Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/whN8iUke7sNVCXN8APUMuzOYkSc.roa
File: whN8iUke7sNVCXN8APUMuzOYkSc.roa (raw, json)
Hash identifier: d7CZ5ktP8BpbQrEeaAQ5kfSRgAHYCf/iSr1vGPmQELM=
Subject key identifier: C2:13:7C:89:49:1E:EE:C3:55:09:73:7C:00:F5:0C:BB:33:98:91:27
Certificate issuer: /CN=5d8a9fd7c51926e22ea8aa33b3b8838e93e8bedd
Certificate serial: 01856F38FF486AE5A4C62474924D4BAB59A5
Authority key identifier: 5D:8A:9F:D7:C5:19:26:E2:2E:A8:AA:33:B3:B8:83:8E:93:E8:BE:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/whN8iUke7sNVCXN8APUMuzOYkSc.roa
Signing time: Sun 01 Jan 2023 21:24:44 +0000
ROA not before: Sun 01 Jan 2023 21:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199305
IP address blocks: 213.140.142.0/24 maxlen: 24
2a02:2298:410::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:38:ff:48:6a:e5:a4:c6:24:74:92:4d:4b:ab:59:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d8a9fd7c51926e22ea8aa33b3b8838e93e8bedd
Validity
Not Before: Jan 1 21:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2137c89491eeec35509737c00f50cbb33989127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:05:0b:f0:7f:1c:f5:22:c9:fd:25:f8:5b:76:
aa:19:59:32:19:70:ee:74:ce:7a:dc:03:3e:e5:de:
75:68:6c:64:6e:43:31:46:15:51:45:b0:b4:c2:f5:
fe:75:5a:22:20:a3:73:8a:6d:f2:46:85:ce:6c:96:
42:b6:6b:9c:71:e0:b9:c1:b2:86:4a:d3:91:9d:6b:
b8:69:d2:65:eb:1c:4d:37:98:ca:1e:b8:c9:58:89:
66:44:cc:59:ed:ba:38:bd:45:54:71:85:9d:cb:73:
94:98:2e:4d:37:84:63:fc:ac:16:d0:b7:b7:a1:19:
a7:06:e3:05:b3:8b:d8:a6:08:4a:62:a9:13:80:af:
68:1b:c1:bc:38:c8:06:67:3b:f8:dd:09:22:8a:76:
83:0e:54:0f:9f:11:8c:20:5a:5a:ff:61:4c:15:07:
b6:b3:09:9a:f7:1f:87:37:1d:0e:9a:fa:62:22:0d:
ee:33:87:b4:56:86:57:1d:c0:a0:96:19:bd:dc:a2:
33:83:fa:ba:ea:99:a9:72:d2:55:5d:9a:d1:04:7b:
5a:d1:98:f0:84:f8:14:44:4a:5c:e7:3b:1a:91:bf:
73:41:f4:a6:e3:4a:d5:79:dd:37:d5:ca:f1:bd:6c:
86:a4:48:12:3d:b5:c9:3f:6a:25:5a:22:12:27:d0:
98:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:13:7C:89:49:1E:EE:C3:55:09:73:7C:00:F5:0C:BB:33:98:91:27
X509v3 Authority Key Identifier:
keyid:5D:8A:9F:D7:C5:19:26:E2:2E:A8:AA:33:B3:B8:83:8E:93:E8:BE:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/whN8iUke7sNVCXN8APUMuzOYkSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/XYqf18UZJuIuqKozs7iDjpPovt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.140.142.0/24
IPv6:
2a02:2298:410::/48
Signature Algorithm: sha256WithRSAEncryption
24:c5:87:12:1b:35:9f:50:a2:c7:f7:ab:80:3c:b9:e7:c4:0c:
a9:03:9e:72:ee:1a:5d:51:67:8a:52:6f:97:66:44:f9:60:60:
97:77:01:a6:0d:6e:fc:c4:f7:8a:5b:5c:0b:30:ab:e8:7b:34:
b8:62:ea:2f:fe:22:16:02:20:70:f2:7a:67:9e:42:d6:86:37:
20:98:07:70:c8:44:f6:7b:cc:f3:fa:0e:82:8e:84:1c:c9:b9:
c3:f2:26:d0:58:0f:b3:fc:70:81:2a:22:6e:2a:cc:d6:9a:8a:
7b:de:70:43:c9:37:c7:c5:c1:91:ba:6d:ef:9c:23:30:a6:6a:
04:58:aa:32:aa:e0:0b:ed:95:ca:7a:19:0b:e7:51:9f:fa:46:
96:05:a6:cb:eb:94:b5:e1:b5:a4:fe:f0:29:d3:8b:f4:14:18:
07:22:48:d5:25:c9:6c:c2:6e:b3:9d:8a:bc:83:03:44:5a:d0:
52:cf:c5:7c:3e:ba:4a:81:83:be:1d:ce:7f:97:84:f3:c9:07:
54:cf:62:87:b2:10:b8:ef:aa:62:9b:5c:0f:af:44:8e:23:04:
54:07:0f:c1:77:54:55:20:a8:85:04:65:fa:1e:b1:30:d5:cd:
36:7f:64:6c:f2:40:bc:44:82:1b:d5:14:df:f6:b9:9a:16:98:
da:56:64:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvOP9IauWkxiR0kk1Lq1mlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGE5ZmQ3YzUxOTI2ZTIyZWE4YWEzM2IzYjg4MzhlOTNl
OGJlZGQwHhcNMjMwMTAxMjEyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjEzN2M4OTQ5MWVlZWMzNTUwOTczN2MwMGY1MGNiYjMzOTg5MTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQUL8H8c9SLJ/SX4W3aqGVkyGXDu
dM563AM+5d51aGxkbkMxRhVRRbC0wvX+dVoiIKNzim3yRoXObJZCtmucceC5wbKG
StORnWu4adJl6xxNN5jKHrjJWIlmRMxZ7bo4vUVUcYWdy3OUmC5NN4Rj/KwW0Le3
oRmnBuMFs4vYpghKYqkTgK9oG8G8OMgGZzv43QkiinaDDlQPnxGMIFpa/2FMFQe2
swma9x+HNx0OmvpiIg3uM4e0VoZXHcCglhm93KIzg/q66pmpctJVXZrRBHta0Zjw
hPgUREpc5zsakb9zQfSm40rVed031crxvWyGpEgSPbXJP2olWiISJ9CYjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMITfIlJHu7DVQlzfAD1DLszmJEnMB8GA1UdIwQY
MBaAFF2Kn9fFGSbiLqiqM7O4g46T6L7dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlxZjE4VVpKdUl1cUtvenM3aURqcFBvdnQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9iYjg2MWQtMzMwZi00YTk3LTlmOWMt
NjZjNTNmMmIxZjAyLzEvd2hOOGlVa2U3c05WQ1hOOEFQVU11ek9Za1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9iYjg2MWQtMzMwZi00YTk3LTlmOWMtNjZjNTNmMmIxZjAy
LzEvWFlxZjE4VVpKdUl1cUtvenM3aURqcFBvdnQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1YyOMA8E
AgACMAkDBwAqAiKYBBAwDQYJKoZIhvcNAQELBQADggEBACTFhxIbNZ9Qosf3q4A8
uefEDKkDnnLuGl1RZ4pSb5dmRPlgYJd3AaYNbvzE94pbXAswq+h7NLhi6i/+IhYC
IHDyemeeQtaGNyCYB3DIRPZ7zPP6DoKOhBzJucPyJtBYD7P8cIEqIm4qzNaainve
cEPJN8fFwZG6be+cIzCmagRYqjKq4Avtlcp6GQvnUZ/6RpYFpsvrlLXhtaT+8CnT
i/QUGAciSNUlyWzCbrOdiryDA0Ra0FLPxXw+ukqBg74dzn+XhPPJB1TPYoeyELjv
qmKbXA+vRI4jBFQHD8F3VFUgqIUEZfoesTDVzTZ/ZGzyQLxEghvVFN/2uZoWmNpW
ZDU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org