Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/whpkKObZX1sEjqpnqc2s9prvEcg.roa
File: whpkKObZX1sEjqpnqc2s9prvEcg.roa (raw, json)
Hash identifier: nD0sFJC0VmZF7I7x8dTQNtHGR6dX1W4rZ0xaqLsnBFQ=
Subject key identifier: C2:1A:64:28:E6:D9:5F:5B:04:8E:AA:67:A9:CD:AC:F6:9A:EF:11:C8
Certificate issuer: /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial: 018572CC9367346979DF79AA4BCD3287685E
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/whpkKObZX1sEjqpnqc2s9prvEcg.roa
Signing time: Mon 02 Jan 2023 14:04:47 +0000
ROA not before: Mon 02 Jan 2023 14:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14537
IP address blocks: 91.206.144.0/23 maxlen: 24
193.28.159.0/24 maxlen: 24
91.223.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:93:67:34:69:79:df:79:aa:4b:cd:32:87:68:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Validity
Not Before: Jan 2 14:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c21a6428e6d95f5b048eaa67a9cdacf69aef11c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:fe:ed:46:23:9d:03:15:de:89:45:17:45:4f:
35:f9:c2:65:86:47:4d:ea:59:c8:44:87:48:26:a5:
06:de:e9:06:3c:9b:1a:21:5b:18:4c:c8:9c:1c:48:
a9:bc:85:f8:3d:f7:e2:bf:0a:05:2e:a8:e4:57:76:
4f:b6:e8:8e:3e:9c:d5:22:00:31:8a:81:d5:bf:33:
c1:d1:79:74:56:eb:6e:87:c0:ca:7e:f7:f6:3b:e1:
85:a5:b5:b6:d4:84:00:67:f6:79:61:e7:d1:b9:89:
5e:71:de:af:16:9a:c0:61:df:cf:ae:a4:1b:0d:66:
63:25:5a:31:50:d4:58:31:2e:c3:f9:db:12:4f:8f:
69:1c:68:9c:4b:8b:43:6e:ce:b1:fa:3f:13:5d:b6:
6f:8b:53:61:da:7a:0b:29:e0:6f:ed:f1:33:68:cf:
48:b4:7c:39:82:34:51:2b:24:4b:3e:ad:59:e6:23:
f2:a4:8c:b1:4f:af:54:1a:fc:d9:c5:7c:99:ee:59:
ac:ad:52:65:84:e4:2e:8b:d1:c4:32:cc:5e:3d:66:
3f:99:6e:24:9e:50:4e:62:53:d1:ae:bd:2f:04:9e:
a3:d1:2f:d8:c6:12:b9:4a:14:79:8c:bc:c5:eb:7f:
78:9e:12:b0:4c:c6:96:fe:f4:7d:18:45:0f:8c:c8:
05:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:1A:64:28:E6:D9:5F:5B:04:8E:AA:67:A9:CD:AC:F6:9A:EF:11:C8
X509v3 Authority Key Identifier:
keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/whpkKObZX1sEjqpnqc2s9prvEcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.144.0/23
91.223.161.0/24
193.28.159.0/24
Signature Algorithm: sha256WithRSAEncryption
72:12:d1:a2:c1:0b:d8:d4:ec:51:7d:54:db:d5:b9:4f:2c:52:
73:ed:c7:20:90:73:69:40:f5:33:c4:b7:7a:66:62:4a:70:21:
7d:78:16:fe:a9:48:08:fa:8b:86:06:61:ec:c4:92:b2:a7:6c:
1a:dc:0e:2a:b1:ea:d3:bc:05:e7:a2:6f:f7:11:b8:06:ec:75:
dc:f8:25:25:0a:c9:92:89:55:de:5b:47:f9:4b:d4:8d:1d:e8:
71:7c:5f:75:38:8f:ca:f0:f5:c0:94:12:f9:cd:80:87:38:c2:
2f:fd:9e:e8:f8:14:73:d0:3b:56:37:ec:dc:f1:bc:43:c1:ca:
e3:b6:9c:92:0b:13:22:ef:fb:0f:40:8f:ff:7b:d8:d4:e7:cf:
8e:a3:f2:d3:65:f3:04:71:76:d0:af:6d:09:11:a3:d3:3a:fd:
3b:94:61:27:c6:8f:d6:3d:e0:8a:26:75:3f:dc:e5:ea:86:40:
c5:cd:3d:73:dc:9c:7a:a5:c1:72:83:ae:02:93:e6:36:47:8c:
ff:52:93:66:ad:6d:07:c4:9f:fd:a4:da:54:18:55:3b:9d:b5:
2f:d7:53:5b:3a:59:eb:87:80:6b:e4:23:88:bb:ef:ed:cf:76:
83:d4:03:ce:e5:a6:a5:a9:92:24:f0:97:5a:78:4d:56:a1:f1:
48:5f:0f:09
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyzJNnNGl533mqS80yh2heMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh
MGUwYTkwHhcNMjMwMTAyMTQwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjFhNjQyOGU2ZDk1ZjViMDQ4ZWFhNjdhOWNkYWNmNjlhZWYxMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgf7tRiOdAxXeiUUXRU81+cJlhkdN
6lnIRIdIJqUG3ukGPJsaIVsYTMicHEipvIX4PffivwoFLqjkV3ZPtuiOPpzVIgAx
ioHVvzPB0Xl0Vutuh8DKfvf2O+GFpbW21IQAZ/Z5YefRuYlecd6vFprAYd/PrqQb
DWZjJVoxUNRYMS7D+dsST49pHGicS4tDbs6x+j8TXbZvi1Nh2noLKeBv7fEzaM9I
tHw5gjRRKyRLPq1Z5iPypIyxT69UGvzZxXyZ7lmsrVJlhOQui9HEMsxePWY/mW4k
nlBOYlPRrr0vBJ6j0S/YxhK5ShR5jLzF6394nhKwTMaW/vR9GEUPjMgFCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMIaZCjm2V9bBI6qZ6nNrPaa7xHIMB8GA1UdIwQY
MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt
N2ZiZjVlZTI5MGFjLzEvd2hwa0tPYlpYMXNFanFwbnFjMnM5cHJ2RWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTItN2ZiZjVlZTI5MGFj
LzEvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW86QAwQA
W9+hAwQAwRyfMA0GCSqGSIb3DQEBCwUAA4IBAQByEtGiwQvY1OxRfVTb1blPLFJz
7ccgkHNpQPUzxLd6ZmJKcCF9eBb+qUgI+ouGBmHsxJKyp2wa3A4qserTvAXnom/3
EbgG7HXc+CUlCsmSiVXeW0f5S9SNHehxfF91OI/K8PXAlBL5zYCHOMIv/Z7o+BRz
0DtWN+zc8bxDwcrjtpySCxMi7/sPQI//e9jU58+Oo/LTZfMEcXbQr20JEaPTOv07
lGEnxo/WPeCKJnU/3OXqhkDFzT1z3Jx6pcFyg64Ck+Y2R4z/UpNmrW0HxJ/9pNpU
GFU7nbUv11NbOlnrh4Br5COIu+/tz3aD1APO5aalqZIk8JdaeE1WofFIXw8J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:51 2024 by rpki-client on console-fra.rpki-client.org