Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/wghM9DgsCgu9qCakeK4fVd8T3bk.roa
File: wghM9DgsCgu9qCakeK4fVd8T3bk.roa (raw, json)
Hash identifier: M0Fr3Y5MTf5frIuyPDjq+Hpmbzp4vvuWj/GSK+/2i1c=
Subject key identifier: C2:08:4C:F4:38:2C:0A:0B:BD:A8:26:A4:78:AE:1F:55:DF:13:DD:B9
Certificate issuer: /CN=214a0f42190944ac6b45e00a24ae41a345fdcb35
Certificate serial: 01856EAFED7449BD5342565D6DB01E03B1EB
Authority key identifier: 21:4A:0F:42:19:09:44:AC:6B:45:E0:0A:24:AE:41:A3:45:FD:CB:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/wghM9DgsCgu9qCakeK4fVd8T3bk.roa
Signing time: Sun 01 Jan 2023 18:55:01 +0000
ROA not before: Sun 01 Jan 2023 18:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137
IP address blocks: 193.43.141.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:ed:74:49:bd:53:42:56:5d:6d:b0:1e:03:b1:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=214a0f42190944ac6b45e00a24ae41a345fdcb35
Validity
Not Before: Jan 1 18:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2084cf4382c0a0bbda826a478ae1f55df13ddb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:13:71:c4:f8:ca:a2:1d:b1:e0:7b:59:76:2b:
d4:d3:49:ea:25:ed:13:91:c6:7e:46:d3:6e:87:ec:
69:6a:ab:d5:9e:d9:f6:02:5a:21:ae:5a:81:4a:9a:
cf:92:1b:3e:d5:46:f4:78:85:8a:8c:8d:f8:cf:d9:
05:d5:b9:3b:1f:8d:3b:46:a8:83:38:c7:c9:2b:c5:
2b:44:d7:79:f4:6c:f3:5f:7f:90:ca:91:f8:e1:89:
33:e6:4b:88:17:0e:02:7f:1d:50:ea:8f:72:74:fa:
94:8c:72:bb:44:e3:d1:ea:de:67:da:0a:f1:b2:d2:
cf:34:34:5a:a3:10:e5:02:c7:c2:4e:a1:15:d0:10:
b3:50:13:81:ef:ee:af:dc:f5:5b:89:5d:cc:ea:d4:
63:cd:c2:99:2d:c7:83:21:bd:c4:0e:4c:6f:a8:6f:
af:16:84:66:24:a3:de:4b:18:6a:dc:70:87:30:31:
b6:5a:5a:ba:87:35:9f:ee:63:59:6c:81:76:cf:24:
c4:d0:02:4b:43:30:46:03:c5:d5:45:8b:21:7a:ab:
cf:95:dc:9c:b9:c0:8c:4e:ea:62:86:45:8b:63:80:
79:0a:ce:82:62:dd:b6:4e:ce:97:16:3c:bc:38:bd:
74:b2:00:a2:50:c4:54:7b:3f:9a:20:b9:ce:2b:cc:
33:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:08:4C:F4:38:2C:0A:0B:BD:A8:26:A4:78:AE:1F:55:DF:13:DD:B9
X509v3 Authority Key Identifier:
keyid:21:4A:0F:42:19:09:44:AC:6B:45:E0:0A:24:AE:41:A3:45:FD:CB:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/wghM9DgsCgu9qCakeK4fVd8T3bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.141.0/24
Signature Algorithm: sha256WithRSAEncryption
15:e8:f6:30:a2:96:8e:50:5b:97:ce:6d:6c:80:91:fe:21:89:
03:e0:9b:ef:9b:0b:26:0f:eb:8d:b1:c2:ee:4b:61:72:a0:c1:
d8:7e:ee:29:f7:2d:93:ce:c7:f4:d6:94:66:45:8f:85:41:1e:
fc:1d:c9:17:1f:dc:c2:b2:84:f4:df:ce:6f:91:a7:54:a4:78:
79:ff:99:2f:2d:6d:75:2a:21:7c:f1:ec:fa:42:1c:b6:a8:21:
39:41:63:9f:e9:93:6a:ff:cb:e6:1f:69:00:cd:23:91:3f:f4:
d0:2e:49:d8:cb:0b:51:15:05:32:41:d2:e6:76:b6:a8:74:1a:
e7:00:74:5a:4e:42:77:7d:90:2b:10:3f:52:e0:2b:ee:d5:e0:
bf:6d:3f:08:5c:75:e6:57:eb:67:a3:f1:9a:2e:4e:73:21:92:
02:21:12:a2:96:a3:93:fa:a6:fd:72:6e:a3:a6:f8:b8:43:ea:
c6:6e:6d:0a:83:39:eb:22:12:55:26:ec:48:f8:9f:4f:d5:3b:
63:6d:b2:c0:3c:91:16:58:65:7b:ef:11:21:2b:06:f6:3f:bb:
06:e4:4d:b8:3f:34:15:0c:17:93:c7:80:b8:88:d2:d6:04:4c:
9d:26:f5:96:01:9b:4e:c6:63:9f:2c:93:8c:7b:dc:cd:47:09:
92:55:95:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur+10Sb1TQlZdbbAeA7HrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNGEwZjQyMTkwOTQ0YWM2YjQ1ZTAwYTI0YWU0MWEzNDVm
ZGNiMzUwHhcNMjMwMTAxMTg1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjA4NGNmNDM4MmMwYTBiYmRhODI2YTQ3OGFlMWY1NWRmMTNkZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRNxxPjKoh2x4HtZdivU00nqJe0T
kcZ+RtNuh+xpaqvVntn2AlohrlqBSprPkhs+1Ub0eIWKjI34z9kF1bk7H407RqiD
OMfJK8UrRNd59GzzX3+QypH44Ykz5kuIFw4Cfx1Q6o9ydPqUjHK7ROPR6t5n2grx
stLPNDRaoxDlAsfCTqEV0BCzUBOB7+6v3PVbiV3M6tRjzcKZLceDIb3EDkxvqG+v
FoRmJKPeSxhq3HCHMDG2Wlq6hzWf7mNZbIF2zyTE0AJLQzBGA8XVRYsheqvPldyc
ucCMTupihkWLY4B5Cs6CYt22Ts6XFjy8OL10sgCiUMRUez+aILnOK8wztwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIITPQ4LAoLvagmpHiuH1XfE925MB8GA1UdIwQY
MBaAFCFKD0IZCUSsa0XgCiSuQaNF/cs1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wZDU3ZmYtNTUzMC00NjBkLThiNTMt
YjY2NTZjYzFiZDU5LzEvd2doTTlEZ3NDZ3U5cUNha2VLNGZWZDhUM2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8wZDU3ZmYtNTUzMC00NjBkLThiNTMtYjY2NTZjYzFiZDU5
LzEvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSuNMA0G
CSqGSIb3DQEBCwUAA4IBAQAV6PYwopaOUFuXzm1sgJH+IYkD4JvvmwsmD+uNscLu
S2FyoMHYfu4p9y2Tzsf01pRmRY+FQR78HckXH9zCsoT0385vkadUpHh5/5kvLW11
KiF88ez6Qhy2qCE5QWOf6ZNq/8vmH2kAzSORP/TQLknYywtRFQUyQdLmdraodBrn
AHRaTkJ3fZArED9S4Cvu1eC/bT8IXHXmV+tno/GaLk5zIZICIRKilqOT+qb9cm6j
pvi4Q+rGbm0KgznrIhJVJuxI+J9P1TtjbbLAPJEWWGV77xEhKwb2P7sG5E24PzQV
DBeTx4C4iNLWBEydJvWWAZtOxmOfLJOMe9zNRwmSVZV4
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:08 2024 by rpki-client on console-fra.rpki-client.org