Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/WE1bePVDPvxPWGheBXMJlBk5EFE.roa
File: WE1bePVDPvxPWGheBXMJlBk5EFE.roa (raw, json)
Hash identifier: 7YX6aFxpIOyd6mU0sPJWE8ERpZ5qnbY4r2V08eXj2iw=
Subject key identifier: 58:4D:5B:78:F5:43:3E:FC:4F:58:68:5E:05:73:09:94:19:39:10:51
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 01856B8A12C5228DF41C90D91E1D0C937D96
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/WE1bePVDPvxPWGheBXMJlBk5EFE.roa
Signing time: Sun 01 Jan 2023 04:14:48 +0000
ROA not before: Sun 01 Jan 2023 04:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4134
IP address blocks: 81.173.16.0/24 maxlen: 24
81.173.17.0/24 maxlen: 24
81.173.20.0/24 maxlen: 24
81.173.19.0/24 maxlen: 24
81.173.22.0/24 maxlen: 24
81.173.21.0/24 maxlen: 24
81.173.18.0/24 maxlen: 24
81.173.23.0/24 maxlen: 24
81.173.24.0/24 maxlen: 24
81.173.28.0/24 maxlen: 24
2a04:f580:8030:100::/56 maxlen: 56
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:12:c5:22:8d:f4:1c:90:d9:1e:1d:0c:93:7d:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Jan 1 04:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=584d5b78f5433efc4f58685e0573099419391051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:89:ab:08:6c:f6:9f:da:a2:0f:ca:76:aa:b3:
aa:50:a5:88:f8:dc:59:53:5d:e7:40:e4:1a:28:b1:
c5:4d:f0:b5:04:cf:7e:8f:a2:93:ba:15:a4:ff:db:
17:c2:19:99:2e:b3:c9:85:38:87:2e:0a:63:48:c4:
b0:f7:5e:15:7f:2c:a1:6c:35:b7:a7:45:96:4c:d0:
53:cc:49:d4:5f:8b:d2:77:67:c7:1b:4d:cd:54:42:
d4:c0:60:e6:3b:7a:f0:71:d0:d4:53:8f:58:b2:4e:
2b:e4:d1:f5:1d:48:c3:35:1c:01:6a:02:71:aa:01:
d4:f5:f0:ba:0b:52:73:81:33:9a:39:cd:b3:0a:06:
52:a8:22:74:a7:38:6b:3d:37:1b:dd:52:e2:20:8b:
45:f0:b9:d5:33:cb:72:e6:41:bd:83:ed:76:94:2a:
04:c1:cc:2b:87:c2:de:ce:f2:e2:43:56:88:d0:10:
76:c6:29:bd:c4:80:03:ba:75:0a:35:e7:9d:85:58:
16:a4:71:e8:03:b0:1b:28:9f:df:c7:64:29:f1:2c:
a9:bc:e0:5a:fd:66:5a:70:47:97:79:18:3d:30:ca:
56:15:15:ad:28:22:1f:cf:a7:ef:18:8e:07:2b:29:
61:1c:30:f9:dd:dc:5a:ac:4d:9b:0e:68:96:27:fd:
19:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:4D:5B:78:F5:43:3E:FC:4F:58:68:5E:05:73:09:94:19:39:10:51
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/WE1bePVDPvxPWGheBXMJlBk5EFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.173.16.0-81.173.24.255
81.173.28.0/24
IPv6:
2a04:f580:8030:100::/56
Signature Algorithm: sha256WithRSAEncryption
c4:04:b1:bf:27:d3:15:4d:49:80:53:62:3a:af:9b:4a:f1:bf:
68:9f:94:16:1e:e8:87:6c:34:f7:ea:f9:4e:38:99:65:7a:9a:
f6:f2:3b:34:3f:d6:9d:30:35:ff:81:d9:b0:e3:e2:41:df:3b:
46:b1:f0:6c:3c:da:55:f5:4b:c2:9e:18:97:15:92:88:2e:50:
b9:f0:a4:de:ac:ba:b5:c1:1b:65:aa:04:70:37:3c:88:89:25:
70:7c:81:b6:fe:55:7b:12:eb:59:ef:55:23:13:0f:3b:6c:f5:
d8:65:5c:9a:49:12:00:42:98:8e:02:98:46:f4:86:8c:38:b0:
7c:7a:37:12:d3:09:40:85:7c:15:30:ae:f2:cc:f0:d1:82:be:
eb:25:b6:e0:25:5b:73:b2:c5:f9:c7:e8:06:a8:b6:9a:f5:67:
c0:a9:12:fb:9d:16:eb:4f:db:b6:da:28:22:3a:63:e7:59:a8:
fe:35:0f:86:63:b0:fd:8b:f7:d8:79:89:c7:39:fb:16:1c:39:
f4:8f:02:33:20:66:6d:c2:e8:97:3c:0f:64:4e:da:b5:f4:e7:
24:1c:be:14:52:09:bc:1d:1d:7e:3c:10:8f:bf:f2:0d:cd:e2:
18:e3:7d:5a:65:d8:90:1d:00:5b:1b:1e:3d:d1:02:d8:55:7c:
60:3f:80:39
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVrihLFIo30HJDZHh0Mk32WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjMwMTAxMDQxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODRkNWI3OGY1NDMzZWZjNGY1ODY4NWUwNTczMDk5NDE5MzkxMDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4mrCGz2n9qiD8p2qrOqUKWI+NxZ
U13nQOQaKLHFTfC1BM9+j6KTuhWk/9sXwhmZLrPJhTiHLgpjSMSw914VfyyhbDW3
p0WWTNBTzEnUX4vSd2fHG03NVELUwGDmO3rwcdDUU49Ysk4r5NH1HUjDNRwBagJx
qgHU9fC6C1JzgTOaOc2zCgZSqCJ0pzhrPTcb3VLiIItF8LnVM8ty5kG9g+12lCoE
wcwrh8LezvLiQ1aI0BB2xim9xIADunUKNeedhVgWpHHoA7AbKJ/fx2Qp8SypvOBa
/WZacEeXeRg9MMpWFRWtKCIfz6fvGI4HKylhHDD53dxarE2bDmiWJ/0ZwwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFhNW3j1Qz78T1hoXgVzCZQZORBRMB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvV0UxYmVQVkRQdnhQV0doZUJYTUpsQms1RUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAaBAIAATAUMAwDBARRrRAD
BABRrRgDBABRrRwwEAQCAAIwCgMIACoE9YCAMAEwDQYJKoZIhvcNAQELBQADggEB
AMQEsb8n0xVNSYBTYjqvm0rxv2iflBYe6IdsNPfq+U44mWV6mvbyOzQ/1p0wNf+B
2bDj4kHfO0ax8Gw82lX1S8KeGJcVkoguULnwpN6surXBG2WqBHA3PIiJJXB8gbb+
VXsS61nvVSMTDzts9dhlXJpJEgBCmI4CmEb0how4sHx6NxLTCUCFfBUwrvLM8NGC
vusltuAlW3OyxfnH6Aaotpr1Z8CpEvudFutP27baKCI6Y+dZqP41D4ZjsP2L99h5
icc5+xYcOfSPAjMgZm3C6Jc8D2RO2rX05yQcvhRSCbwdHX48EI+/8g3N4hjjfVpl
2JAdAFsbHj3RAthVfGA/gDk=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:37 2024 by rpki-client on console-ams.rpki-client.org