Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/AR--WBca9X_UFTZrJegClqR7olY.roa
File: AR--WBca9X_UFTZrJegClqR7olY.roa (raw, json)
Hash identifier: Kuq4kUdjnjpu9M79W0UgkhP8rWJoB7yXRoAn32tF+2w=
Subject key identifier: 01:1F:BE:58:17:1A:F5:7F:D4:15:36:6B:25:E8:02:96:A4:7B:A2:56
Certificate issuer: /CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
Certificate serial: 01893A16F4ADEA6D7BA7B6DB2BDC0560CD1F
Authority key identifier: FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/AR--WBca9X_UFTZrJegClqR7olY.roa
Signing time: Sun 09 Jul 2023 09:58:50 +0000
ROA not before: Sun 09 Jul 2023 09:58:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199346
IP address blocks: 185.12.158.0/23 maxlen: 24
185.12.156.0/24 maxlen: 24
81.24.248.0/21 maxlen: 24
2a03:2240::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 25 Jul 2023 07:34:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3a:16:f4:ad:ea:6d:7b:a7:b6:db:2b:dc:05:60:cd:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
Validity
Not Before: Jul 9 09:58:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=011fbe58171af57fd415366b25e80296a47ba256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f1:dd:83:86:0b:b3:b3:e8:a4:8d:c7:cc:f5:
43:bd:ad:10:45:95:fa:1e:4e:e6:85:6d:e8:0d:89:
50:eb:1b:f6:c7:47:fb:81:ba:df:f7:2d:c8:05:f9:
82:0d:72:11:1e:78:74:73:1d:3a:4c:6c:f4:56:63:
01:72:28:d2:d6:46:74:35:a3:fa:6b:4d:39:57:20:
7a:e8:48:f7:7a:3e:30:4d:35:ed:23:ed:3a:70:50:
68:65:ae:c2:cd:b4:bd:9a:c5:55:38:dc:25:48:09:
35:3e:fc:04:91:bb:4a:32:54:fe:cf:6b:05:ec:4d:
d9:46:0e:ce:a7:22:46:78:08:75:94:79:8f:b3:71:
4b:98:e6:40:22:b9:5b:e0:2c:22:fc:49:fd:71:6f:
45:31:73:e6:da:9c:1c:99:95:27:39:c9:2a:ee:e5:
32:2b:da:06:2d:3b:69:ef:97:98:13:ae:60:30:87:
c7:5c:08:69:27:e9:2f:f9:ad:34:ed:18:43:4e:ed:
98:73:69:67:42:07:4c:28:7c:5b:ec:f9:1f:c0:ca:
f5:1c:dc:c5:e8:e2:42:98:b3:0c:06:44:6b:46:4a:
19:29:b3:6c:46:61:24:94:da:16:3f:65:d2:91:67:
77:8c:8a:46:b2:96:ad:c0:49:9d:25:43:c7:4d:18:
e8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:1F:BE:58:17:1A:F5:7F:D4:15:36:6B:25:E8:02:96:A4:7B:A2:56
X509v3 Authority Key Identifier:
keyid:FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/AR--WBca9X_UFTZrJegClqR7olY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/_0cFo2PcHY0OpRybmh7L04B70FQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.248.0/21
185.12.156.0/24
185.12.158.0/23
IPv6:
2a03:2240::/32
Signature Algorithm: sha256WithRSAEncryption
11:90:5c:c3:0a:7e:76:6c:9f:26:81:ef:e7:d3:41:65:70:f8:
21:8e:e2:a6:2a:63:02:60:6f:cf:2b:1f:37:c1:b9:56:8e:7e:
07:09:a6:82:7d:35:1d:59:e2:91:d3:7b:a6:7f:54:3a:5e:30:
5d:a9:4c:fd:c4:4b:e7:b2:ec:e7:6f:bc:43:5b:e1:11:b3:85:
69:59:c2:da:6e:be:c0:24:0a:83:65:a4:2f:b1:03:1f:d1:ce:
df:27:b6:21:64:4b:0e:75:f3:7e:3d:2d:e0:7f:4b:b3:d5:aa:
de:47:e5:b7:6c:1a:7b:e5:da:da:24:04:aa:61:0b:eb:0d:a4:
be:f4:df:2c:54:bf:8d:86:12:a2:2a:ea:1e:96:2a:8a:eb:6b:
d2:c7:8b:f1:14:9f:8e:6d:98:9e:e9:d6:92:06:1c:90:b4:5e:
14:98:26:64:80:cc:09:55:93:16:e2:39:f0:5d:bb:21:7c:db:
d5:74:2a:41:9e:81:f2:c0:e9:f3:13:7f:be:99:27:20:8b:9f:
fd:e1:f7:9e:a0:f4:c0:4c:7b:a5:ff:f1:91:0b:c8:07:d4:a7:
5d:77:c5:d9:35:f2:2f:33:a4:d6:0e:0f:68:58:df:cb:fa:0e:
28:f4:ec:d8:99:64:c3:7d:38:8e:70:2a:b6:a6:27:a0:2c:3a:
c8:86:3f:b3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYk6FvSt6m17p7bbK9wFYM0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDcwNWEzNjNkYzFkOGQwZWE1MWM5YjlhMWVjYmQzODA3
YmQwNTQwHhcNMjMwNzA5MDk1ODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTFmYmU1ODE3MWFmNTdmZDQxNTM2NmIyNWU4MDI5NmE0N2JhMjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfHdg4YLs7PopI3HzPVDva0QRZX6
Hk7mhW3oDYlQ6xv2x0f7gbrf9y3IBfmCDXIRHnh0cx06TGz0VmMBcijS1kZ0NaP6
a005VyB66Ej3ej4wTTXtI+06cFBoZa7CzbS9msVVONwlSAk1PvwEkbtKMlT+z2sF
7E3ZRg7OpyJGeAh1lHmPs3FLmOZAIrlb4Cwi/En9cW9FMXPm2pwcmZUnOckq7uUy
K9oGLTtp75eYE65gMIfHXAhpJ+kv+a007RhDTu2Yc2lnQgdMKHxb7PkfwMr1HNzF
6OJCmLMMBkRrRkoZKbNsRmEklNoWP2XSkWd3jIpGspatwEmdJUPHTRjoswIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAEfvlgXGvV/1BU2ayXoApake6JWMB8GA1UdIwQY
MBaAFP9HBaNj3B2NDqUcm5oey9OAe9BUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBjRm8yUGNIWTBPcFJ5Ym1oN0wwNEI3MEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wNWIzZDEtMTE2Zi00ZDYwLWExNzYt
NTZiYmUzOGY3NDA3LzEvQVItLVdCY2E5WF9VRlRackplZ0NscVI3b2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wNWIzZDEtMTE2Zi00ZDYwLWExNzYtNTZiYmUzOGY3NDA3
LzEvXzBjRm8yUGNIWTBPcFJ5Ym1oN0wwNEI3MEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDURj4AwQA
uQycAwQBuQyeMA0EAgACMAcDBQAqAyJAMA0GCSqGSIb3DQEBCwUAA4IBAQARkFzD
Cn52bJ8mge/n00FlcPghjuKmKmMCYG/PKx83wblWjn4HCaaCfTUdWeKR03umf1Q6
XjBdqUz9xEvnsuznb7xDW+ERs4VpWcLabr7AJAqDZaQvsQMf0c7fJ7YhZEsOdfN+
PS3gf0uz1areR+W3bBp75draJASqYQvrDaS+9N8sVL+NhhKiKuoeliqK62vSx4vx
FJ+ObZie6daSBhyQtF4UmCZkgMwJVZMW4jnwXbshfNvVdCpBnoHywOnzE3++mScg
i5/94feeoPTATHul//GRC8gH1Kddd8XZNfIvM6TWDg9oWN/L+g4o9OzYmWTDfTiO
cCq2piegLDrIhj+z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:21 2024 by rpki-client on console-ams.rpki-client.org