Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/WFQOGqrCL35Yu7hJJLRpS5myw0U.roa
File: WFQOGqrCL35Yu7hJJLRpS5myw0U.roa (raw, json)
Hash identifier: R+/LCDyF2hdDa7C+yxREA6D3WqJd/jYIGtzxySV9jMk=
Subject key identifier: 58:54:0E:1A:AA:C2:2F:7E:58:BB:B8:49:24:B4:69:4B:99:B2:C3:45
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018DB3D95822C78C2E2865420FC8F2E2452C
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/WFQOGqrCL35Yu7hJJLRpS5myw0U.roa
Signing time: Fri 16 Feb 2024 21:36:21 +0000
ROA not before: Fri 16 Feb 2024 21:36:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 109.122.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 07:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b3:d9:58:22:c7:8c:2e:28:65:42:0f:c8:f2:e2:45:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 16 21:36:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58540e1aaac22f7e58bbb84924b4694b99b2c345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:19:3f:7a:93:66:8b:1f:9c:7f:71:cc:11:89:
38:cb:97:37:1a:ad:ff:d2:3c:7d:3f:ca:26:55:40:
9d:f9:02:61:f2:4f:e5:5c:97:b2:0b:47:4d:ef:a0:
29:ce:18:b2:93:24:49:22:9d:6b:9f:d6:14:07:0d:
d5:3c:66:59:8f:2d:d5:64:f5:9f:d0:01:ce:c6:85:
e8:ad:27:65:c4:ea:a9:06:dc:db:f7:f3:fc:fe:77:
13:02:00:6d:4e:9e:fd:a1:1b:62:e0:46:d8:62:54:
c8:30:02:69:8a:06:a7:5d:2b:b1:11:49:a3:93:50:
dc:53:21:5e:62:1e:3f:89:68:81:f8:03:ee:64:7e:
9c:a6:7c:0a:02:3d:74:45:01:22:7c:3e:d4:c4:9d:
03:53:c4:1c:19:ac:64:df:af:76:f3:8e:c2:40:4c:
3b:b9:2d:96:1e:db:e0:2e:c0:8b:2a:70:73:6f:a4:
0d:53:29:1d:8b:5f:28:43:a0:a3:36:76:2f:2d:20:
42:d6:00:6c:97:6c:78:12:82:f4:9e:b9:c8:69:02:
cc:e9:f4:9d:15:bf:fb:44:4c:46:65:37:2d:a8:22:
a1:b2:8a:1e:f8:65:cb:fb:8b:82:35:9c:29:0e:6a:
f4:96:bf:ad:f3:d9:d9:91:ea:62:c6:cf:60:97:73:
a1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:54:0E:1A:AA:C2:2F:7E:58:BB:B8:49:24:B4:69:4B:99:B2:C3:45
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/WFQOGqrCL35Yu7hJJLRpS5myw0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.40.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:c6:cf:10:9e:ec:a0:de:c8:27:5d:79:39:11:06:76:4c:b7:
64:02:3b:c9:a6:07:2b:ea:26:73:4a:f2:32:45:7f:5f:f3:fa:
72:48:8c:09:39:bd:8e:89:6a:2f:33:d6:21:46:66:67:1c:ce:
0c:ec:d5:d1:f7:18:6e:b3:8b:59:05:f3:77:f5:a0:04:a9:2f:
f0:93:9a:f3:da:39:2e:80:27:da:bd:e6:1e:83:f2:4c:21:7b:
64:14:6e:23:8d:28:08:fa:7f:f7:2e:b6:96:a9:3f:21:8a:d4:
15:9f:f7:2e:6b:9c:20:03:9e:e6:f9:41:ab:f4:db:3e:65:b2:
4c:db:1a:22:42:af:a8:e6:8f:ba:3d:88:2e:8c:d7:f6:6e:4a:
c5:8f:30:47:26:f4:a7:58:75:7b:80:0b:8f:d7:2b:77:3a:ff:
07:3e:65:82:53:e3:6a:2b:41:37:22:e0:8b:96:bb:fd:7b:96:
80:69:e4:7d:27:bb:be:99:7b:89:a6:c9:bd:f0:3f:cb:be:02:
02:9e:6b:a4:f0:32:3d:28:49:58:05:20:cb:fe:90:83:ee:c4:
47:54:80:fa:80:d9:80:c3:70:ac:30:86:6f:a1:00:67:fd:3f:
30:a7:93:64:b9:32:7c:36:09:0a:a6:0a:7d:d9:31:ed:b5:df:
3b:a3:e7:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2z2Vgix4wuKGVCD8jy4kUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMjE2MjEzNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODU0MGUxYWFhYzIyZjdlNThiYmI4NDkyNGI0Njk0Yjk5YjJjMzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRk/epNmix+cf3HMEYk4y5c3Gq3/
0jx9P8omVUCd+QJh8k/lXJeyC0dN76ApzhiykyRJIp1rn9YUBw3VPGZZjy3VZPWf
0AHOxoXorSdlxOqpBtzb9/P8/ncTAgBtTp79oRti4EbYYlTIMAJpiganXSuxEUmj
k1DcUyFeYh4/iWiB+APuZH6cpnwKAj10RQEifD7UxJ0DU8QcGaxk3692847CQEw7
uS2WHtvgLsCLKnBzb6QNUykdi18oQ6CjNnYvLSBC1gBsl2x4EoL0nrnIaQLM6fSd
Fb/7RExGZTctqCKhsooe+GXL+4uCNZwpDmr0lr+t89nZkepixs9gl3OhwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFhUDhqqwi9+WLu4SSS0aUuZssNFMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvV0ZRT0dxckNMMzVZdTdoSkpMUnBTNW15dzBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXooMA0G
CSqGSIb3DQEBCwUAA4IBAQANxs8Qnuyg3sgnXXk5EQZ2TLdkAjvJpgcr6iZzSvIy
RX9f8/pySIwJOb2OiWovM9YhRmZnHM4M7NXR9xhus4tZBfN39aAEqS/wk5rz2jku
gCfaveYeg/JMIXtkFG4jjSgI+n/3LraWqT8hitQVn/cua5wgA57m+UGr9Ns+ZbJM
2xoiQq+o5o+6PYgujNf2bkrFjzBHJvSnWHV7gAuP1yt3Ov8HPmWCU+NqK0E3IuCL
lrv9e5aAaeR9J7u+mXuJpsm98D/LvgICnmuk8DI9KElYBSDL/pCD7sRHVID6gNmA
w3CsMIZvoQBn/T8wp5NkuTJ8NgkKpgp92THttd87o+fD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org