:63:57:0c:dd:f2:a5:7d:ec:c6:57:a8:d4:5a:bf:23:eb:
81:d2:10:a6:3a:45:14:89:24:41:0f:5f:65:6d:a6:03:b4:e7:
7b:36:f4:be:08:b1:cf:89:95:b6:90:b3:f5:f6:2c:ee:d0:87:
6e:62:c8:22:7e:83:55:f4:15:59:31:4b:b8:16:c5:be:b8:21:
c5:23:99:ba:3a:96:66:47:ef:f5:8d:35:e2:c1:52:6c:2f:3b:
c0:21:09:d3:41:17:07:7e:5c:9c:c2:14:2f:44:64:4a:bf:ac:
b1:0e:9e:43:13:47:99:d1:86:72:8c:17:88:c1:e0:38:5e:5b:
51:1c:fb:ce:bf:07:f4:5d:cb:f2:ae:ce:c8:49:c0:df:ce:0b:
1e:95:5f:5e:8e:53:8b:2f:59:91:41:bb:90:8d:29:b5:12:e2:
1c:70:92:fa:c3:d7:33:87:56:41:89:1b:49:8b:cf:13:db:dc:
79:91:f0:05:5d:e8:59:de:f5:be:f9:37:9d:ef:18:2a:15:29:
55:13:4d:c4:e4:ae:6a:42:7f:49:3d:f4:92:cd:73:fc:bc:45:
95:07:46:e6:92:de:95:95:07:8b:96:4f:c5:f5:8c:21:4d:b5:
2f:69:33:82:f9:70:28:37:d9:f4:c4:b8:43:9b:f9:09:27:a9:
e7:af:35:a0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVxAvXXGyxykrz4kgj7Ef7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjYwNjgzYjM3NzI1NzQyN2RiYmY2ZWNlMzVlMmM1ODVh
M2IwMWQwHhcNMjMwMTAyMDU0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWUyZDE5ZDY4NDJhOGNlOWJjNTQ5ZTBjNTRjNDA4NTA1NjhhNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ40tzjJPxd/pQAwEhjUPeYvQXOM
3awt4MtiT9XbJujDlTc71g+lzHYR4rAEK4edDmWK9Mg/NAKUIKy+kY5pgqI+bxu8
wptpHKqBSMOg+cayVo3FFVm9jS6ylRq1Ti8ogwTm9IZ4mSFRAqL12xyjnSN0BXWW
hAsYMVg+uGUogR0H7+lOm5C8G4IXOC+56/Y3sTE3Caamr57HoD1s0WOyuh5Yc3+q
TEccpBWlPNiz/3vWZmgwd6b+lPxH8B8oZmqvESM2LVhy14LLRHUQtk4/BsT51l/h
r2806m3fbqVVZpq7MCGeWGMG5A2w0g3rWIWti11adL9DWtrAKSZA0P2sPQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFni0Z1oQqjOm8VJ4MVMQIUFaKSEMB8GA1UdIwQY
MBaAFGj2BoOzdyV0J9u/bs414sWFo7AdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQt
MzU0NzQwMzZhOWQ3LzEvV2VMUm5XaENxTTZieFVuZ3hVeEFoUVZvcElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQtMzU0NzQwMzZhOWQ3
LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFV/wAAwQC
wbrAAwQCwe94AwQBww06MA0EAgACMAcDBQAqCk1AMA0GCSqGSIb3DQEBCwUAA4IB
AQA+K2NXDN3ypX3sxleo1Fq/I+uB0hCmOkUUiSRBD19lbaYDtOd7NvS+CLHPiZW2
kLP19izu0IduYsgifoNV9BVZMUu4FsW+uCHFI5m6OpZmR+/1jTXiwVJsLzvAIQnT
QRcHflycwhQvRGRKv6yxDp5DE0eZ0YZyjBeIweA4XltRHPvOvwf0Xcvyrs7IScDf
zgselV9ejlOLL1mRQbuQjSm1EuIccJL6w9czh1ZBiRtJi88T29x5kfAFXehZ3vW+
+Ted7xgqFSlVE03E5K5qQn9JPfSSzXP8vEWVB0bmkt6VlQeLlk/F9YwhTbUvaTOC
+XAoN9n0xLhDm/kJJ6nnrzWg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:45 2024 by rpki-client on console-ams.rpki-client.org