Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/0b252d-db4c-4256-ab06-06d14cf0a46b/1/wNc0gxt6bM0wRRo5Qd_wwGytq2U.roa
File: wNc0gxt6bM0wRRo5Qd_wwGytq2U.roa (raw, json)
Hash identifier: a27MUJ7C9efifpeijiQmA0WkO3JRrXxMzR8MlT0tXK4=
Subject key identifier: C0:D7:34:83:1B:7A:6C:CD:30:45:1A:39:41:DF:F0:C0:6C:AD:AB:65
Certificate issuer: /CN=ebc86c8c2d495c9ebe42665a1513de69a9bf6553
Certificate serial: 0185711E32FC7F3765B4746FF47DA2F969B0
Authority key identifier: EB:C8:6C:8C:2D:49:5C:9E:BE:42:66:5A:15:13:DE:69:A9:BF:65:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/68hsjC1JXJ6-QmZaFRPeaam_ZVM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/0b252d-db4c-4256-ab06-06d14cf0a46b/1/wNc0gxt6bM0wRRo5Qd_wwGytq2U.roa
Signing time: Mon 02 Jan 2023 06:14:42 +0000
ROA not before: Mon 02 Jan 2023 06:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203322
IP address blocks: 185.138.172.0/23 maxlen: 23
185.138.172.0/22 maxlen: 22
185.138.174.0/23 maxlen: 23
2a07:fc0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:32:fc:7f:37:65:b4:74:6f:f4:7d:a2:f9:69:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebc86c8c2d495c9ebe42665a1513de69a9bf6553
Validity
Not Before: Jan 2 06:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0d734831b7a6ccd30451a3941dff0c06cadab65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:35:b2:e4:c6:0c:77:b5:63:29:5e:fb:67:49:
d4:6b:a2:e9:94:b0:0b:e4:04:ec:31:5c:aa:3f:1c:
fb:ab:a3:7a:fe:56:10:49:e1:fe:55:59:15:65:75:
9a:6e:d1:98:16:04:ca:3a:3c:69:1b:04:6d:ad:7b:
29:e0:cc:39:a4:4a:06:d8:32:a8:d8:77:c2:b2:b8:
54:73:8e:6f:d4:2d:d4:c2:49:58:1d:db:04:d3:04:
28:e4:f8:ae:2c:be:93:fb:5a:ec:1b:38:dc:5e:bb:
f3:0e:c9:a4:64:da:cb:54:a8:ad:20:fa:61:5d:3b:
f0:49:02:b5:ba:eb:52:ad:b6:5f:0a:07:01:60:b0:
7d:32:b8:71:76:ed:6b:80:eb:0a:15:0b:16:05:c9:
7e:ea:29:8f:4f:88:da:06:64:78:4e:f0:d7:d2:5f:
3f:16:1d:99:1c:30:02:17:fb:f1:fa:97:1c:c6:05:
f8:6d:4a:70:a6:da:bc:83:bb:a7:9e:2f:ad:cf:e9:
76:e5:f4:22:71:b6:8b:09:c1:9f:76:99:fd:27:f9:
12:c7:6c:be:8b:87:f0:7f:81:06:07:f7:fd:f3:9d:
1c:9d:d9:81:c2:b0:a5:4f:28:a0:54:32:54:eb:9c:
6f:a5:30:86:b8:90:ab:73:e6:3b:f3:37:cf:e2:d7:
25:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:D7:34:83:1B:7A:6C:CD:30:45:1A:39:41:DF:F0:C0:6C:AD:AB:65
X509v3 Authority Key Identifier:
keyid:EB:C8:6C:8C:2D:49:5C:9E:BE:42:66:5A:15:13:DE:69:A9:BF:65:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/68hsjC1JXJ6-QmZaFRPeaam_ZVM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0b252d-db4c-4256-ab06-06d14cf0a46b/1/wNc0gxt6bM0wRRo5Qd_wwGytq2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0b252d-db4c-4256-ab06-06d14cf0a46b/1/68hsjC1JXJ6-QmZaFRPeaam_ZVM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.172.0/22
IPv6:
2a07:fc0::/29
Signature Algorithm: sha256WithRSAEncryption
9b:92:f2:70:f0:0a:0f:0a:36:61:2a:d1:66:35:32:73:ef:9d:
4e:e7:cb:c4:55:7b:b6:e5:c6:46:dc:c2:38:88:5a:0b:7d:41:
1e:97:f4:90:0e:89:30:95:e4:0c:02:e5:f9:25:07:fd:8e:0e:
43:83:47:c6:99:28:a8:38:06:c9:76:93:b9:7b:a0:17:22:4a:
60:13:ef:7a:96:a3:21:cf:34:9a:8b:f1:d8:4d:d9:da:42:d3:
49:92:fe:ba:5a:31:1c:96:d9:1b:04:ca:5f:9f:21:ad:90:8e:
59:d4:27:60:87:9a:51:08:ee:81:96:5c:6f:53:89:f9:5a:1f:
3c:9c:78:db:d6:74:65:7f:c0:a9:52:b7:0c:b1:54:c6:1e:b6:
53:df:f3:f4:10:a3:18:94:a6:3c:04:e0:23:39:47:d4:cb:42:
cd:0b:8d:71:a1:fa:1b:55:54:a0:3c:9a:85:a5:08:7e:4e:87:
c0:93:5d:df:c5:40:49:96:01:34:f2:31:cd:90:44:4b:70:9b:
36:bf:ea:36:25:bd:ee:61:9e:b3:83:fd:53:98:66:05:05:74:
71:b7:e7:a0:90:60:c8:0c:0c:1c:77:c2:cb:3f:07:a6:51:5e:
99:09:f6:be:72:df:c8:c9:79:be:05:55:11:40:dd:1e:bd:03:
85:4e:03:06
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxHjL8fzdltHRv9H2i+WmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYzg2YzhjMmQ0OTVjOWViZTQyNjY1YTE1MTNkZTY5YTli
ZjY1NTMwHhcNMjMwMTAyMDYxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGQ3MzQ4MzFiN2E2Y2NkMzA0NTFhMzk0MWRmZjBjMDZjYWRhYjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDWy5MYMd7VjKV77Z0nUa6LplLAL
5ATsMVyqPxz7q6N6/lYQSeH+VVkVZXWabtGYFgTKOjxpGwRtrXsp4Mw5pEoG2DKo
2HfCsrhUc45v1C3UwklYHdsE0wQo5PiuLL6T+1rsGzjcXrvzDsmkZNrLVKitIPph
XTvwSQK1uutSrbZfCgcBYLB9Mrhxdu1rgOsKFQsWBcl+6imPT4jaBmR4TvDX0l8/
Fh2ZHDACF/vx+pccxgX4bUpwptq8g7unni+tz+l25fQicbaLCcGfdpn9J/kSx2y+
i4fwf4EGB/f9850cndmBwrClTyigVDJU65xvpTCGuJCrc+Y78zfP4tclMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMDXNIMbemzNMEUaOUHf8MBsratlMB8GA1UdIwQY
MBaAFOvIbIwtSVyevkJmWhUT3mmpv2VTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjhoc2pDMUpYSjYtUW1aYUZSUGVhYW1fWlZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wYjI1MmQtZGI0Yy00MjU2LWFiMDYt
MDZkMTRjZjBhNDZiLzEvd05jMGd4dDZiTTB3UlJvNVFkX3d3R3l0cTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wYjI1MmQtZGI0Yy00MjU2LWFiMDYtMDZkMTRjZjBhNDZi
LzEvNjhoc2pDMUpYSjYtUW1aYUZSUGVhYW1fWlZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYqsMA0E
AgACMAcDBQMqBw/AMA0GCSqGSIb3DQEBCwUAA4IBAQCbkvJw8AoPCjZhKtFmNTJz
751O58vEVXu25cZG3MI4iFoLfUEel/SQDokwleQMAuX5JQf9jg5Dg0fGmSioOAbJ
dpO5e6AXIkpgE+96lqMhzzSai/HYTdnaQtNJkv66WjEcltkbBMpfnyGtkI5Z1Cdg
h5pRCO6BllxvU4n5Wh88nHjb1nRlf8CpUrcMsVTGHrZT3/P0EKMYlKY8BOAjOUfU
y0LNC41xofobVVSgPJqFpQh+TofAk13fxUBJlgE08jHNkERLcJs2v+o2Jb3uYZ6z
g/1TmGYFBXRxt+egkGDIDAwcd8LLPwemUV6ZCfa+ct/IyXm+BVURQN0evQOFTgMG
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:52 2024 by rpki-client on console-ams.rpki-client.org