Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/WtewmlIe3jPshxTbiEYD85Naafg.roa
File: WtewmlIe3jPshxTbiEYD85Naafg.roa (raw, json)
Hash identifier: OM3gQqgb1rnUH2bIGZS1HG+cFhlZ1osEsY1aRhjjkik=
Subject key identifier: 5A:D7:B0:9A:52:1E:DE:33:EC:87:14:DB:88:46:03:F3:93:5A:69:F8
Certificate issuer: /CN=bd175e878d33b47d806f2cf3e04628220935123d
Certificate serial: 01856F2FD5CA89CF946AE2BA4DF2459CA0CC
Authority key identifier: BD:17:5E:87:8D:33:B4:7D:80:6F:2C:F3:E0:46:28:22:09:35:12:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vRdeh40ztH2Abyzz4EYoIgk1Ej0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/WtewmlIe3jPshxTbiEYD85Naafg.roa
Signing time: Sun 01 Jan 2023 21:14:43 +0000
ROA not before: Sun 01 Jan 2023 21:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206423
IP address blocks: 91.199.8.0/24 maxlen: 32
2001:67c:2f84::/48 maxlen: 128
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:d5:ca:89:cf:94:6a:e2:ba:4d:f2:45:9c:a0:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd175e878d33b47d806f2cf3e04628220935123d
Validity
Not Before: Jan 1 21:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ad7b09a521ede33ec8714db884603f3935a69f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:38:46:50:20:ee:19:03:ac:a0:b8:44:cd:04:
88:ac:9f:5b:a5:1f:e9:f6:1d:2c:c3:54:70:e1:00:
46:37:79:32:75:ea:cc:ad:90:ed:73:a6:12:9a:e0:
1a:33:85:1b:d3:28:62:be:42:1b:e8:d7:02:9a:72:
08:ed:0f:c4:9f:07:10:1a:cb:88:95:a7:2e:64:67:
13:33:c8:cb:e6:5a:09:d1:e9:4e:26:98:64:a5:9f:
33:05:92:0a:1c:32:09:27:26:7b:7a:9a:ea:29:58:
fb:9f:f4:20:ca:19:99:e8:af:e5:16:e4:3c:d5:4b:
8e:74:57:19:89:a5:8b:a8:2c:39:57:07:c0:57:b4:
78:5f:3e:62:87:c2:d9:c4:e6:b9:a4:b7:d0:96:f9:
55:df:70:86:20:cb:13:f8:60:b1:32:55:51:ac:b4:
22:15:b6:11:e2:68:7d:1d:51:9b:7a:45:35:8d:20:
8f:40:73:d0:a2:ae:05:7a:9c:71:00:74:26:d1:58:
62:5a:8b:a6:7c:77:2a:1a:c3:32:8a:86:9a:dc:ca:
6b:92:50:ad:26:5f:c2:8a:a5:7d:c2:33:05:13:96:
bd:52:75:71:7b:c5:df:7d:29:31:75:8e:bf:66:81:
36:ff:14:bc:f5:8f:dc:56:fb:6e:f5:80:cf:c9:8a:
c6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D7:B0:9A:52:1E:DE:33:EC:87:14:DB:88:46:03:F3:93:5A:69:F8
X509v3 Authority Key Identifier:
keyid:BD:17:5E:87:8D:33:B4:7D:80:6F:2C:F3:E0:46:28:22:09:35:12:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vRdeh40ztH2Abyzz4EYoIgk1Ej0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/WtewmlIe3jPshxTbiEYD85Naafg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/vRdeh40ztH2Abyzz4EYoIgk1Ej0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.8.0/24
IPv6:
2001:67c:2f84::/48
Signature Algorithm: sha256WithRSAEncryption
ab:8a:72:da:13:73:a9:05:6c:a8:f6:21:89:2f:31:dd:d3:48:
03:9d:be:c6:80:32:96:97:29:75:ba:ce:b7:5e:ab:52:1c:6e:
fe:9a:58:7d:02:59:30:77:e3:13:24:79:1d:7f:6a:35:a2:68:
15:61:8f:16:f9:ae:20:1f:42:62:e3:7c:db:2e:32:f3:ed:cf:
88:e0:3b:15:88:e7:d9:6e:6a:78:7a:c4:92:3f:32:74:35:4f:
5d:32:cd:18:1a:7a:e6:5f:9c:22:19:a2:85:7d:7b:fc:68:ae:
5a:57:1e:56:6a:a2:1c:bc:fd:3b:a3:b4:96:a2:b3:8d:19:25:
ea:b6:65:93:40:3a:e1:18:aa:18:54:50:bd:d0:6c:b3:cd:6d:
05:81:6b:1c:c5:4b:dc:a8:ed:39:29:50:de:21:e5:25:fa:cc:
bd:05:0c:01:46:49:1a:b1:ba:6d:76:30:2b:9b:7c:cb:16:43:
db:49:f8:2b:bf:c4:f6:08:14:be:cb:66:59:81:bb:db:29:da:
dd:dd:20:e9:06:8b:74:aa:f5:f9:fa:1f:d5:7e:b3:bc:9e:5f:
1e:09:03:dd:da:3c:23:10:3e:cd:6b:48:06:0b:56:2e:e1:70:
15:dc:8a:26:fa:a1:c3:33:11:24:2c:52:54:fd:6a:24:53:7f:
24:c0:71:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvL9XKic+UauK6TfJFnKDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMTc1ZTg3OGQzM2I0N2Q4MDZmMmNmM2UwNDYyODIyMDkz
NTEyM2QwHhcNMjMwMTAxMjExNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWQ3YjA5YTUyMWVkZTMzZWM4NzE0ZGI4ODQ2MDNmMzkzNWE2OWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjThGUCDuGQOsoLhEzQSIrJ9bpR/p
9h0sw1Rw4QBGN3kyderMrZDtc6YSmuAaM4Ub0yhivkIb6NcCmnII7Q/EnwcQGsuI
lacuZGcTM8jL5loJ0elOJphkpZ8zBZIKHDIJJyZ7eprqKVj7n/QgyhmZ6K/lFuQ8
1UuOdFcZiaWLqCw5VwfAV7R4Xz5ih8LZxOa5pLfQlvlV33CGIMsT+GCxMlVRrLQi
FbYR4mh9HVGbekU1jSCPQHPQoq4FepxxAHQm0VhiWoumfHcqGsMyioaa3MprklCt
Jl/CiqV9wjMFE5a9UnVxe8XffSkxdY6/ZoE2/xS89Y/cVvtu9YDPyYrGEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFrXsJpSHt4z7IcU24hGA/OTWmn4MB8GA1UdIwQY
MBaAFL0XXoeNM7R9gG8s8+BGKCIJNRI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlJkZWg0MHp0SDJBYnl6ejRFWW9JZ2sxRWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZGE5OGUtODY0Ni00ZDA3LTgwYWMt
YTM1ZWFmMDA1YWY1LzEvV3Rld21sSWUzalBzaHhUYmlFWUQ4NU5hYWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZGE5OGUtODY0Ni00ZDA3LTgwYWMtYTM1ZWFmMDA1YWY1
LzEvdlJkZWg0MHp0SDJBYnl6ejRFWW9JZ2sxRWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8cIMA8E
AgACMAkDBwAgAQZ8L4QwDQYJKoZIhvcNAQELBQADggEBAKuKctoTc6kFbKj2IYkv
Md3TSAOdvsaAMpaXKXW6zrdeq1Icbv6aWH0CWTB34xMkeR1/ajWiaBVhjxb5riAf
QmLjfNsuMvPtz4jgOxWI59luanh6xJI/MnQ1T10yzRgaeuZfnCIZooV9e/xorlpX
HlZqohy8/TujtJais40ZJeq2ZZNAOuEYqhhUUL3QbLPNbQWBaxzFS9yo7TkpUN4h
5SX6zL0FDAFGSRqxum12MCubfMsWQ9tJ+Cu/xPYIFL7LZlmBu9sp2t3dIOkGi3Sq
9fn6H9V+s7yeXx4JA93aPCMQPs1rSAYLVi7hcBXciib6ocMzESQsUlT9aiRTfyTA
cdQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:34 2024 by rpki-client on console-fra.rpki-client.org