Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/Wl5uQU0bPVJ-rgbOIFuxiNG64to.roa
File: Wl5uQU0bPVJ-rgbOIFuxiNG64to.roa (raw, json)
Hash identifier: sI1v0nPWlRiDrV+2GpKSMbS9BwnyY7q4/b3dot0/pPc=
Subject key identifier: 5A:5E:6E:41:4D:1B:3D:52:7E:AE:06:CE:20:5B:B1:88:D1:BA:E2:DA
Certificate issuer: /CN=f42b084f9b9c98cfd90410b8305cc6cb46dcced8
Certificate serial: 01856EAFC5A0C8EFB11A7C18B28B10EF01E3
Authority key identifier: F4:2B:08:4F:9B:9C:98:CF:D9:04:10:B8:30:5C:C6:CB:46:DC:CE:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9CsIT5ucmM_ZBBC4MFzGy0bcztg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/Wl5uQU0bPVJ-rgbOIFuxiNG64to.roa
Signing time: Sun 01 Jan 2023 18:54:51 +0000
ROA not before: Sun 01 Jan 2023 18:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49206
IP address blocks: 185.24.175.0/24 maxlen: 24
2a00:6fa0::/32 maxlen: 32
2a00:6fa0:3100::/40 maxlen: 40
2a00:6fa0:4200::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:c5:a0:c8:ef:b1:1a:7c:18:b2:8b:10:ef:01:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f42b084f9b9c98cfd90410b8305cc6cb46dcced8
Validity
Not Before: Jan 1 18:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a5e6e414d1b3d527eae06ce205bb188d1bae2da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c7:65:b9:6b:e4:4c:fe:ff:1a:c3:55:09:06:
93:7c:80:66:f7:20:d4:fe:ef:fb:62:fd:73:9c:b9:
3e:1a:02:73:01:57:ec:1d:cb:24:f4:8d:77:6c:5a:
4d:4f:2b:fe:01:71:65:45:02:df:ac:08:03:39:10:
33:61:00:5c:4b:2a:de:49:58:21:7e:f5:d1:2e:fa:
6f:84:fa:91:ea:1b:05:1e:79:77:48:aa:2f:b5:c7:
6b:50:3d:57:ce:0b:92:1f:a2:cf:ab:11:26:4d:1e:
2a:0f:9f:40:18:f3:d6:9c:d8:48:e0:84:c0:62:28:
08:26:ec:63:6b:8b:a8:0a:ae:6a:c1:d7:3e:e7:d4:
03:70:f6:6e:39:a7:1c:e3:bf:df:41:fd:30:70:dc:
a8:4e:24:43:88:e9:f6:71:aa:c9:79:3c:9b:32:d3:
78:c9:33:17:4c:b3:4f:2b:be:40:05:bb:de:3d:97:
97:93:02:ca:cd:e2:6e:50:09:27:14:df:93:a9:56:
dd:f4:03:c6:05:6e:36:9f:c7:cd:d2:87:66:40:14:
4e:03:4a:45:e1:b8:0a:1b:e1:13:cc:2d:94:6c:28:
95:0d:e2:3d:e0:0a:dd:87:aa:ac:19:e1:8e:fb:05:
f5:17:50:2a:0a:2b:6c:4d:ba:6f:36:2a:31:89:7f:
4e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:5E:6E:41:4D:1B:3D:52:7E:AE:06:CE:20:5B:B1:88:D1:BA:E2:DA
X509v3 Authority Key Identifier:
keyid:F4:2B:08:4F:9B:9C:98:CF:D9:04:10:B8:30:5C:C6:CB:46:DC:CE:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9CsIT5ucmM_ZBBC4MFzGy0bcztg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/Wl5uQU0bPVJ-rgbOIFuxiNG64to.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/9CsIT5ucmM_ZBBC4MFzGy0bcztg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.175.0/24
IPv6:
2a00:6fa0::/32
Signature Algorithm: sha256WithRSAEncryption
11:13:6b:66:f1:03:d8:3d:1d:61:cd:a5:47:9e:92:ad:3b:ea:
46:f6:af:27:d1:5c:13:64:72:5c:a6:08:bc:f3:28:10:88:5c:
b5:df:86:0c:4d:5d:7f:31:d4:24:67:7d:c3:b3:0e:a3:0b:54:
78:8b:03:ac:c1:eb:9d:d9:7d:72:6b:2c:ab:04:e9:7e:f2:3f:
2d:23:7c:c3:29:76:ed:90:0c:42:42:1c:12:fb:36:25:15:32:
2a:f8:77:d1:59:7b:0e:a3:9c:9c:c6:51:94:20:92:37:9a:0a:
00:d9:30:a3:02:76:04:0b:c5:d7:6d:05:96:8c:98:e1:c4:49:
63:16:ef:d0:2a:c8:30:1a:b9:8d:10:61:25:5e:df:cb:cb:ce:
88:9d:4e:5a:69:01:08:4b:b4:54:2f:ac:7e:ac:77:85:21:46:
a0:49:4e:36:25:ea:18:85:62:73:15:54:87:f7:02:03:46:2c:
66:da:79:22:f8:22:88:90:79:8f:58:53:dc:39:45:da:cf:77:
eb:52:bb:6c:3e:bc:fe:a7:78:5f:b9:61:c1:48:8b:35:94:48:
f7:ec:6a:fa:36:63:6a:ae:0f:13:4e:a0:f7:41:11:bf:fa:d7:
6b:88:ce:44:22:7a:17:da:b4:60:00:d2:72:cf:6d:12:51:7c:
ec:c6:f7:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVur8WgyO+xGnwYsosQ7wHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0MmIwODRmOWI5Yzk4Y2ZkOTA0MTBiODMwNWNjNmNiNDZk
Y2NlZDgwHhcNMjMwMTAxMTg1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTVlNmU0MTRkMWIzZDUyN2VhZTA2Y2UyMDViYjE4OGQxYmFlMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMdluWvkTP7/GsNVCQaTfIBm9yDU
/u/7Yv1znLk+GgJzAVfsHcsk9I13bFpNTyv+AXFlRQLfrAgDORAzYQBcSyreSVgh
fvXRLvpvhPqR6hsFHnl3SKovtcdrUD1XzguSH6LPqxEmTR4qD59AGPPWnNhI4ITA
YigIJuxja4uoCq5qwdc+59QDcPZuOacc47/fQf0wcNyoTiRDiOn2carJeTybMtN4
yTMXTLNPK75ABbvePZeXkwLKzeJuUAknFN+TqVbd9APGBW42n8fN0odmQBROA0pF
4bgKG+ETzC2UbCiVDeI94Ardh6qsGeGO+wX1F1AqCitsTbpvNioxiX9OvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFpebkFNGz1Sfq4GziBbsYjRuuLaMB8GA1UdIwQY
MBaAFPQrCE+bnJjP2QQQuDBcxstG3M7YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUNzSVQ1dWNtTV9aQkJDNE1Gekd5MGJjenRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mOTQ5YTUtODRhYy00NTlkLWI5YTAt
NmE5Y2Q5NDIwMmZmLzEvV2w1dVFVMGJQVkotcmdiT0lGdXhpTkc2NHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mOTQ5YTUtODRhYy00NTlkLWI5YTAtNmE5Y2Q5NDIwMmZm
LzEvOUNzSVQ1dWNtTV9aQkJDNE1Gekd5MGJjenRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRivMA0E
AgACMAcDBQAqAG+gMA0GCSqGSIb3DQEBCwUAA4IBAQARE2tm8QPYPR1hzaVHnpKt
O+pG9q8n0VwTZHJcpgi88ygQiFy134YMTV1/MdQkZ33Dsw6jC1R4iwOsweud2X1y
ayyrBOl+8j8tI3zDKXbtkAxCQhwS+zYlFTIq+HfRWXsOo5ycxlGUIJI3mgoA2TCj
AnYEC8XXbQWWjJjhxEljFu/QKsgwGrmNEGElXt/Ly86InU5aaQEIS7RUL6x+rHeF
IUagSU42JeoYhWJzFVSH9wIDRixm2nki+CKIkHmPWFPcOUXaz3frUrtsPrz+p3hf
uWHBSIs1lEj37Gr6NmNqrg8TTqD3QRG/+tdriM5EInoX2rRgANJyz20SUXzsxvcH
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:17 2024 by rpki-client on console-ams.rpki-client.org