Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/83f939-05f1-4afa-aa10-8606a724d891/1/W9VF8QolhBzUQV0mVLLdeyhNQR8.roa
File: W9VF8QolhBzUQV0mVLLdeyhNQR8.roa (raw, json)
Hash identifier: S1H0bjgP8ridg9RHbGOBLv5r3x9VjiRGfXqTHFzTa38=
Subject key identifier: 5B:D5:45:F1:0A:25:84:1C:D4:41:5D:26:54:B2:DD:7B:28:4D:41:1F
Certificate issuer: /CN=b3ab7a89808687cc3dad7ba0f7df0bace019f763
Certificate serial: 01856F66E2C74C5DFD7E7460F10E002194A1
Authority key identifier: B3:AB:7A:89:80:86:87:CC:3D:AD:7B:A0:F7:DF:0B:AC:E0:19:F7:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6t6iYCGh8w9rXug998LrOAZ92M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/83f939-05f1-4afa-aa10-8606a724d891/1/W9VF8QolhBzUQV0mVLLdeyhNQR8.roa
Signing time: Sun 01 Jan 2023 22:14:51 +0000
ROA not before: Sun 01 Jan 2023 22:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33832
IP address blocks: 185.99.144.0/22 maxlen: 22
2a06:12c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:e2:c7:4c:5d:fd:7e:74:60:f1:0e:00:21:94:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3ab7a89808687cc3dad7ba0f7df0bace019f763
Validity
Not Before: Jan 1 22:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bd545f10a25841cd4415d2654b2dd7b284d411f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:a2:b7:14:1f:2b:15:d0:98:a2:48:6d:06:d0:
ce:b8:08:32:ec:f6:d2:dd:06:d2:ac:3a:45:9f:d7:
ab:66:13:f3:7f:2a:ca:53:e8:d2:67:4c:93:f3:3a:
31:e1:2b:db:b4:40:fa:77:6d:0e:cf:61:9a:98:03:
d8:f2:58:89:63:1e:af:ee:ae:e4:59:88:60:fb:bd:
4c:07:8a:59:cb:23:4b:99:17:bc:80:3d:31:ec:b0:
18:df:16:2e:8d:15:0c:15:d6:4f:6c:a3:ed:33:16:
22:45:73:ce:c1:c6:ce:ba:3b:03:c6:bd:d4:36:e9:
2d:9d:f0:46:1f:b3:fc:59:ba:e9:62:9a:bf:f7:7a:
e0:99:16:0d:66:3d:33:fc:99:79:5d:41:aa:41:ce:
f3:63:67:dd:ee:6b:47:f6:0b:7d:1e:56:96:96:bd:
ce:f5:a5:8a:15:5a:90:86:f6:ed:49:a1:bd:e8:2d:
54:b4:f9:62:e4:ba:8d:3b:c4:26:36:9a:67:30:ac:
2e:3e:1e:d8:6b:1b:d8:91:aa:4f:da:c3:77:d2:25:
e6:4f:c5:7f:6e:6b:f3:c5:5f:f9:07:33:fc:66:c2:
3f:02:8c:89:50:38:ac:3e:7b:78:13:12:bd:ec:a1:
4e:12:b0:ed:1b:a0:43:07:d8:c4:3e:d8:b7:43:09:
f0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:D5:45:F1:0A:25:84:1C:D4:41:5D:26:54:B2:DD:7B:28:4D:41:1F
X509v3 Authority Key Identifier:
keyid:B3:AB:7A:89:80:86:87:CC:3D:AD:7B:A0:F7:DF:0B:AC:E0:19:F7:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6t6iYCGh8w9rXug998LrOAZ92M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/83f939-05f1-4afa-aa10-8606a724d891/1/W9VF8QolhBzUQV0mVLLdeyhNQR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/83f939-05f1-4afa-aa10-8606a724d891/1/s6t6iYCGh8w9rXug998LrOAZ92M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.144.0/22
IPv6:
2a06:12c0::/29
Signature Algorithm: sha256WithRSAEncryption
1f:d6:75:51:4e:be:95:af:5d:47:11:a5:7c:f1:19:57:b5:77:
58:6d:65:33:16:60:e6:a5:1b:36:fc:4c:01:2e:ba:95:02:cb:
d7:d7:9e:19:05:28:f3:33:26:9e:cf:c4:ce:9d:cd:fa:50:2d:
7f:4e:38:6f:4f:b1:d3:0c:47:ce:af:41:6e:2c:44:72:02:2d:
13:5c:e9:76:bb:e7:48:1e:e7:df:3d:ca:65:5e:32:b3:11:76:
5f:ec:32:0f:1d:1e:32:5b:c9:ef:e2:6a:c1:25:5a:82:87:22:
f5:f9:f9:05:0c:0b:03:37:20:98:7e:70:c1:82:b5:4f:01:9f:
5f:d2:42:6d:69:6e:c6:cb:2f:1b:97:9b:26:36:d5:84:c8:fc:
2a:ce:fc:f3:b3:51:d9:69:01:37:65:58:31:fc:d1:cd:bf:e4:
c6:89:6d:e9:84:71:ab:c5:75:de:95:cd:3f:cd:19:fc:6a:83:
42:f1:74:66:54:de:ab:6e:e4:8f:25:d7:d9:2b:d8:30:9b:f0:
7f:b6:a6:63:e2:31:91:81:60:b6:84:bf:06:3d:68:fb:de:47:
0d:a1:17:f8:69:f5:e0:71:5d:c3:e8:51:66:41:86:2d:f1:d8:
fa:81:08:a8:02:03:5f:39:b7:31:e0:7c:ac:96:0e:4c:69:a2:
fd:0d:a4:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvZuLHTF39fnRg8Q4AIZShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYWI3YTg5ODA4Njg3Y2MzZGFkN2JhMGY3ZGYwYmFjZTAx
OWY3NjMwHhcNMjMwMTAxMjIxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmQ1NDVmMTBhMjU4NDFjZDQ0MTVkMjY1NGIyZGQ3YjI4NGQ0MTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+aK3FB8rFdCYokhtBtDOuAgy7PbS
3QbSrDpFn9erZhPzfyrKU+jSZ0yT8zox4SvbtED6d20Oz2GamAPY8liJYx6v7q7k
WYhg+71MB4pZyyNLmRe8gD0x7LAY3xYujRUMFdZPbKPtMxYiRXPOwcbOujsDxr3U
NuktnfBGH7P8WbrpYpq/93rgmRYNZj0z/Jl5XUGqQc7zY2fd7mtH9gt9HlaWlr3O
9aWKFVqQhvbtSaG96C1UtPli5LqNO8QmNppnMKwuPh7YaxvYkapP2sN30iXmT8V/
bmvzxV/5BzP8ZsI/AoyJUDisPnt4ExK97KFOErDtG6BDB9jEPti3QwnwvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFvVRfEKJYQc1EFdJlSy3XsoTUEfMB8GA1UdIwQY
MBaAFLOreomAhofMPa17oPffC6zgGfdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZ0NmlZQ0doOHc5clh1Zzk5OExyT0FaOTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84M2Y5MzktMDVmMS00YWZhLWFhMTAt
ODYwNmE3MjRkODkxLzEvVzlWRjhRb2xoQnpVUVYwbVZMTGRleWhOUVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84M2Y5MzktMDVmMS00YWZhLWFhMTAtODYwNmE3MjRkODkx
LzEvczZ0NmlZQ0doOHc5clh1Zzk5OExyT0FaOTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWOQMA0E
AgACMAcDBQMqBhLAMA0GCSqGSIb3DQEBCwUAA4IBAQAf1nVRTr6Vr11HEaV88RlX
tXdYbWUzFmDmpRs2/EwBLrqVAsvX154ZBSjzMyaez8TOnc36UC1/TjhvT7HTDEfO
r0FuLERyAi0TXOl2u+dIHuffPcplXjKzEXZf7DIPHR4yW8nv4mrBJVqChyL1+fkF
DAsDNyCYfnDBgrVPAZ9f0kJtaW7Gyy8bl5smNtWEyPwqzvzzs1HZaQE3ZVgx/NHN
v+TGiW3phHGrxXXelc0/zRn8aoNC8XRmVN6rbuSPJdfZK9gwm/B/tqZj4jGRgWC2
hL8GPWj73kcNoRf4afXgcV3D6FFmQYYt8dj6gQioAgNfObcx4Hyslg5MaaL9DaTJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:49 2024 by rpki-client on console-fra.rpki-client.org