Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/rWiybQnhUEmYaSgtXHwLuOOS5sQ.roa
File: rWiybQnhUEmYaSgtXHwLuOOS5sQ.roa (raw, json)
Hash identifier: mhzbgxKflXWRzlemVA1LRToZpTxOksuDcmHCuULMXH8=
Subject key identifier: AD:68:B2:6D:09:E1:50:49:98:69:28:2D:5C:7C:0B:B8:E3:92:E6:C4
Certificate issuer: /CN=c4eb34dda2f8094968494892063351ee0f10e91a
Certificate serial: 0185711E5C9DF97DDE1AA96089F31EA1CD4C
Authority key identifier: C4:EB:34:DD:A2:F8:09:49:68:49:48:92:06:33:51:EE:0F:10:E9:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xOs03aL4CUloSUiSBjNR7g8Q6Ro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/rWiybQnhUEmYaSgtXHwLuOOS5sQ.roa
Signing time: Mon 02 Jan 2023 06:14:53 +0000
ROA not before: Mon 02 Jan 2023 06:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 152.89.228.0/22 maxlen: 23
45.80.250.0/23 maxlen: 23
2.58.176.0/22 maxlen: 23
141.98.68.0/22 maxlen: 23
Validation: Failed, certificate revoked on Fri 28 Jul 2023 09:19:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:5c:9d:f9:7d:de:1a:a9:60:89:f3:1e:a1:cd:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4eb34dda2f8094968494892063351ee0f10e91a
Validity
Not Before: Jan 2 06:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad68b26d09e150499869282d5c7c0bb8e392e6c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:92:fb:d5:bc:f6:9d:f3:23:10:fe:05:e9:53:
56:4e:61:a0:c6:c0:40:dc:32:23:f6:70:d7:30:14:
a6:bf:ee:78:7c:7a:d4:de:c7:7b:c8:3a:e9:2c:6b:
b9:23:6c:70:a8:73:3d:20:0e:52:df:73:96:ac:1f:
2f:3f:eb:2f:df:08:e1:cf:bd:ba:c3:f6:d5:16:0c:
c2:a5:15:93:f7:1b:ca:ed:b0:8b:f5:55:88:07:9b:
ff:a3:29:98:af:41:08:49:02:dd:11:15:8c:21:43:
66:18:a0:18:d1:33:4f:02:76:de:e5:4c:ed:2f:68:
0d:69:74:ee:41:79:59:ec:4b:45:9d:a4:4e:05:a0:
50:94:4e:cb:af:06:97:a0:51:f4:13:91:af:0e:b8:
27:dc:06:96:40:25:9b:ec:1a:a0:03:e2:83:72:ea:
b7:29:14:d2:13:b3:c3:48:7f:b8:72:e8:cd:54:9d:
7e:61:c0:b1:0f:cb:b4:6c:65:d2:95:1f:ec:99:1c:
86:2e:51:48:1c:1c:d1:5d:a9:be:38:93:be:58:72:
a4:b8:5f:0a:5a:39:dd:dc:e8:9a:81:c5:0b:4e:a5:
28:ae:d3:db:3e:a2:e1:65:76:a7:ee:fa:1a:21:7a:
5e:51:eb:65:4a:03:65:ca:13:dc:f1:77:3d:fb:24:
4f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:68:B2:6D:09:E1:50:49:98:69:28:2D:5C:7C:0B:B8:E3:92:E6:C4
X509v3 Authority Key Identifier:
keyid:C4:EB:34:DD:A2:F8:09:49:68:49:48:92:06:33:51:EE:0F:10:E9:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xOs03aL4CUloSUiSBjNR7g8Q6Ro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/rWiybQnhUEmYaSgtXHwLuOOS5sQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/xOs03aL4CUloSUiSBjNR7g8Q6Ro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.176.0/22
45.80.250.0/23
141.98.68.0/22
152.89.228.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:82:24:dc:cd:30:bb:aa:b7:aa:8f:1c:aa:1f:89:c7:68:d7:
52:d0:d5:5b:67:6d:97:88:c5:6b:7c:8e:f0:fd:67:54:40:86:
0f:4e:42:16:65:b5:a5:b6:81:88:d0:50:9c:f3:84:1a:55:17:
c8:e1:c4:db:37:e7:a8:f2:df:0d:69:ae:26:4e:fd:f4:f1:30:
06:d0:b5:dd:71:8e:d7:ea:4f:a0:61:c7:62:07:20:63:87:43:
ea:55:20:72:1c:6b:1a:5a:4a:13:d0:43:aa:d1:4f:db:ad:c3:
26:5b:03:1e:24:94:48:08:dd:33:15:65:a9:50:1c:fc:f0:50:
5c:39:0e:ca:6e:a5:40:eb:4e:5a:91:ce:1d:f3:ed:8d:4f:81:
2b:79:e5:09:99:b6:df:86:8e:bf:2d:34:60:17:c5:7e:ab:53:
39:71:97:1f:35:32:f6:79:6c:fe:12:ab:76:e6:f9:b9:48:a6:
d2:12:17:7e:b1:e2:b2:db:20:46:01:14:6a:48:04:c2:a8:86:
c4:8a:a0:e4:3a:3c:2e:23:67:d9:90:c8:e2:1a:b0:8d:0d:fd:
68:ae:64:f6:e0:31:8e:42:65:08:1a:bb:37:73:f9:39:79:f0:
79:26:9e:69:78:92:51:b9:a4:5a:6b:09:b5:97:51:6e:58:37:
bc:e4:6d:4a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxHlyd+X3eGqlgifMeoc1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZWIzNGRkYTJmODA5NDk2ODQ5NDg5MjA2MzM1MWVlMGYx
MGU5MWEwHhcNMjMwMTAyMDYxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDY4YjI2ZDA5ZTE1MDQ5OTg2OTI4MmQ1YzdjMGJiOGUzOTJlNmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5L71bz2nfMjEP4F6VNWTmGgxsBA
3DIj9nDXMBSmv+54fHrU3sd7yDrpLGu5I2xwqHM9IA5S33OWrB8vP+sv3wjhz726
w/bVFgzCpRWT9xvK7bCL9VWIB5v/oymYr0EISQLdERWMIUNmGKAY0TNPAnbe5Uzt
L2gNaXTuQXlZ7EtFnaROBaBQlE7LrwaXoFH0E5GvDrgn3AaWQCWb7BqgA+KDcuq3
KRTSE7PDSH+4cujNVJ1+YcCxD8u0bGXSlR/smRyGLlFIHBzRXam+OJO+WHKkuF8K
Wjnd3OiagcULTqUortPbPqLhZXan7voaIXpeUetlSgNlyhPc8Xc9+yRPuwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK1osm0J4VBJmGkoLVx8C7jjkubEMB8GA1UdIwQY
MBaAFMTrNN2i+AlJaElIkgYzUe4PEOkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE9zMDNhTDRDVWxvU1VpU0JqTlI3ZzhRNlJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9iOTY1ODQtMWY3MS00OGJiLWEwMjEt
YTM0N2I1NmYzYjlhLzEvcldpeWJRbmhVRW1ZYVNndFhId0x1T09TNXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9iOTY1ODQtMWY3MS00OGJiLWEwMjEtYTM0N2I1NmYzYjlh
LzEveE9zMDNhTDRDVWxvU1VpU0JqTlI3ZzhRNlJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjqwAwQB
LVD6AwQCjWJEAwQCmFnkMA0GCSqGSIb3DQEBCwUAA4IBAQB7giTczTC7qreqjxyq
H4nHaNdS0NVbZ22XiMVrfI7w/WdUQIYPTkIWZbWltoGI0FCc84QaVRfI4cTbN+eo
8t8Naa4mTv308TAG0LXdcY7X6k+gYcdiByBjh0PqVSByHGsaWkoT0EOq0U/brcMm
WwMeJJRICN0zFWWpUBz88FBcOQ7KbqVA605akc4d8+2NT4EreeUJmbbfho6/LTRg
F8V+q1M5cZcfNTL2eWz+Eqt25vm5SKbSEhd+seKy2yBGARRqSATCqIbEiqDkOjwu
I2fZkMjiGrCNDf1ormT24DGOQmUIGrs3c/k5efB5Jp5peJJRuaRaawm1l1FuWDe8
5G1K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:01 2024 by rpki-client on console-fra.rpki-client.org