Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/W_X3GvMNIQpqkrm4FF09UYjobPc.roa
File: W_X3GvMNIQpqkrm4FF09UYjobPc.roa (raw, json)
Hash identifier: raKXlSEPGzetkJtYiJWm6mPFHqO/v8fbCRl7k3ccbwU=
Subject key identifier: 5B:F5:F7:1A:F3:0D:21:0A:6A:92:B9:B8:14:5D:3D:51:88:E8:6C:F7
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 0186A2D6C4365D5F589755BEB1DF240BB8CA
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/W_X3GvMNIQpqkrm4FF09UYjobPc.roa
Signing time: Thu 02 Mar 2023 15:00:29 +0000
ROA not before: Thu 02 Mar 2023 15:00:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201217
IP address blocks: 2a0a:280:1700::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:d6:c4:36:5d:5f:58:97:55:be:b1:df:24:0b:b8:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Mar 2 15:00:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bf5f71af30d210a6a92b9b8145d3d5188e86cf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3f:ef:ad:4b:0c:79:45:92:ba:fe:9e:8c:1e:
ea:b2:27:a5:34:88:4b:82:f0:89:4f:37:ac:e4:d5:
2e:c2:a0:1b:5d:36:80:2b:9b:64:32:c8:92:90:c1:
a3:2f:0f:bf:54:be:c6:ea:f9:6b:c3:41:0d:1c:a6:
8f:c1:73:27:5b:22:96:f7:db:53:62:2c:69:57:cc:
b4:ae:5f:0b:11:cc:b0:c9:73:a3:07:a7:cd:fd:6a:
ba:7f:ff:8b:58:0b:19:cb:9a:ed:01:b0:b6:f4:51:
79:aa:74:b4:38:62:0c:76:03:06:4a:ee:b5:cc:45:
d7:54:04:7a:c0:8e:22:7e:7a:1d:f3:68:94:d9:ab:
97:11:a9:aa:ee:8d:04:59:3f:4e:7e:be:1c:5b:64:
ce:1c:22:3e:07:b4:19:8d:34:69:52:10:cc:0b:65:
f2:ab:14:c8:19:c9:c1:af:91:ab:90:7a:6f:b0:1c:
c8:c1:9b:e4:77:1e:5f:50:65:05:f8:9a:95:59:51:
da:f1:25:83:32:dc:ab:7b:5f:e5:10:14:28:50:36:
35:db:51:2d:e2:0a:d7:92:40:6c:68:5e:4c:56:93:
c1:4b:b1:17:8d:d6:ed:3e:29:05:bc:5f:fe:b0:61:
de:df:b4:b5:80:94:b7:5d:de:a4:9e:3c:0c:42:0b:
fe:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:F5:F7:1A:F3:0D:21:0A:6A:92:B9:B8:14:5D:3D:51:88:E8:6C:F7
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/W_X3GvMNIQpqkrm4FF09UYjobPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:1700::/40
Signature Algorithm: sha256WithRSAEncryption
b0:25:67:42:af:c2:0b:3e:c4:be:d3:19:ce:fb:3e:32:09:ec:
23:ec:e3:6f:9f:bc:0e:2d:5a:ce:18:28:77:20:21:7a:9c:4c:
29:4d:cd:df:97:3c:40:dd:fd:1e:66:1f:ba:19:2b:39:d0:d0:
b1:b8:0f:78:0e:fe:20:35:79:2c:62:3e:8a:2b:ae:03:fd:da:
cc:99:fa:03:06:b5:85:b4:fd:96:00:29:4b:e3:24:a8:01:ce:
4f:6f:3b:45:6f:6b:a0:39:d1:4a:a3:73:c9:32:90:14:13:1c:
f7:3a:42:dd:61:a7:38:47:65:62:74:64:02:cb:e9:f6:d7:0d:
13:3e:ed:bb:ed:03:36:c3:c7:7d:82:79:f4:ff:57:60:62:8f:
38:13:f9:2c:68:6f:23:aa:67:e1:ed:ee:32:91:6c:22:88:3d:
d4:79:2c:7f:c3:5b:b4:20:24:4d:8c:75:b5:fb:61:4a:54:e8:
0b:66:fb:e0:5f:41:4c:ee:d4:e6:63:c4:4c:14:d0:80:f2:b4:
cf:78:85:31:27:20:b0:aa:78:04:05:7b:13:87:a1:7c:ee:f5:
05:bf:54:f1:18:43:e7:c8:ed:1a:b7:2f:59:73:80:66:a2:2d:
01:07:c8:62:20:3f:b6:f1:52:e9:55:00:fa:b4:a1:60:64:de:
e7:7d:3c:97
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYai1sQ2XV9Yl1W+sd8kC7jKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwMzAyMTUwMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmY1ZjcxYWYzMGQyMTBhNmE5MmI5YjgxNDVkM2Q1MTg4ZTg2Y2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz/vrUsMeUWSuv6ejB7qsielNIhL
gvCJTzes5NUuwqAbXTaAK5tkMsiSkMGjLw+/VL7G6vlrw0ENHKaPwXMnWyKW99tT
YixpV8y0rl8LEcywyXOjB6fN/Wq6f/+LWAsZy5rtAbC29FF5qnS0OGIMdgMGSu61
zEXXVAR6wI4ifnod82iU2auXEamq7o0EWT9Ofr4cW2TOHCI+B7QZjTRpUhDMC2Xy
qxTIGcnBr5GrkHpvsBzIwZvkdx5fUGUF+JqVWVHa8SWDMtyre1/lEBQoUDY121Et
4grXkkBsaF5MVpPBS7EXjdbtPikFvF/+sGHe37S1gJS3Xd6knjwMQgv+ZQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFv19xrzDSEKapK5uBRdPVGI6Gz3MB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvV19YM0d2TU5JUXBxa3JtNEZGMDlVWWpvYlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgBcw
DQYJKoZIhvcNAQELBQADggEBALAlZ0Kvwgs+xL7TGc77PjIJ7CPs42+fvA4tWs4Y
KHcgIXqcTClNzd+XPEDd/R5mH7oZKznQ0LG4D3gO/iA1eSxiPoorrgP92syZ+gMG
tYW0/ZYAKUvjJKgBzk9vO0Vva6A50Uqjc8kykBQTHPc6Qt1hpzhHZWJ0ZALL6fbX
DRM+7bvtAzbDx32CefT/V2BijzgT+SxobyOqZ+Ht7jKRbCKIPdR5LH/DW7QgJE2M
dbX7YUpU6Atm++BfQUzu1OZjxEwU0IDytM94hTEnILCqeAQFexOHoXzu9QW/VPEY
Q+fI7Rq3L1lzgGaiLQEHyGIgP7bxUulVAPq0oWBk3ud9PJc=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:21 2024 by rpki-client on console-fra.rpki-client.org