Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/06dd83-07dc-40fb-923f-d91dce5db93a/1/WtNMDlslq-Xf0SIIPL9kvunDVII.roa
File: WtNMDlslq-Xf0SIIPL9kvunDVII.roa (raw, json)
Hash identifier: +cU3Ii/oSgjmFq6V8WT3cK0kZXpsjAXGT118c5eMJ0k=
Subject key identifier: 5A:D3:4C:0E:5B:25:AB:E5:DF:D1:22:08:3C:BF:64:BE:E9:C3:54:82
Certificate issuer: /CN=053360c6e3e892db66b1df6ad47f7818e9deeb8c
Certificate serial: 01856C25AE65EF7DFF8A7A2B46386E908A8C
Authority key identifier: 05:33:60:C6:E3:E8:92:DB:66:B1:DF:6A:D4:7F:78:18:E9:DE:EB:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTNgxuPokttmsd9q1H94GOne64w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/06dd83-07dc-40fb-923f-d91dce5db93a/1/WtNMDlslq-Xf0SIIPL9kvunDVII.roa
Signing time: Sun 01 Jan 2023 07:04:46 +0000
ROA not before: Sun 01 Jan 2023 07:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8922
IP address blocks: 185.34.36.0/23 maxlen: 23
185.34.38.0/23 maxlen: 23
2a03:e700::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:25:ae:65:ef:7d:ff:8a:7a:2b:46:38:6e:90:8a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053360c6e3e892db66b1df6ad47f7818e9deeb8c
Validity
Not Before: Jan 1 07:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ad34c0e5b25abe5dfd122083cbf64bee9c35482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e3:04:04:76:74:f9:6a:2d:40:af:83:66:44:
6a:f5:a2:7a:36:fc:c4:8b:6e:fb:21:d4:bc:c0:da:
d2:8f:83:b1:44:66:9f:a5:f4:a3:cf:6d:b0:2d:3f:
56:4b:00:77:09:61:eb:d7:f3:91:aa:9e:88:2f:ae:
83:e3:e4:db:86:ad:7c:04:06:3d:40:35:7d:56:b3:
f5:27:dc:64:71:8d:e1:33:08:79:de:de:19:67:c4:
fa:39:b1:d6:7e:94:63:c8:5e:8b:ed:12:66:90:90:
4a:3b:43:b4:72:c3:6a:55:3f:8e:c9:ff:90:80:de:
86:bd:f1:46:db:74:a2:c3:71:38:fd:43:4e:7b:84:
8a:74:47:9d:c1:15:9e:03:d1:d4:ed:fe:c5:eb:da:
f3:87:81:a8:35:3d:ee:31:a9:a4:e4:72:ed:af:b2:
1d:6b:66:c2:31:f3:d2:e8:fa:3f:22:03:2d:04:56:
f1:cd:97:ac:ee:73:02:ef:cd:0c:9b:2c:d1:85:0c:
b0:f3:fd:17:b4:7a:c7:89:f3:ce:5c:3e:bf:a7:2e:
71:99:da:d5:b4:d3:a8:36:9f:24:66:7b:5a:3b:cf:
1a:66:a8:71:a4:df:83:c9:3e:58:38:f5:a0:d4:df:
4b:af:a0:e4:df:58:cb:16:06:20:b6:04:9d:d4:b3:
f9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D3:4C:0E:5B:25:AB:E5:DF:D1:22:08:3C:BF:64:BE:E9:C3:54:82
X509v3 Authority Key Identifier:
keyid:05:33:60:C6:E3:E8:92:DB:66:B1:DF:6A:D4:7F:78:18:E9:DE:EB:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTNgxuPokttmsd9q1H94GOne64w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/06dd83-07dc-40fb-923f-d91dce5db93a/1/WtNMDlslq-Xf0SIIPL9kvunDVII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/06dd83-07dc-40fb-923f-d91dce5db93a/1/BTNgxuPokttmsd9q1H94GOne64w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.36.0/22
IPv6:
2a03:e700::/32
Signature Algorithm: sha256WithRSAEncryption
3d:4f:1e:2f:a0:99:d3:13:99:18:46:f3:d5:3b:9c:d9:1a:bb:
21:78:83:06:70:45:d8:3b:eb:3f:48:b2:5b:f8:34:ff:46:b0:
84:ae:d2:b0:2f:1f:8d:37:14:6b:f2:87:00:a7:34:03:02:6b:
86:52:10:86:1e:f0:a9:dd:e3:06:22:69:ae:01:50:ab:a9:d5:
69:05:94:78:c9:75:46:d8:7e:d7:38:a3:1b:5e:01:0c:7f:dd:
e8:42:63:c0:bd:a9:b4:73:44:a2:ba:6f:c5:19:66:aa:9e:d3:
62:dd:13:62:5f:74:3a:5a:c1:ab:f8:9e:8f:5a:88:ff:68:01:
27:f6:5b:22:57:e1:4e:6f:e7:3f:4f:07:33:a1:3d:41:96:85:
eb:3d:37:1b:aa:87:60:1b:b5:8b:76:6e:07:2b:f1:42:7a:35:
3e:17:6d:ff:84:ca:d0:10:fc:da:8f:d5:a8:df:cf:00:a8:bc:
27:a0:e3:fe:3a:75:61:06:c3:cc:67:13:22:80:d5:64:60:68:
2f:84:f8:21:89:f7:c1:f8:78:07:da:39:f9:ca:56:3c:5d:1e:
4d:42:48:4d:ae:eb:c3:f0:93:e6:2d:bc:4c:77:fd:95:4e:cd:
e3:a6:c4:85:c3:15:17:03:71:40:06:ae:f1:fb:ed:d0:35:36:
b2:7f:78:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsJa5l733/inorRjhukIqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzM2MGM2ZTNlODkyZGI2NmIxZGY2YWQ0N2Y3ODE4ZTlk
ZWViOGMwHhcNMjMwMTAxMDcwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWQzNGMwZTViMjVhYmU1ZGZkMTIyMDgzY2JmNjRiZWU5YzM1NDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOMEBHZ0+WotQK+DZkRq9aJ6NvzE
i277IdS8wNrSj4OxRGafpfSjz22wLT9WSwB3CWHr1/ORqp6IL66D4+Tbhq18BAY9
QDV9VrP1J9xkcY3hMwh53t4ZZ8T6ObHWfpRjyF6L7RJmkJBKO0O0csNqVT+Oyf+Q
gN6GvfFG23Siw3E4/UNOe4SKdEedwRWeA9HU7f7F69rzh4GoNT3uMamk5HLtr7Id
a2bCMfPS6Po/IgMtBFbxzZes7nMC780MmyzRhQyw8/0XtHrHifPOXD6/py5xmdrV
tNOoNp8kZntaO88aZqhxpN+DyT5YOPWg1N9Lr6Dk31jLFgYgtgSd1LP5awIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFrTTA5bJavl39EiCDy/ZL7pw1SCMB8GA1UdIwQY
MBaAFAUzYMbj6JLbZrHfatR/eBjp3uuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlROZ3h1UG9rdHRtc2Q5cTFIOTRHT25lNjR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8wNmRkODMtMDdkYy00MGZiLTkyM2Yt
ZDkxZGNlNWRiOTNhLzEvV3ROTURsc2xxLVhmMFNJSVBMOWt2dW5EVklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8wNmRkODMtMDdkYy00MGZiLTkyM2YtZDkxZGNlNWRiOTNh
LzEvQlROZ3h1UG9rdHRtc2Q5cTFIOTRHT25lNjR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSIkMA0E
AgACMAcDBQAqA+cAMA0GCSqGSIb3DQEBCwUAA4IBAQA9Tx4voJnTE5kYRvPVO5zZ
GrsheIMGcEXYO+s/SLJb+DT/RrCErtKwLx+NNxRr8ocApzQDAmuGUhCGHvCp3eMG
ImmuAVCrqdVpBZR4yXVG2H7XOKMbXgEMf93oQmPAvam0c0Sium/FGWaqntNi3RNi
X3Q6WsGr+J6PWoj/aAEn9lsiV+FOb+c/TwczoT1BloXrPTcbqodgG7WLdm4HK/FC
ejU+F23/hMrQEPzaj9Wo388AqLwnoOP+OnVhBsPMZxMigNVkYGgvhPghiffB+HgH
2jn5ylY8XR5NQkhNruvD8JPmLbxMd/2VTs3jpsSFwxUXA3FABq7x++3QNTayf3j1
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:57 2024 by rpki-client on console-fra.rpki-client.org