Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/wdzin7XPSOe17lMAZRg-oxoaXpI.roa
File: wdzin7XPSOe17lMAZRg-oxoaXpI.roa (raw, json)
Hash identifier: 0+pj8oiyeUiKOFUKOEgQ0pdMaDDL4dxo8nOggBww2P8=
Subject key identifier: C1:DC:E2:9F:B5:CF:48:E7:B5:EE:53:00:65:18:3E:A3:1A:1A:5E:92
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01856BDCA490E427FD8DC0FF19731B2772A5
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/wdzin7XPSOe17lMAZRg-oxoaXpI.roa
Signing time: Sun 01 Jan 2023 05:45:00 +0000
ROA not before: Sun 01 Jan 2023 05:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 81.161.52.0/22 maxlen: 24
94.232.100.0/22 maxlen: 24
37.97.112.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:a4:90:e4:27:fd:8d:c0:ff:19:73:1b:27:72:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1dce29fb5cf48e7b5ee530065183ea31a1a5e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0f:af:46:c2:37:3c:fe:d9:22:59:79:6b:f5:
78:67:5a:af:e9:1c:ab:69:c9:3a:62:51:05:ca:ec:
fe:2f:d1:a7:17:7d:c0:c3:58:8c:7f:d5:44:8f:83:
14:f3:51:af:ad:fd:d8:5e:20:41:68:81:7f:ec:c2:
af:6d:dd:9f:26:fa:d4:80:24:3b:ce:66:f5:59:f1:
ca:b8:f0:94:65:b8:d1:b3:84:92:8e:7f:cb:23:7d:
ee:44:aa:3d:6e:7d:94:43:7f:f7:b5:f4:ca:30:9f:
ff:b7:df:e2:81:6a:80:89:45:33:06:61:d9:cf:ee:
db:a5:b6:20:f5:61:4f:59:d3:ce:a6:a3:59:f9:f2:
97:7d:4a:d5:fb:66:b0:6e:c1:8f:8f:e2:d6:64:c7:
c3:2e:78:db:da:ab:bb:dd:fa:61:60:b4:d0:eb:45:
bc:6b:74:f5:13:88:48:f6:a7:10:18:02:1e:39:45:
c0:49:0b:53:83:c3:fb:37:39:5f:0d:98:88:73:5e:
b5:1c:cd:bb:de:e6:48:7b:55:42:a4:e8:dc:5c:f6:
18:df:f5:ae:53:ce:40:e8:dd:8e:90:db:df:9c:29:
e6:e5:c3:a2:99:a6:31:1a:46:04:7d:39:e0:3d:3b:
3a:ac:3c:de:a9:99:5b:59:78:01:6e:d2:a6:35:a8:
b1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:DC:E2:9F:B5:CF:48:E7:B5:EE:53:00:65:18:3E:A3:1A:1A:5E:92
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/wdzin7XPSOe17lMAZRg-oxoaXpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.112.0/22
81.161.52.0/22
94.232.100.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:fe:fd:d3:d7:d1:bd:d6:6c:25:dc:df:be:ce:91:5c:c2:fa:
a5:e6:cf:6d:91:52:86:3e:df:be:b6:d5:e4:be:2f:e5:67:df:
bf:a3:10:f9:8a:73:9a:d1:49:6d:1f:c6:b8:00:30:de:25:8b:
6c:47:40:2c:34:2f:6f:c8:83:0a:f8:19:7f:53:d9:db:b1:7b:
32:76:2e:c9:d1:ca:1d:41:e8:50:a5:51:47:dd:74:eb:7d:8a:
f1:cb:92:c9:6a:e5:5e:24:ad:be:1c:21:92:e5:c0:fb:65:5e:
5b:85:bd:b6:c8:3e:49:b5:58:25:6e:9f:68:34:fc:9b:c6:af:
dd:4b:ec:0e:01:d1:f4:e9:10:7f:a4:33:fa:75:ff:96:f2:5b:
e8:df:3d:f2:a1:22:aa:77:06:85:61:bb:a7:a3:8f:8c:74:02:
28:17:89:4a:9e:00:2f:1c:42:c2:83:24:78:3c:a7:a4:f2:17:
74:47:d4:c3:c4:a0:59:af:09:56:3a:7c:4d:36:8a:8a:7f:90:
e4:b0:c6:fe:ee:c5:cd:5a:dc:5e:f6:5f:e7:06:ce:99:dd:bc:
88:50:ff:8b:2c:df:09:2b:ad:fa:42:2c:b2:06:8d:7c:69:f5:
95:f7:a8:fe:48:f0:d8:46:f1:b1:e1:08:76:38:63:a6:86:5e:
e5:7f:82:9b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVr3KSQ5Cf9jcD/GXMbJ3KlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTAxMDU0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWRjZTI5ZmI1Y2Y0OGU3YjVlZTUzMDA2NTE4M2VhMzFhMWE1ZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlA+vRsI3PP7ZIll5a/V4Z1qv6Ryr
ack6YlEFyuz+L9GnF33Aw1iMf9VEj4MU81Gvrf3YXiBBaIF/7MKvbd2fJvrUgCQ7
zmb1WfHKuPCUZbjRs4SSjn/LI33uRKo9bn2UQ3/3tfTKMJ//t9/igWqAiUUzBmHZ
z+7bpbYg9WFPWdPOpqNZ+fKXfUrV+2awbsGPj+LWZMfDLnjb2qu73fphYLTQ60W8
a3T1E4hI9qcQGAIeOUXASQtTg8P7NzlfDZiIc161HM273uZIe1VCpOjcXPYY3/Wu
U85A6N2OkNvfnCnm5cOimaYxGkYEfTngPTs6rDzeqZlbWXgBbtKmNaixjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMHc4p+1z0jnte5TAGUYPqMaGl6SMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvd2R6aW43WFBTT2UxN2xNQVpSZy1veG9hWHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJWFwAwQC
UaE0AwQCXuhkMA0GCSqGSIb3DQEBCwUAA4IBAQAa/v3T19G91mwl3N++zpFcwvql
5s9tkVKGPt++ttXkvi/lZ9+/oxD5inOa0UltH8a4ADDeJYtsR0AsNC9vyIMK+Bl/
U9nbsXsydi7J0codQehQpVFH3XTrfYrxy5LJauVeJK2+HCGS5cD7ZV5bhb22yD5J
tVglbp9oNPybxq/dS+wOAdH06RB/pDP6df+W8lvo3z3yoSKqdwaFYbuno4+MdAIo
F4lKngAvHELCgyR4PKek8hd0R9TDxKBZrwlWOnxNNoqKf5DksMb+7sXNWtxe9l/n
Bs6Z3byIUP+LLN8JK636QiyyBo18afWV96j+SPDYRvGx4Qh2OGOmhl7lf4Kb
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:57 2024 by rpki-client on console-ams.rpki-client.org