Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/wLfZcZI8tJp92UG7rFRelPaPBDY.roa
File: wLfZcZI8tJp92UG7rFRelPaPBDY.roa (raw, json)
Hash identifier: vYFBZeNmdNCgl04RBUXHT8qs8N7diUcpV9HP3Gh8724=
Subject key identifier: C0:B7:D9:71:92:3C:B4:9A:7D:D9:41:BB:AC:54:5E:94:F6:8F:04:36
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 018BDCF075BBD062D24BD66E393F42F35DA4
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/wLfZcZI8tJp92UG7rFRelPaPBDY.roa
Signing time: Fri 17 Nov 2023 11:00:28 +0000
ROA not before: Fri 17 Nov 2023 11:00:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2a00:4bc0:2300::/40 maxlen: 48
2a00:4bc0:2100::/40 maxlen: 48
2a00:4bc0:2400::/40 maxlen: 48
2a00:4bc0:2600::/40 maxlen: 48
2a00:4bc0:2000::/44 maxlen: 56
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:f0:75:bb:d0:62:d2:4b:d6:6e:39:3f:42:f3:5d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: Nov 17 11:00:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0b7d971923cb49a7dd941bbac545e94f68f0436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:19:53:58:45:fe:76:3f:47:59:16:91:01:a7:
62:84:39:e9:56:22:a5:e7:16:12:5e:51:39:e4:e7:
d3:77:9d:2a:2e:10:dd:32:e1:4a:1a:e5:bb:18:96:
44:3f:0f:8e:79:e2:ed:5d:c0:c5:3a:ca:ce:ab:59:
57:1e:2d:83:1c:e8:79:c8:f8:a6:52:b0:31:8f:a9:
6c:18:c1:8d:76:51:aa:da:11:ab:18:04:6f:59:e2:
20:44:e2:1d:50:51:22:56:2d:be:a3:2c:18:89:dc:
92:2a:f5:8a:92:f1:35:4a:65:b9:31:e5:f1:1e:cb:
e0:25:ac:93:86:26:93:28:fd:b1:ed:83:b5:08:4c:
74:fe:08:da:3b:5c:8b:c9:0b:ed:45:c9:8e:01:66:
22:19:16:7a:8b:d8:4a:f7:a4:67:91:b3:ba:3d:9d:
92:8d:7f:8a:ea:14:49:3d:71:31:dd:b2:8a:c4:f9:
6e:98:7f:c1:51:05:fb:d1:04:32:2e:4c:ff:b1:eb:
8f:52:3c:02:21:30:98:86:7f:3a:c3:00:88:a9:e2:
3c:49:42:b3:a9:01:b7:5b:c1:a0:70:dd:05:a9:60:
38:34:ca:c7:6a:54:70:a1:12:d7:fa:1f:4b:5d:e1:
46:29:d3:e9:27:88:89:a9:e0:91:cd:e8:5a:11:56:
23:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:B7:D9:71:92:3C:B4:9A:7D:D9:41:BB:AC:54:5E:94:F6:8F:04:36
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/wLfZcZI8tJp92UG7rFRelPaPBDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4bc0:2000::/44
2a00:4bc0:2100::/40
2a00:4bc0:2300::-2a00:4bc0:24ff:ffff:ffff:ffff:ffff:ffff
2a00:4bc0:2600::/40
Signature Algorithm: sha256WithRSAEncryption
6d:0a:f8:24:fa:e2:99:09:e6:03:0f:08:40:a7:e7:d8:f8:f6:
59:35:7e:e7:a1:b7:a2:0b:bb:64:18:80:8f:ef:3e:10:fe:43:
a5:d8:44:c9:2f:d8:1e:24:ec:ff:d1:06:58:e9:5f:76:c4:16:
68:3f:f7:af:b5:7d:37:e5:d6:58:e3:92:23:c9:50:5c:c4:36:
e3:12:61:41:6b:84:8e:1d:dc:75:79:bb:91:d8:a5:b9:87:d5:
26:fa:1b:68:be:76:f9:4c:40:4c:4d:9b:69:ad:9a:19:c1:fa:
84:7e:97:a0:06:80:f4:82:c1:fe:8e:09:78:1a:d9:01:33:cd:
38:c0:4a:f3:aa:74:37:a1:c3:90:9a:f1:fa:b1:71:e1:9c:51:
31:f7:7d:11:8e:53:e1:bd:70:ca:93:a1:9e:cd:97:19:2a:eb:
86:46:bf:fb:59:76:e2:67:54:21:8a:5c:f6:bf:fc:64:32:8b:
48:27:c1:1c:02:8d:2f:80:0c:50:ed:f8:40:ba:4c:6c:64:dd:
d7:4a:15:bb:d7:79:13:18:d9:af:b9:59:62:89:cf:b2:47:98:
6e:69:1f:d7:72:b9:cf:6f:83:4c:86:87:20:33:e7:70:c4:8a:
36:0b:06:44:cb:ef:bd:40:e1:ec:82:c8:b0:8e:71:73:c4:69:
c2:68:10:ae
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYvc8HW70GLSS9ZuOT9C812kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjMxMTE3MTEwMDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGI3ZDk3MTkyM2NiNDlhN2RkOTQxYmJhYzU0NWU5NGY2OGYwNDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxlTWEX+dj9HWRaRAadihDnpViKl
5xYSXlE55OfTd50qLhDdMuFKGuW7GJZEPw+OeeLtXcDFOsrOq1lXHi2DHOh5yPim
UrAxj6lsGMGNdlGq2hGrGARvWeIgROIdUFEiVi2+oywYidySKvWKkvE1SmW5MeXx
HsvgJayThiaTKP2x7YO1CEx0/gjaO1yLyQvtRcmOAWYiGRZ6i9hK96RnkbO6PZ2S
jX+K6hRJPXEx3bKKxPlumH/BUQX70QQyLkz/seuPUjwCITCYhn86wwCIqeI8SUKz
qQG3W8GgcN0FqWA4NMrHalRwoRLX+h9LXeFGKdPpJ4iJqeCRzehaEVYj0wIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFMC32XGSPLSafdlBu6xUXpT2jwQ2MB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvd0xmWmNaSTh0SnA5MlVHN3JGUmVsUGFQQkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAAjArAwcEKgBLwCAA
AwYAKgBLwCEwEAMGACoAS8AjAwYAKgBLwCQDBgAqAEvAJjANBgkqhkiG9w0BAQsF
AAOCAQEAbQr4JPrimQnmAw8IQKfn2Pj2WTV+56G3ogu7ZBiAj+8+EP5DpdhEyS/Y
HiTs/9EGWOlfdsQWaD/3r7V9N+XWWOOSI8lQXMQ24xJhQWuEjh3cdXm7kdiluYfV
JvobaL52+UxATE2baa2aGcH6hH6XoAaA9ILB/o4JeBrZATPNOMBK86p0N6HDkJrx
+rFx4ZxRMfd9EY5T4b1wypOhns2XGSrrhka/+1l24mdUIYpc9r/8ZDKLSCfBHAKN
L4AMUO34QLpMbGTd10oVu9d5ExjZr7lZYonPskeYbmkf13K5z2+DTIaHIDPncMSK
NgsGRMvvvUDh7ILIsI5xc8RpwmgQrg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:20 2024 by rpki-client on console-ams.rpki-client.org