Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/WiovPGpNy4tz5LjK4t3I6vJ00fU.roa
File: WiovPGpNy4tz5LjK4t3I6vJ00fU.roa (raw, json)
Hash identifier: Lm7B9vSci9q5R2wvVuYnQK+Nbz288IaZdtdGDCeL+QM=
Subject key identifier: 5A:2A:2F:3C:6A:4D:CB:8B:73:E4:B8:CA:E2:DD:C8:EA:F2:74:D1:F5
Certificate issuer: /CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Certificate serial: 018B9B0C999340D09071937A29E4F2358EE6
Authority key identifier: D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/WiovPGpNy4tz5LjK4t3I6vJ00fU.roa
Signing time: Sat 04 Nov 2023 15:56:16 +0000
ROA not before: Sat 04 Nov 2023 15:56:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 81.199.31.0/24 maxlen: 24
81.199.30.0/24 maxlen: 24
81.199.29.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9b:0c:99:93:40:d0:90:71:93:7a:29:e4:f2:35:8e:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Validity
Not Before: Nov 4 15:56:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a2a2f3c6a4dcb8b73e4b8cae2ddc8eaf274d1f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:50:14:dc:d1:ea:42:c7:1d:7d:0c:06:c9:fe:
8e:e2:17:4e:a6:cd:66:d9:07:7e:38:29:5e:2d:55:
64:da:c4:82:b1:58:fb:27:01:07:8b:73:1f:8c:3e:
ea:9d:17:63:e1:85:15:f4:02:cf:91:cd:12:0f:f0:
37:08:49:fb:07:a0:65:15:e2:36:ce:d5:86:d8:b4:
33:06:61:47:c7:66:39:19:f5:66:ee:5a:72:8b:91:
96:c9:dd:79:90:e0:c0:45:e2:06:28:70:ed:ec:80:
12:6a:76:5b:8e:f1:39:15:a6:9f:ce:85:b9:cf:b9:
96:8c:b6:57:a0:9e:17:bf:b7:78:45:08:6d:5d:eb:
1d:df:ab:4b:a0:e8:70:e6:ad:41:39:a1:00:d0:4c:
22:2b:f5:98:27:65:78:78:10:f2:53:c8:43:77:75:
3e:ce:4a:5b:22:0a:f9:de:b0:59:46:8c:3a:4d:93:
96:f3:28:04:77:1a:9a:ee:b1:56:8c:98:34:57:9c:
50:5e:9d:8f:82:18:05:bb:09:12:5c:e2:8e:e5:03:
18:50:17:95:fb:2b:b5:9a:a0:f3:a3:d8:11:16:46:
3e:5a:5f:0c:84:d0:bd:da:aa:1c:6f:d2:d1:7c:0b:
3e:93:3b:3b:2f:b5:c0:af:7f:5b:8f:10:5a:52:be:
1f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:2A:2F:3C:6A:4D:CB:8B:73:E4:B8:CA:E2:DD:C8:EA:F2:74:D1:F5
X509v3 Authority Key Identifier:
keyid:D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/WiovPGpNy4tz5LjK4t3I6vJ00fU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.199.29.0-81.199.31.255
Signature Algorithm: sha256WithRSAEncryption
d2:85:af:a2:7c:d3:99:c7:9f:38:c6:6e:a8:45:6b:10:9e:30:
ca:fe:82:b6:60:40:72:36:3b:be:c5:23:a7:2f:1c:6e:8e:2d:
95:89:4e:d7:fb:2a:f9:54:33:c6:e3:8e:d8:80:c1:5a:02:74:
33:55:94:49:33:e9:0c:5d:d5:28:db:23:d0:24:ba:14:30:aa:
3e:ce:1b:10:53:e8:47:9b:fc:fd:33:8b:c5:2f:99:f3:98:58:
56:66:4e:a5:fb:be:0e:1e:2b:af:f2:38:35:b8:d9:3c:99:be:
bd:52:00:75:2a:b4:e2:22:8d:87:c7:8f:af:d6:04:12:b1:5a:
b1:65:ce:80:26:15:db:45:9d:5d:de:9b:6f:33:dd:00:b7:ab:
52:e0:23:0d:5e:36:a8:81:8d:d8:d2:39:42:3e:58:71:5f:f5:
7b:5f:0d:34:25:c2:d3:d4:ba:32:46:0a:6c:ba:a0:26:db:c8:
f9:92:fb:56:b8:21:02:82:b7:42:dc:7c:ec:79:df:14:e2:e8:
1f:68:21:1a:0a:2e:02:5a:50:2f:b0:ad:c5:65:2e:83:14:32:
76:21:28:d0:a5:0d:b3:d9:13:94:97:75:29:59:84:44:89:e5:
3b:b7:42:b8:a0:55:9a:87:57:06:b0:2c:51:ac:56:f7:89:c2:
2c:7d:8d:e5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYubDJmTQNCQcZN6KeTyNY7mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGUxMjRlMGY4YWRiNGU3ZDk1NzZjZWFlMzI1ZjY2OGRk
MjI0YjEwHhcNMjMxMTA0MTU1NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTJhMmYzYzZhNGRjYjhiNzNlNGI4Y2FlMmRkYzhlYWYyNzRkMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVAU3NHqQscdfQwGyf6O4hdOps1m
2Qd+OCleLVVk2sSCsVj7JwEHi3MfjD7qnRdj4YUV9ALPkc0SD/A3CEn7B6BlFeI2
ztWG2LQzBmFHx2Y5GfVm7lpyi5GWyd15kODAReIGKHDt7IASanZbjvE5FaafzoW5
z7mWjLZXoJ4Xv7d4RQhtXesd36tLoOhw5q1BOaEA0EwiK/WYJ2V4eBDyU8hDd3U+
zkpbIgr53rBZRow6TZOW8ygEdxqa7rFWjJg0V5xQXp2PghgFuwkSXOKO5QMYUBeV
+yu1mqDzo9gRFkY+Wl8MhNC92qocb9LRfAs+kzs7L7XAr39bjxBaUr4fgQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFoqLzxqTcuLc+S4yuLdyOrydNH1MB8GA1UdIwQY
MBaAFNHeEk4PittOfZV2zq4yX2aN0iSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTct
NGY0YzliMzQzZTkwLzEvV2lvdlBHcE55NHR6NUxqSzR0M0k2dkowMGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTctNGY0YzliMzQzZTkw
LzEvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABRxx0D
BAVRxwAwDQYJKoZIhvcNAQELBQADggEBANKFr6J805nHnzjGbqhFaxCeMMr+grZg
QHI2O77FI6cvHG6OLZWJTtf7KvlUM8bjjtiAwVoCdDNVlEkz6Qxd1SjbI9AkuhQw
qj7OGxBT6Eeb/P0zi8UvmfOYWFZmTqX7vg4eK6/yODW42TyZvr1SAHUqtOIijYfH
j6/WBBKxWrFlzoAmFdtFnV3em28z3QC3q1LgIw1eNqiBjdjSOUI+WHFf9XtfDTQl
wtPUujJGCmy6oCbbyPmS+1a4IQKCt0LcfOx53xTi6B9oIRoKLgJaUC+wrcVlLoMU
MnYhKNClDbPZE5SXdSlZhESJ5Tu3QrigVZqHVwawLFGsVveJwix9jeU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:25 2024 by rpki-client on console-fra.rpki-client.org