Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/W3leK61-K3CmhHuZMJ5rMlgOs1k.roa
File: W3leK61-K3CmhHuZMJ5rMlgOs1k.roa (raw, json)
Hash identifier: kjquG90S8/IEiqeZK96P3LvT50mgKVbIeSdtw1QB5+E=
Subject key identifier: 5B:79:5E:2B:AD:7E:2B:70:A6:84:7B:99:30:9E:6B:32:58:0E:B3:59
Certificate issuer: /CN=6940258a1a68ae605c073fb583b13e1376b778a7
Certificate serial: 01856E268242F6A340E412F69A8664290BD2
Authority key identifier: 69:40:25:8A:1A:68:AE:60:5C:07:3F:B5:83:B1:3E:13:76:B7:78:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aUAlihpormBcBz-1g7E-E3a3eKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/W3leK61-K3CmhHuZMJ5rMlgOs1k.roa
Signing time: Sun 01 Jan 2023 16:24:55 +0000
ROA not before: Sun 01 Jan 2023 16:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50204
IP address blocks: 193.32.12.0/22 maxlen: 22
151.249.96.0/21 maxlen: 21
91.217.100.0/23 maxlen: 23
185.22.16.0/22 maxlen: 22
195.211.252.0/22 maxlen: 22
2a00:5fa0::/36 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:82:42:f6:a3:40:e4:12:f6:9a:86:64:29:0b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6940258a1a68ae605c073fb583b13e1376b778a7
Validity
Not Before: Jan 1 16:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b795e2bad7e2b70a6847b99309e6b32580eb359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c2:d5:f4:7e:32:3a:ae:8d:c5:32:63:02:36:
77:c3:6c:cf:e3:a0:ba:f8:6b:bc:12:4a:d1:ad:2b:
9e:7e:40:0f:2e:fb:b4:ad:e3:43:69:45:9e:da:8e:
10:2b:52:0d:08:3a:f4:00:e4:ab:88:28:e7:5b:b4:
6d:e9:f4:b7:d5:11:36:b4:50:c2:69:b0:25:39:27:
a7:f4:33:5d:44:30:02:8c:6b:fe:eb:56:a2:d1:2a:
be:19:34:a8:5a:a3:18:ba:e3:ca:26:4c:7e:e5:2f:
a7:ff:ed:b4:05:20:9f:16:8b:05:61:ad:e1:a9:bb:
42:c8:cb:c0:e6:b7:f3:77:8e:12:1c:20:46:a2:e2:
b0:0b:46:03:a2:59:6e:d9:56:55:52:d9:32:a6:61:
9e:f5:36:af:4b:fc:da:17:c4:91:d8:f1:c0:d7:c5:
25:b3:92:f5:44:3d:41:4d:8e:33:92:e1:46:27:f3:
20:68:d8:47:ef:7c:16:d8:42:71:3a:88:d4:ad:0c:
5f:2d:11:8d:e7:19:93:31:1a:5b:c4:4b:d5:21:a3:
95:7a:67:2f:55:e1:80:ba:e7:e6:c7:f4:81:b9:f2:
b6:c7:52:03:a2:46:e1:0a:40:d4:e5:29:72:26:5b:
b4:b6:9d:a1:0a:d9:4e:52:48:55:87:4b:04:ff:8d:
01:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:79:5E:2B:AD:7E:2B:70:A6:84:7B:99:30:9E:6B:32:58:0E:B3:59
X509v3 Authority Key Identifier:
keyid:69:40:25:8A:1A:68:AE:60:5C:07:3F:B5:83:B1:3E:13:76:B7:78:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUAlihpormBcBz-1g7E-E3a3eKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/W3leK61-K3CmhHuZMJ5rMlgOs1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/aUAlihpormBcBz-1g7E-E3a3eKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.100.0/23
151.249.96.0/21
185.22.16.0/22
193.32.12.0/22
195.211.252.0/22
IPv6:
2a00:5fa0::/36
Signature Algorithm: sha256WithRSAEncryption
41:eb:a0:73:73:a3:61:22:db:e9:3a:8d:8e:9b:92:ae:3a:54:
22:ec:e4:bd:c9:f2:53:67:a8:f4:56:76:8a:f6:b8:2f:10:12:
5d:f4:f6:57:2b:3f:dc:b5:3c:58:00:85:97:ca:5e:b5:42:b6:
03:3f:39:6d:69:46:ab:9b:03:03:69:65:c2:a6:c6:d6:48:d9:
c0:63:8c:63:54:96:cb:7d:71:74:a3:8b:2d:8d:6c:87:a1:82:
cf:92:f3:5f:fa:6f:a0:e4:6a:c7:6e:40:98:83:86:26:6b:4b:
6b:29:da:51:3b:87:1c:29:ab:53:b8:d2:53:3e:13:6a:c5:f7:
8f:fb:31:d9:c9:f4:1a:a8:07:b1:44:fd:b1:59:a8:e6:e8:fe:
02:d7:d8:96:11:9b:76:65:44:2f:b7:2a:98:8c:ae:f0:15:3b:
57:52:9d:b1:d5:d4:c4:33:0f:53:b9:ec:24:89:0f:df:fc:fb:
81:24:5b:f8:ae:1e:c8:fe:34:8c:d5:ab:ea:c4:a6:ee:eb:ad:
c2:8b:52:bd:fe:3d:ad:2a:7c:17:40:21:f5:01:ab:d2:65:cb:
cc:95:dd:19:2d:c8:f4:13:a2:68:5f:ff:8a:18:fb:2c:b7:be:
51:4f:15:17:76:ef:a2:90:ee:52:17:d9:d0:10:08:0e:b5:6a:
cb:b7:0f:98
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVuJoJC9qNA5BL2moZkKQvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NDAyNThhMWE2OGFlNjA1YzA3M2ZiNTgzYjEzZTEzNzZi
Nzc4YTcwHhcNMjMwMTAxMTYyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yjc5NWUyYmFkN2UyYjcwYTY4NDdiOTkzMDllNmIzMjU4MGViMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMLV9H4yOq6NxTJjAjZ3w2zP46C6
+Gu8EkrRrSuefkAPLvu0reNDaUWe2o4QK1INCDr0AOSriCjnW7Rt6fS31RE2tFDC
abAlOSen9DNdRDACjGv+61ai0Sq+GTSoWqMYuuPKJkx+5S+n/+20BSCfFosFYa3h
qbtCyMvA5rfzd44SHCBGouKwC0YDollu2VZVUtkypmGe9TavS/zaF8SR2PHA18Ul
s5L1RD1BTY4zkuFGJ/MgaNhH73wW2EJxOojUrQxfLRGN5xmTMRpbxEvVIaOVemcv
VeGAuufmx/SBufK2x1IDokbhCkDU5SlyJlu0tp2hCtlOUkhVh0sE/40B3QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFFt5XiutfitwpoR7mTCeazJYDrNZMB8GA1UdIwQY
MBaAFGlAJYoaaK5gXAc/tYOxPhN2t3inMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVBbGlocG9ybUJjQnotMWc3RS1FM2EzZUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8xNDM0Y2QtYTNkNi00NDg4LTg4ODgt
NzQ5ZTk4MGVjMGI3LzEvVzNsZUs2MS1LM0NtaEh1Wk1KNXJNbGdPczFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8xNDM0Y2QtYTNkNi00NDg4LTg4ODgtNzQ5ZTk4MGVjMGI3
LzEvYVVBbGlocG9ybUJjQnotMWc3RS1FM2EzZUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQBW9lkAwQD
l/lgAwQCuRYQAwQCwSAMAwQCw9P8MA4EAgACMAgDBgQqAF+gADANBgkqhkiG9w0B
AQsFAAOCAQEAQeugc3OjYSLb6TqNjpuSrjpUIuzkvcnyU2eo9FZ2iva4LxASXfT2
Vys/3LU8WACFl8petUK2Az85bWlGq5sDA2llwqbG1kjZwGOMY1SWy31xdKOLLY1s
h6GCz5LzX/pvoORqx25AmIOGJmtLaynaUTuHHCmrU7jSUz4TasX3j/sx2cn0GqgH
sUT9sVmo5uj+AtfYlhGbdmVEL7cqmIyu8BU7V1KdsdXUxDMPU7nsJIkP3/z7gSRb
+K4eyP40jNWr6sSm7uutwotSvf49rSp8F0Ah9QGr0mXLzJXdGS3I9BOiaF//ihj7
LLe+UU8VF3bvopDuUhfZ0BAIDrVqy7cPmA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:54 2024 by rpki-client on console-ams.rpki-client.org