Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/4702d8-3eaf-4d7b-a3fe-d89758cad22a/1/whXIlRQnb7RnVQE0pTkufwfXBU0.roa
File: whXIlRQnb7RnVQE0pTkufwfXBU0.roa (raw, json)
Hash identifier: VLs0KUpMdhrVa2to+F5f4j+D9Oi6azsDmOIUW8rb4fY=
Subject key identifier: C2:15:C8:95:14:27:6F:B4:67:55:01:34:A5:39:2E:7F:07:D7:05:4D
Certificate issuer: /CN=d2c7886641ee101bc7b295fd86f1923fc283f3d0
Certificate serial: 0186C59FDCD9C4C1EF1D100801F590A0FA49
Authority key identifier: D2:C7:88:66:41:EE:10:1B:C7:B2:95:FD:86:F1:92:3F:C2:83:F3:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0seIZkHuEBvHspX9hvGSP8KD89A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/4702d8-3eaf-4d7b-a3fe-d89758cad22a/1/whXIlRQnb7RnVQE0pTkufwfXBU0.roa
Signing time: Thu 09 Mar 2023 09:07:13 +0000
ROA not before: Thu 09 Mar 2023 09:07:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 185.119.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c5:9f:dc:d9:c4:c1:ef:1d:10:08:01:f5:90:a0:fa:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c7886641ee101bc7b295fd86f1923fc283f3d0
Validity
Not Before: Mar 9 09:07:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c215c89514276fb467550134a5392e7f07d7054d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:29:4f:5c:fb:24:25:56:f6:18:f7:3e:97:3e:
c0:39:15:03:72:3f:85:46:c7:a2:79:9f:34:59:10:
cd:ef:48:5a:5b:a7:bf:33:7f:a9:92:68:39:20:d9:
3c:56:18:67:12:fe:2d:e6:2c:ff:ce:dd:14:be:df:
c4:67:01:d8:37:5c:52:de:af:33:09:3a:eb:e9:d6:
d4:dd:64:88:08:23:48:c5:b4:f2:39:2e:42:68:0a:
f6:f2:e3:3b:a3:b7:f7:d7:e8:af:01:43:50:3d:49:
56:86:dc:8a:1a:3f:72:80:a6:fc:83:da:22:f2:64:
0d:c1:7d:d7:f6:3a:4a:6e:37:57:97:a0:c2:13:57:
0a:85:15:41:51:48:8a:77:c8:60:09:78:7d:9d:b0:
25:f2:f4:af:06:a0:3c:48:57:75:0c:d1:dc:56:6e:
6b:5f:9b:41:cf:69:61:0f:b7:96:60:ac:3c:16:c3:
2f:c2:ba:fb:9d:91:db:c4:bd:e4:30:17:c1:ee:4b:
f0:61:a7:a3:19:d8:9b:1b:76:90:48:0b:35:2b:aa:
13:0e:d7:78:5f:e9:40:6e:3e:a1:50:e6:05:ea:e0:
81:01:cc:7c:4b:8f:5b:04:c9:9d:69:44:b8:e1:c7:
6f:bd:68:40:f4:77:00:68:bd:16:78:6a:43:b4:20:
6f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:15:C8:95:14:27:6F:B4:67:55:01:34:A5:39:2E:7F:07:D7:05:4D
X509v3 Authority Key Identifier:
keyid:D2:C7:88:66:41:EE:10:1B:C7:B2:95:FD:86:F1:92:3F:C2:83:F3:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0seIZkHuEBvHspX9hvGSP8KD89A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4702d8-3eaf-4d7b-a3fe-d89758cad22a/1/whXIlRQnb7RnVQE0pTkufwfXBU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4702d8-3eaf-4d7b-a3fe-d89758cad22a/1/0seIZkHuEBvHspX9hvGSP8KD89A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.196.0/24
Signature Algorithm: sha256WithRSAEncryption
89:c5:64:a5:29:fe:78:7f:0e:e9:a2:32:51:ee:03:e8:50:d0:
c9:8e:e0:7c:44:cc:17:ee:c2:2c:d2:b9:62:8f:f1:ab:93:ba:
ab:08:d0:7c:bb:a7:89:36:7c:d3:04:7f:b1:eb:b3:88:c7:1f:
11:2d:e3:75:5f:40:2a:be:b7:e1:8d:39:8e:1c:0c:2e:7d:b1:
30:06:2a:70:9e:4a:9f:87:03:23:b7:35:39:d7:84:9a:30:76:
07:86:15:92:d2:a9:6a:58:8d:a1:13:76:0a:8d:6e:2c:b6:50:
85:d6:ba:6e:ea:79:68:99:51:6e:d6:31:3b:c8:df:48:b3:d9:
ea:f3:98:4d:08:ef:e6:3f:c9:1a:1f:5d:c3:be:61:b6:b4:ce:
2c:32:46:f8:68:6e:02:fd:01:57:a6:45:8d:c9:ee:09:cb:96:
33:38:46:83:8c:a5:b0:e0:c8:c2:dd:21:05:01:87:29:c6:e6:
ab:c6:65:d6:4d:3f:be:ac:e6:92:d5:13:51:fc:7c:e1:01:88:
d0:8c:12:95:8f:10:5e:f4:95:b7:eb:89:2b:94:f5:30:8a:dd:
23:42:b1:45:06:09:9f:e2:36:c1:16:7b:c1:2e:91:f4:d8:a2:
c4:07:42:fb:05:52:18:2a:ec:9f:d5:8d:25:29:18:ad:3d:33:
82:2f:b1:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbFn9zZxMHvHRAIAfWQoPpJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzc4ODY2NDFlZTEwMWJjN2IyOTVmZDg2ZjE5MjNmYzI4
M2YzZDAwHhcNMjMwMzA5MDkwNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjE1Yzg5NTE0Mjc2ZmI0Njc1NTAxMzRhNTM5MmU3ZjA3ZDcwNTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhilPXPskJVb2GPc+lz7AORUDcj+F
RseieZ80WRDN70haW6e/M3+pkmg5INk8VhhnEv4t5iz/zt0Uvt/EZwHYN1xS3q8z
CTrr6dbU3WSICCNIxbTyOS5CaAr28uM7o7f31+ivAUNQPUlWhtyKGj9ygKb8g9oi
8mQNwX3X9jpKbjdXl6DCE1cKhRVBUUiKd8hgCXh9nbAl8vSvBqA8SFd1DNHcVm5r
X5tBz2lhD7eWYKw8FsMvwrr7nZHbxL3kMBfB7kvwYaejGdibG3aQSAs1K6oTDtd4
X+lAbj6hUOYF6uCBAcx8S49bBMmdaUS44cdvvWhA9HcAaL0WeGpDtCBvUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIVyJUUJ2+0Z1UBNKU5Ln8H1wVNMB8GA1UdIwQY
MBaAFNLHiGZB7hAbx7KV/Ybxkj/Cg/PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNlSVprSHVFQnZIc3BYOWh2R1NQOEtEODlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80NzAyZDgtM2VhZi00ZDdiLWEzZmUt
ZDg5NzU4Y2FkMjJhLzEvd2hYSWxSUW5iN1JuVlFFMHBUa3Vmd2ZYQlUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80NzAyZDgtM2VhZi00ZDdiLWEzZmUtZDg5NzU4Y2FkMjJh
LzEvMHNlSVprSHVFQnZIc3BYOWh2R1NQOEtEODlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXfEMA0G
CSqGSIb3DQEBCwUAA4IBAQCJxWSlKf54fw7pojJR7gPoUNDJjuB8RMwX7sIs0rli
j/Grk7qrCNB8u6eJNnzTBH+x67OIxx8RLeN1X0AqvrfhjTmOHAwufbEwBipwnkqf
hwMjtzU514SaMHYHhhWS0qlqWI2hE3YKjW4stlCF1rpu6nlomVFu1jE7yN9Is9nq
85hNCO/mP8kaH13DvmG2tM4sMkb4aG4C/QFXpkWNye4Jy5YzOEaDjKWw4MjC3SEF
AYcpxuarxmXWTT++rOaS1RNR/HzhAYjQjBKVjxBe9JW364krlPUwit0jQrFFBgmf
4jbBFnvBLpH02KLEB0L7BVIYKuyf1Y0lKRitPTOCL7HS
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:14 2024 by rpki-client on console-ams.rpki-client.org