Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/w0ABbAXUW1X0XJ0rowAKQNR5QK4.roa
File: w0ABbAXUW1X0XJ0rowAKQNR5QK4.roa (raw, json)
Hash identifier: UShxECYfJ3HtmGMll8Q820L391jE4ktHJZ9InVJ1Ptw=
Subject key identifier: C3:40:01:6C:05:D4:5B:55:F4:5C:9D:2B:A3:00:0A:40:D4:79:40:AE
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 0186167BAD4C1FF0F68CC0E5B04AD0D64563
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/w0ABbAXUW1X0XJ0rowAKQNR5QK4.roa
Signing time: Fri 03 Feb 2023 08:54:09 +0000
ROA not before: Fri 03 Feb 2023 08:54:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39519
IP address blocks: 194.107.165.0/24 maxlen: 24
86.105.223.0/24 maxlen: 24
2001:4ba2::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 21 Dec 2023 07:54:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:7b:ad:4c:1f:f0:f6:8c:c0:e5:b0:4a:d0:d6:45:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Feb 3 08:54:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c340016c05d45b55f45c9d2ba3000a40d47940ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:84:9e:a8:a6:5b:6d:27:7d:6c:1d:4c:47:3a:
40:c1:c9:6e:35:72:3d:b9:16:57:a8:60:c3:87:0f:
0e:69:4e:98:01:fa:35:9f:e3:f5:0a:08:e0:a9:66:
a4:38:a3:c7:6e:5f:83:d0:5f:de:2f:30:55:e8:a5:
fe:81:40:83:30:3e:ac:39:28:72:f7:33:93:4f:4f:
09:15:b5:0e:f3:52:9f:6f:55:4a:c1:4f:fc:09:eb:
2a:02:70:ff:2d:ba:3b:c7:95:20:ac:90:22:79:51:
56:e3:2d:52:15:f9:f2:df:4b:db:60:ec:07:e5:da:
2f:84:db:44:48:d4:09:c1:e1:14:93:b2:16:9d:6e:
5b:0d:db:44:05:13:93:87:e4:eb:a7:cf:00:09:10:
d9:c8:52:a8:68:16:f9:fa:a2:9d:91:3a:7b:87:d6:
1e:87:04:1d:e4:ff:8d:cb:56:bf:b7:14:b2:2c:d7:
d5:fa:f5:4c:eb:4b:30:c9:b4:18:88:b5:0f:31:12:
3b:74:e0:92:00:04:b5:68:c6:1a:8d:a1:12:cc:09:
24:9e:b8:44:4d:d9:6a:bd:56:61:e6:fa:57:14:38:
16:55:6c:f9:7c:80:9b:57:eb:91:e4:e0:71:fc:77:
1e:9c:77:65:23:4d:ab:d4:89:7b:89:71:58:45:75:
79:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:40:01:6C:05:D4:5B:55:F4:5C:9D:2B:A3:00:0A:40:D4:79:40:AE
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/w0ABbAXUW1X0XJ0rowAKQNR5QK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.223.0/24
194.107.165.0/24
IPv6:
2001:4ba2::/32
Signature Algorithm: sha256WithRSAEncryption
1d:e5:bb:8a:c5:4b:bc:e7:91:28:0d:0d:66:06:4f:e4:77:22:
89:a1:2b:f7:eb:0b:57:bb:f9:12:c2:95:b3:7f:5d:ed:fb:e6:
a0:b8:2c:f3:cc:a2:5c:b0:3b:7b:87:a2:24:af:90:a9:77:d5:
b4:22:ed:73:35:e1:6c:66:94:ce:df:04:8e:e5:4e:cc:49:45:
96:a2:f5:eb:f8:ce:e6:df:72:bf:3f:f8:8e:85:4d:34:26:93:
e5:4d:6c:70:e8:95:46:7d:6b:42:3c:af:03:37:55:fe:c7:97:
a7:68:d3:20:e6:c0:05:5f:b5:f1:dd:21:2b:ca:c5:8f:87:bc:
71:b6:6d:e6:69:61:fc:db:2b:6d:16:ae:14:9c:47:d1:4f:0a:
3b:80:4e:f0:47:99:63:85:20:03:3c:9f:64:09:aa:fa:0d:32:
da:19:f7:bc:36:f2:02:7c:d9:78:ff:67:4f:db:3e:ac:fa:57:
7c:8e:25:22:94:9f:06:c9:5b:d8:2a:80:97:3d:cc:61:a0:f6:
5e:7a:71:7f:4e:63:b1:25:65:71:a1:1c:ef:00:d8:4f:4c:9f:
ff:0e:d1:60:5b:bf:10:92:f1:3d:7b:b1:32:94:74:28:17:e9:
a2:d7:e6:b0:c6:20:42:81:82:a4:1f:e6:4b:8f:d1:37:c7:da:
49:df:af:a7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYYWe61MH/D2jMDlsErQ1kVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjMwMjAzMDg1NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzQwMDE2YzA1ZDQ1YjU1ZjQ1YzlkMmJhMzAwMGE0MGQ0Nzk0MGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjISeqKZbbSd9bB1MRzpAwcluNXI9
uRZXqGDDhw8OaU6YAfo1n+P1CgjgqWakOKPHbl+D0F/eLzBV6KX+gUCDMD6sOShy
9zOTT08JFbUO81Kfb1VKwU/8CesqAnD/Lbo7x5UgrJAieVFW4y1SFfny30vbYOwH
5dovhNtESNQJweEUk7IWnW5bDdtEBROTh+Trp88ACRDZyFKoaBb5+qKdkTp7h9Ye
hwQd5P+Ny1a/txSyLNfV+vVM60swybQYiLUPMRI7dOCSAAS1aMYajaESzAkknrhE
TdlqvVZh5vpXFDgWVWz5fICbV+uR5OBx/HcenHdlI02r1Il7iXFYRXV5FwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMNAAWwF1FtV9FydK6MACkDUeUCuMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvdzBBQmJBWFVXMVgwWEowcm93QUtRTlI1UUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAVmnfAwQA
wmulMA0EAgACMAcDBQAgAUuiMA0GCSqGSIb3DQEBCwUAA4IBAQAd5buKxUu855Eo
DQ1mBk/kdyKJoSv36wtXu/kSwpWzf13t++aguCzzzKJcsDt7h6Ikr5Cpd9W0Iu1z
NeFsZpTO3wSO5U7MSUWWovXr+M7m33K/P/iOhU00JpPlTWxw6JVGfWtCPK8DN1X+
x5enaNMg5sAFX7Xx3SErysWPh7xxtm3maWH82yttFq4UnEfRTwo7gE7wR5ljhSAD
PJ9kCar6DTLaGfe8NvICfNl4/2dP2z6s+ld8jiUilJ8GyVvYKoCXPcxhoPZeenF/
TmOxJWVxoRzvANhPTJ//DtFgW78QkvE9e7EylHQoF+mi1+awxiBCgYKkH+ZLj9E3
x9pJ36+n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:21 2024 by rpki-client on console-ams.rpki-client.org