Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/w04boHFEr4vo2QsqBvPmX4yOxlQ.roa
File: w04boHFEr4vo2QsqBvPmX4yOxlQ.roa (raw, json)
Hash identifier: v6flyjVLVBk40oikSanzJyv6QhPH0edO6WlZwUlBIcM=
Subject key identifier: C3:4E:1B:A0:71:44:AF:8B:E8:D9:0B:2A:06:F3:E6:5F:8C:8E:C6:54
Certificate issuer: /CN=3aeeb9e692ba9e93d8b95a6488d5c875609d4aec
Certificate serial: 018573683E37ACCE25029B831D895521ECC5
Authority key identifier: 3A:EE:B9:E6:92:BA:9E:93:D8:B9:5A:64:88:D5:C8:75:60:9D:4A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ou655pK6npPYuVpkiNXIdWCdSuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/w04boHFEr4vo2QsqBvPmX4yOxlQ.roa
Signing time: Mon 02 Jan 2023 16:54:49 +0000
ROA not before: Mon 02 Jan 2023 16:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42580
IP address blocks: 81.20.240.0/20 maxlen: 20
185.218.12.0/22 maxlen: 22
78.29.128.0/18 maxlen: 18
128.65.224.0/19 maxlen: 19
2a0b:c1c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:3e:37:ac:ce:25:02:9b:83:1d:89:55:21:ec:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aeeb9e692ba9e93d8b95a6488d5c875609d4aec
Validity
Not Before: Jan 2 16:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c34e1ba07144af8be8d90b2a06f3e65f8c8ec654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ce:de:10:0d:57:60:f5:83:4a:07:02:96:fc:
2f:44:20:ed:82:c9:cd:df:43:7c:ab:b9:20:c0:c2:
78:8f:ba:ad:58:e2:b2:aa:c0:2d:5c:7b:5b:59:1b:
a3:6e:f1:05:85:23:b1:25:0e:db:5a:85:d5:69:1a:
bc:9d:7f:51:a4:61:61:b5:a4:3c:f1:76:30:b7:e5:
0e:77:38:72:2d:79:b2:1c:72:17:21:1e:05:30:eb:
7d:d4:c9:75:61:66:30:ba:b9:7b:c8:fb:b2:68:72:
60:ea:8e:d6:0f:65:40:ef:f8:74:93:df:26:0a:11:
98:9a:bb:59:46:da:c3:73:2e:88:5a:a7:5d:eb:a5:
26:cd:7e:93:24:7d:2b:fe:fc:18:88:92:25:7c:a6:
f0:06:56:75:07:0d:f3:92:cb:95:df:c1:15:75:d5:
7c:82:f1:e6:9e:26:ab:6b:c8:ed:0c:a3:5c:d9:54:
dd:72:b5:3c:21:f6:c2:24:91:3b:53:02:69:fd:37:
83:16:7f:e5:37:fb:07:74:a5:d8:25:75:3b:8f:77:
f0:b9:39:79:a2:a3:0d:6f:2d:1f:0f:7a:d3:86:42:
70:5e:6d:26:f7:36:ce:fb:71:a9:12:d1:02:5e:f9:
35:e4:98:44:84:63:19:e5:c6:c1:31:d8:85:13:83:
e7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:4E:1B:A0:71:44:AF:8B:E8:D9:0B:2A:06:F3:E6:5F:8C:8E:C6:54
X509v3 Authority Key Identifier:
keyid:3A:EE:B9:E6:92:BA:9E:93:D8:B9:5A:64:88:D5:C8:75:60:9D:4A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou655pK6npPYuVpkiNXIdWCdSuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/w04boHFEr4vo2QsqBvPmX4yOxlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/Ou655pK6npPYuVpkiNXIdWCdSuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.29.128.0/18
81.20.240.0/20
128.65.224.0/19
185.218.12.0/22
IPv6:
2a0b:c1c0::/29
Signature Algorithm: sha256WithRSAEncryption
a2:87:1b:45:09:21:f2:44:96:3d:a8:46:5f:ca:ba:9f:b8:87:
f8:43:c0:92:9c:96:68:b6:5f:e2:41:4c:5b:13:f2:5c:5d:76:
1e:77:7e:92:bf:a8:10:b7:de:99:d4:37:cb:5c:78:36:bd:f5:
bf:a2:8a:81:39:53:bd:3d:93:e1:0f:7c:fa:12:c9:44:e8:54:
d6:4b:80:31:a4:ab:f5:2e:7e:8c:07:67:11:f1:c0:74:42:d1:
ff:c0:a0:ee:53:c6:b5:55:69:88:99:af:b8:42:5d:cd:c3:8b:
e6:d1:39:6a:81:b6:7a:00:75:fb:d6:3b:6e:58:49:ad:15:4a:
42:e7:91:88:18:62:40:53:df:d7:2b:45:49:16:84:1e:6a:da:
17:d6:fb:2b:d6:41:fd:50:f2:df:2f:4b:ae:b5:0a:79:69:9f:
14:22:28:f9:5b:c2:f0:21:8c:20:36:86:5a:ef:2d:ce:58:cd:
4f:6b:06:68:f8:91:87:bb:c8:e0:d1:6e:ee:f5:e0:8a:28:b1:
d9:37:8c:2d:17:10:16:1f:c3:08:9f:27:83:e3:36:20:20:4c:
f3:b5:51:b8:c8:7f:a0:92:0f:3c:20:f1:11:5a:eb:7f:6a:75:
b3:4a:1d:ed:78:07:28:00:0b:5c:97:bc:47:17:cb:4b:a5:2c:
c5:1d:28:f7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVzaD43rM4lApuDHYlVIezFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWViOWU2OTJiYTllOTNkOGI5NWE2NDg4ZDVjODc1NjA5
ZDRhZWMwHhcNMjMwMTAyMTY1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzRlMWJhMDcxNDRhZjhiZThkOTBiMmEwNmYzZTY1ZjhjOGVjNjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAis7eEA1XYPWDSgcClvwvRCDtgsnN
30N8q7kgwMJ4j7qtWOKyqsAtXHtbWRujbvEFhSOxJQ7bWoXVaRq8nX9RpGFhtaQ8
8XYwt+UOdzhyLXmyHHIXIR4FMOt91Ml1YWYwurl7yPuyaHJg6o7WD2VA7/h0k98m
ChGYmrtZRtrDcy6IWqdd66UmzX6TJH0r/vwYiJIlfKbwBlZ1Bw3zksuV38EVddV8
gvHmniara8jtDKNc2VTdcrU8IfbCJJE7UwJp/TeDFn/lN/sHdKXYJXU7j3fwuTl5
oqMNby0fD3rThkJwXm0m9zbO+3GpEtECXvk15JhEhGMZ5cbBMdiFE4Pn4QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMNOG6BxRK+L6NkLKgbz5l+MjsZUMB8GA1UdIwQY
MBaAFDruueaSup6T2LlaZIjVyHVgnUrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U2NTVwSzZucFBZdVZwa2lOWElkV0NkU3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8zZTI1OWItYjZkYy00Y2Y0LWFjMTkt
NTAzM2Y4ZDc5YmU3LzEvdzA0Ym9IRkVyNHZvMlFzcUJ2UG1YNHlPeGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8zZTI1OWItYjZkYy00Y2Y0LWFjMTktNTAzM2Y4ZDc5YmU3
LzEvT3U2NTVwSzZucFBZdVZwa2lOWElkV0NkU3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGTh2AAwQE
URTwAwQFgEHgAwQCudoMMA0EAgACMAcDBQMqC8HAMA0GCSqGSIb3DQEBCwUAA4IB
AQCihxtFCSHyRJY9qEZfyrqfuIf4Q8CSnJZotl/iQUxbE/JcXXYed36Sv6gQt96Z
1DfLXHg2vfW/ooqBOVO9PZPhD3z6EslE6FTWS4AxpKv1Ln6MB2cR8cB0QtH/wKDu
U8a1VWmIma+4Ql3Nw4vm0TlqgbZ6AHX71jtuWEmtFUpC55GIGGJAU9/XK0VJFoQe
atoX1vsr1kH9UPLfL0uutQp5aZ8UIij5W8LwIYwgNoZa7y3OWM1PawZo+JGHu8jg
0W7u9eCKKLHZN4wtFxAWH8MInyeD4zYgIEzztVG4yH+gkg88IPERWut/anWzSh3t
eAcoAAtcl7xHF8tLpSzFHSj3
-----END CERTIFICATE-----
Generated at Tue Jan 2 18:21:41 2024 by rpki-client on console-ams.rpki-client.org