Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5dac30-8570-47b2-b26a-7f3a428171c7/1/4Wjlc09EZsn8brGYq0fqwbLsJxc.roa
File: 4Wjlc09EZsn8brGYq0fqwbLsJxc.roa (raw, json)
Hash identifier: DKw9zdtMAzjWChtJIZ1X72YmCgbe2wqfYrDiRkdHG/c=
Subject key identifier: E1:68:E5:73:4F:44:66:C9:FC:6E:B1:98:AB:47:EA:C1:B2:EC:27:17
Certificate issuer: /CN=922a1a67e2da7112d4559cd8dbd8141f8f3277e8
Certificate serial: 01898D6D20F04270BB43DD807FA41988A026
Authority key identifier: 92:2A:1A:67:E2:DA:71:12:D4:55:9C:D8:DB:D8:14:1F:8F:32:77:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kioaZ-LacRLUVZzY29gUH48yd-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5dac30-8570-47b2-b26a-7f3a428171c7/1/4Wjlc09EZsn8brGYq0fqwbLsJxc.roa
Signing time: Tue 25 Jul 2023 14:21:26 +0000
ROA not before: Tue 25 Jul 2023 14:21:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56457
IP address blocks: 176.119.210.0/24 maxlen: 24
185.201.254.0/24 maxlen: 24
2a06:5780::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8d:6d:20:f0:42:70:bb:43:dd:80:7f:a4:19:88:a0:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922a1a67e2da7112d4559cd8dbd8141f8f3277e8
Validity
Not Before: Jul 25 14:21:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e168e5734f4466c9fc6eb198ab47eac1b2ec2717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a5:95:fa:03:d0:ef:30:db:ef:3f:b8:bf:77:
ba:06:b4:0f:22:62:8f:90:9e:e7:53:dc:88:fb:62:
23:2a:e8:ae:e0:e5:68:58:5a:2a:5f:07:45:93:91:
64:f3:66:07:5c:ad:17:59:9c:5b:7c:c1:29:d8:10:
79:d3:0f:a0:4e:91:ef:f8:e9:e4:e5:b8:78:96:25:
0c:6c:8a:34:b1:88:70:cc:f1:d2:44:00:d3:73:ba:
c3:98:7c:59:ea:37:23:31:5a:f6:fe:ef:8f:aa:cb:
70:d3:13:89:bc:b8:24:ac:f3:ec:43:62:3a:c9:34:
b8:ca:b3:bd:6a:c4:c3:9e:3c:9d:ff:c3:48:34:89:
43:07:c3:0e:22:f5:d2:89:b0:53:b5:5c:0b:3a:1d:
06:6a:4e:c2:20:f4:6c:46:22:29:33:a1:ac:18:64:
73:ba:80:ed:f6:81:72:69:f4:e6:23:42:be:80:c2:
0e:e2:04:76:de:6b:52:f3:9f:fb:f3:1a:f4:15:a8:
a1:41:e2:0d:cb:ca:c2:92:58:52:2d:56:45:cb:ac:
8a:90:17:2b:2d:b9:35:da:16:83:b3:a0:39:aa:e9:
93:5d:6f:ca:7c:90:f5:d7:ee:25:55:6e:6e:1b:86:
2d:8a:b1:ec:08:33:f4:75:64:52:4b:fa:48:5f:3e:
83:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:68:E5:73:4F:44:66:C9:FC:6E:B1:98:AB:47:EA:C1:B2:EC:27:17
X509v3 Authority Key Identifier:
keyid:92:2A:1A:67:E2:DA:71:12:D4:55:9C:D8:DB:D8:14:1F:8F:32:77:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kioaZ-LacRLUVZzY29gUH48yd-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5dac30-8570-47b2-b26a-7f3a428171c7/1/4Wjlc09EZsn8brGYq0fqwbLsJxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5dac30-8570-47b2-b26a-7f3a428171c7/1/kioaZ-LacRLUVZzY29gUH48yd-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.210.0/24
185.201.254.0/24
IPv6:
2a06:5780::/29
Signature Algorithm: sha256WithRSAEncryption
53:ec:43:e0:54:0e:d2:b6:3a:e5:ed:4e:6b:0f:b5:e9:82:ec:
3c:2f:0c:ce:e6:73:de:03:c5:29:64:25:97:9b:78:9b:66:bc:
91:20:c8:a9:51:cb:5a:7b:14:2e:19:38:f5:96:18:69:a3:0a:
1c:3d:92:03:1a:05:4f:4d:57:34:4e:78:54:91:b2:13:3e:79:
17:c7:9b:71:ce:53:4e:f7:35:4e:a1:de:db:1b:83:e3:5f:d2:
3a:d3:76:9d:2d:96:4d:a5:ef:66:44:5c:b4:fc:21:6e:a1:db:
69:80:41:0d:51:90:b0:b4:33:50:1f:7c:d1:6e:96:e6:e9:f7:
70:0c:5d:36:f9:ba:6d:41:dd:e0:31:fb:15:42:39:2e:44:ce:
c7:b3:8e:cf:59:17:dc:e0:36:e9:08:68:b7:ca:50:d8:63:8a:
a3:7c:87:20:e5:98:05:45:c0:ea:92:a4:c2:40:91:d0:c2:00:
97:87:77:85:40:d5:2c:c8:c9:53:3a:b0:44:76:24:0a:7d:f8:
c3:4f:b9:26:22:25:c9:f0:d6:82:4b:36:02:aa:14:18:e3:c5:
97:0c:f5:4c:34:d9:89:c1:8c:45:9e:ff:5a:12:f3:ca:20:95:
fa:fa:20:43:0b:c9:b9:a1:28:4f:f5:79:d1:eb:96:dc:4c:bc:
c5:11:9f:f2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYmNbSDwQnC7Q92Af6QZiKAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMmExYTY3ZTJkYTcxMTJkNDU1OWNkOGRiZDgxNDFmOGYz
Mjc3ZTgwHhcNMjMwNzI1MTQyMTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTY4ZTU3MzRmNDQ2NmM5ZmM2ZWIxOThhYjQ3ZWFjMWIyZWMyNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqWV+gPQ7zDb7z+4v3e6BrQPImKP
kJ7nU9yI+2IjKuiu4OVoWFoqXwdFk5Fk82YHXK0XWZxbfMEp2BB50w+gTpHv+Onk
5bh4liUMbIo0sYhwzPHSRADTc7rDmHxZ6jcjMVr2/u+Pqstw0xOJvLgkrPPsQ2I6
yTS4yrO9asTDnjyd/8NINIlDB8MOIvXSibBTtVwLOh0Gak7CIPRsRiIpM6GsGGRz
uoDt9oFyafTmI0K+gMIO4gR23mtS85/78xr0FaihQeINy8rCklhSLVZFy6yKkBcr
Lbk12haDs6A5qumTXW/KfJD11+4lVW5uG4YtirHsCDP0dWRSS/pIXz6D+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOFo5XNPRGbJ/G6xmKtH6sGy7CcXMB8GA1UdIwQY
MBaAFJIqGmfi2nES1FWc2NvYFB+PMnfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lvYVotTGFjUkxVVlp6WTI5Z1VINDh5ZC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZGFjMzAtODU3MC00N2IyLWIyNmEt
N2YzYTQyODE3MWM3LzEvNFdqbGMwOUVac244YnJHWXEwZnF3YkxzSnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZGFjMzAtODU3MC00N2IyLWIyNmEtN2YzYTQyODE3MWM3
LzEva2lvYVotTGFjUkxVVlp6WTI5Z1VINDh5ZC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAsHfSAwQA
ucn+MA0EAgACMAcDBQMqBleAMA0GCSqGSIb3DQEBCwUAA4IBAQBT7EPgVA7Stjrl
7U5rD7Xpguw8LwzO5nPeA8UpZCWXm3ibZryRIMipUctaexQuGTj1lhhpowocPZID
GgVPTVc0TnhUkbITPnkXx5txzlNO9zVOod7bG4PjX9I603adLZZNpe9mRFy0/CFu
odtpgEENUZCwtDNQH3zRbpbm6fdwDF02+bptQd3gMfsVQjkuRM7Hs47PWRfc4Dbp
CGi3ylDYY4qjfIcg5ZgFRcDqkqTCQJHQwgCXh3eFQNUsyMlTOrBEdiQKffjDT7km
IiXJ8NaCSzYCqhQY48WXDPVMNNmJwYxFnv9aEvPKIJX6+iBDC8m5oShP9XnR65bc
TLzFEZ/y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:05 2024 by rpki-client on console-ams.rpki-client.org