Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/wvWaQDkE0UKMnoHnBcbARW2L-ZQ.roa
File: wvWaQDkE0UKMnoHnBcbARW2L-ZQ.roa (raw, json)
Hash identifier: kFPtjP0wBwbir8rZcSjSoxE5Xn2Tf7BqWw+JrNjOGwg=
Subject key identifier: C2:F5:9A:40:39:04:D1:42:8C:9E:81:E7:05:C6:C0:45:6D:8B:F9:94
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 0185724C90E22F43689AE99D494813D79C8A
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/wvWaQDkE0UKMnoHnBcbARW2L-ZQ.roa
Signing time: Mon 02 Jan 2023 11:44:58 +0000
ROA not before: Mon 02 Jan 2023 11:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203905
IP address blocks: 193.19.72.0/23 maxlen: 23
2a00:6ba0:dddd::/48 maxlen: 48
2a00:6ba0:bbbb::/48 maxlen: 48
2a00:6ba0:eeee::/48 maxlen: 48
2a00:6ba0:cccc::/48 maxlen: 48
2a00:6ba0:ffff::/48 maxlen: 48
2a00:6ba0:aaaa::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:90:e2:2f:43:68:9a:e9:9d:49:48:13:d7:9c:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Jan 2 11:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2f59a403904d1428c9e81e705c6c0456d8bf994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b2:0d:97:c2:27:d6:78:ec:ad:38:f6:92:58:
5a:b4:a7:cb:2e:0b:76:e6:3f:92:b9:72:3a:fb:34:
c8:eb:73:5d:da:f3:60:d3:d6:38:87:39:c0:1f:83:
53:15:34:9c:a8:91:21:1a:87:a8:5c:86:0c:28:5d:
99:7a:11:05:6c:c2:e3:fb:e3:93:33:39:f9:d6:3d:
87:c0:af:12:51:cb:c6:90:44:26:52:49:9a:3f:3b:
66:a0:2f:86:7b:61:6c:6d:f3:17:e4:13:2d:4c:93:
3d:1c:46:56:fe:5c:92:78:c8:ef:f6:17:ff:3f:bb:
67:15:3a:a1:bb:73:fe:ef:9b:59:f7:63:b1:67:58:
44:2e:c4:47:46:c2:cc:09:5f:8e:8b:aa:0f:80:c6:
b7:58:4c:d2:c8:01:f4:cf:bb:06:1a:33:30:b7:2e:
92:4d:25:99:98:95:d9:b0:42:e7:ad:70:1d:2f:34:
b9:9e:54:0d:0f:ca:a3:f8:3a:d3:fd:e6:92:45:b8:
cb:8d:52:2d:5d:43:75:a7:58:63:e5:19:02:4e:1d:
28:cd:8c:88:97:56:fe:10:b1:d8:76:1e:62:13:e6:
79:89:24:02:7d:c4:79:b6:40:11:ed:60:83:4a:7a:
14:3a:42:3f:b2:b6:89:5f:15:c0:73:7e:e7:f7:db:
df:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:F5:9A:40:39:04:D1:42:8C:9E:81:E7:05:C6:C0:45:6D:8B:F9:94
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/wvWaQDkE0UKMnoHnBcbARW2L-ZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.72.0/23
IPv6:
2a00:6ba0:aaaa::/48
2a00:6ba0:bbbb::/48
2a00:6ba0:cccc::/48
2a00:6ba0:dddd::/48
2a00:6ba0:eeee::/48
2a00:6ba0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
3d:9f:72:71:83:b4:f7:75:39:b5:24:e4:53:41:f9:91:59:31:
58:fa:24:73:05:40:c2:ba:0a:a4:13:71:39:e2:69:e0:c4:ef:
49:f1:ce:ba:d2:57:91:63:2d:9e:1c:32:88:c7:31:6e:f8:7e:
3b:9c:98:69:d3:71:b2:52:07:91:a8:bd:e8:83:d9:5a:71:0d:
d0:6b:32:18:c5:60:62:26:80:01:6c:0d:14:a0:52:5e:62:04:
e2:a0:b6:f4:6b:11:15:24:f1:a1:21:1e:db:57:51:03:92:1d:
a2:7d:a8:b6:52:b5:b7:2b:3d:ce:87:35:d6:32:db:62:e6:7e:
27:04:e0:2c:e1:42:da:ba:01:6d:a1:c7:85:cc:4b:72:3d:c5:
69:3d:e6:38:19:c6:79:22:d2:37:3f:4a:5d:b9:ee:72:0c:f1:
b2:0c:5c:08:58:e9:72:4d:bb:fc:06:e4:7c:82:18:68:c1:4e:
dc:87:84:9e:9c:c4:af:6c:df:d5:b7:b7:0b:6b:8c:c4:7f:09:
85:1c:3a:f1:69:89:a1:e5:83:94:2b:57:b2:aa:f2:69:56:99:
30:fb:c0:fc:84:34:2a:3b:21:d1:4f:58:26:15:58:b8:d0:87:
70:ee:3e:d4:0f:8a:95:9a:db:b2:13:a6:8c:66:29:af:1f:b9:
5f:c4:9e:01
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYVyTJDiL0NomumdSUgT15yKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjMwMTAyMTE0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmY1OWE0MDM5MDRkMTQyOGM5ZTgxZTcwNWM2YzA0NTZkOGJmOTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbINl8In1njsrTj2klhatKfLLgt2
5j+SuXI6+zTI63Nd2vNg09Y4hznAH4NTFTScqJEhGoeoXIYMKF2ZehEFbMLj++OT
Mzn51j2HwK8SUcvGkEQmUkmaPztmoC+Ge2FsbfMX5BMtTJM9HEZW/lySeMjv9hf/
P7tnFTqhu3P+75tZ92OxZ1hELsRHRsLMCV+Oi6oPgMa3WEzSyAH0z7sGGjMwty6S
TSWZmJXZsELnrXAdLzS5nlQND8qj+DrT/eaSRbjLjVItXUN1p1hj5RkCTh0ozYyI
l1b+ELHYdh5iE+Z5iSQCfcR5tkAR7WCDSnoUOkI/sraJXxXAc37n99vfCwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFML1mkA5BNFCjJ6B5wXGwEVti/mUMB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEvd3ZXYVFEa0UwVUtNbm9IbkJjYkFSVzJMLVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAMBAIAATAGAwQBwRNIMDwE
AgACMDYDBwAqAGugqqoDBwAqAGugu7sDBwAqAGugzMwDBwAqAGug3d0DBwAqAGug
7u4DBwAqAGug//8wDQYJKoZIhvcNAQELBQADggEBAD2fcnGDtPd1ObUk5FNB+ZFZ
MVj6JHMFQMK6CqQTcTniaeDE70nxzrrSV5FjLZ4cMojHMW74fjucmGnTcbJSB5Go
veiD2VpxDdBrMhjFYGImgAFsDRSgUl5iBOKgtvRrERUk8aEhHttXUQOSHaJ9qLZS
tbcrPc6HNdYy22LmficE4CzhQtq6AW2hx4XMS3I9xWk95jgZxnki0jc/Sl257nIM
8bIMXAhY6XJNu/wG5HyCGGjBTtyHhJ6cxK9s39W3twtrjMR/CYUcOvFpiaHlg5Qr
V7Kq8mlWmTD7wPyENCo7IdFPWCYVWLjQh3DuPtQPipWa27ITpoxmKa8fuV/EngE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:12 2023 by rpki-client on console-ams.rpki-client.org