Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/d54bc0-f781-48b0-9f6d-b5f0d21053f8/1/wuIXKDSK_OehA7I1MSA_4ZC-4V0.roa
File: wuIXKDSK_OehA7I1MSA_4ZC-4V0.roa (raw, json)
Hash identifier: bjPeKqc2aaWqAs77FJYKeTgtCjHzQfvCmqTkq2crx0U=
Subject key identifier: C2:E2:17:28:34:8A:FC:E7:A1:03:B2:35:31:20:3F:E1:90:BE:E1:5D
Certificate issuer: /CN=5d82ca6f8eb685a573e5d1d91f8f06121ab02a37
Certificate serial: 01856F429F344925F0D81418A8FE2514757D
Authority key identifier: 5D:82:CA:6F:8E:B6:85:A5:73:E5:D1:D9:1F:8F:06:12:1A:B0:2A:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYLKb462haVz5dHZH48GEhqwKjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/d54bc0-f781-48b0-9f6d-b5f0d21053f8/1/wuIXKDSK_OehA7I1MSA_4ZC-4V0.roa
Signing time: Sun 01 Jan 2023 21:35:15 +0000
ROA not before: Sun 01 Jan 2023 21:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198114
IP address blocks: 91.231.192.0/22 maxlen: 22
91.231.192.0/24 maxlen: 24
91.231.193.0/24 maxlen: 24
91.231.194.0/24 maxlen: 24
91.231.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:9f:34:49:25:f0:d8:14:18:a8:fe:25:14:75:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d82ca6f8eb685a573e5d1d91f8f06121ab02a37
Validity
Not Before: Jan 1 21:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2e21728348afce7a103b23531203fe190bee15d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f4:82:a6:88:d9:9c:0c:8e:07:04:48:d6:fb:
ee:5a:92:49:2d:42:ce:1f:93:c3:b4:9c:2b:76:e3:
36:6b:9d:e0:cd:0b:f6:9f:27:60:01:cd:61:6c:4c:
1f:40:a4:88:e9:99:01:fe:25:df:0f:1e:de:7e:5d:
36:9a:76:33:b1:07:aa:13:52:fe:07:2f:28:15:31:
96:c7:34:94:89:23:e9:27:61:c9:5c:e9:5a:24:66:
fd:89:77:90:c5:4d:ee:8f:bd:ab:94:b7:ea:13:ca:
39:64:2f:0b:41:f0:e9:95:42:b0:7e:cd:b7:17:65:
66:57:ee:8e:64:8e:76:7a:a5:37:9a:d9:59:69:8f:
d1:f5:a1:17:04:94:5b:41:92:2c:28:12:02:b8:7c:
7c:54:96:0f:6c:f6:cf:65:16:86:36:4f:76:c8:38:
28:2f:f8:2a:50:2a:96:d6:b4:36:d1:5b:2f:d7:2a:
77:fa:aa:cf:a5:de:bf:cb:82:61:71:fd:b4:29:66:
69:eb:3d:80:df:a1:78:6e:c6:ff:3b:5f:31:93:a3:
93:9c:5a:18:3a:38:38:78:90:6e:a7:19:af:45:43:
a7:80:cd:ca:3e:42:8e:0a:55:16:30:e2:32:84:74:
98:ff:37:a2:5b:b5:40:f2:e0:8e:3e:97:a7:25:f0:
e8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:E2:17:28:34:8A:FC:E7:A1:03:B2:35:31:20:3F:E1:90:BE:E1:5D
X509v3 Authority Key Identifier:
keyid:5D:82:CA:6F:8E:B6:85:A5:73:E5:D1:D9:1F:8F:06:12:1A:B0:2A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYLKb462haVz5dHZH48GEhqwKjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d54bc0-f781-48b0-9f6d-b5f0d21053f8/1/wuIXKDSK_OehA7I1MSA_4ZC-4V0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d54bc0-f781-48b0-9f6d-b5f0d21053f8/1/XYLKb462haVz5dHZH48GEhqwKjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.192.0/22
Signature Algorithm: sha256WithRSAEncryption
39:cf:d6:9e:39:b6:62:3d:75:ee:ef:9b:e6:94:8d:4f:9d:5c:
b0:c2:b3:30:83:03:25:16:fd:08:b5:80:c7:f6:80:13:d2:95:
c9:77:4d:bf:e7:b3:aa:a7:71:66:c5:69:a6:96:e8:a2:a5:62:
5d:fb:bf:61:94:81:aa:a3:b5:07:8e:d5:86:80:87:35:27:0c:
80:74:45:90:29:f7:af:ec:f7:63:4f:7b:6e:2c:d0:80:6b:38:
0e:08:d7:31:27:bf:df:7f:6b:c9:b8:20:3b:6a:19:3f:dd:a7:
82:aa:89:b4:dc:69:33:13:9e:d3:11:dc:cf:3f:bf:35:9f:c6:
6f:6b:14:27:01:84:64:18:1b:60:e6:ce:79:83:53:17:9f:b7:
c5:d4:5e:b2:b7:28:71:6c:e7:7f:b5:f8:a6:0c:7d:f5:18:71:
b9:fd:13:38:5e:c1:1d:da:89:06:c9:bf:4d:d2:75:89:cb:7b:
9f:dc:8b:a6:77:0c:6f:4f:5d:c9:be:7a:02:9e:9d:f2:33:8b:
a8:48:ef:cb:b2:91:85:42:a2:41:25:4c:a4:33:28:02:08:e1:
ac:74:4b:48:43:9f:81:17:a5:12:b1:77:0c:c3:3d:20:a9:b8:
8e:67:b5:1b:6c:63:37:a7:61:21:ff:a0:e8:af:69:b4:07:2d:
e3:71:b2:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQp80SSXw2BQYqP4lFHV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODJjYTZmOGViNjg1YTU3M2U1ZDFkOTFmOGYwNjEyMWFi
MDJhMzcwHhcNMjMwMTAxMjEzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmUyMTcyODM0OGFmY2U3YTEwM2IyMzUzMTIwM2ZlMTkwYmVlMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPSCpojZnAyOBwRI1vvuWpJJLULO
H5PDtJwrduM2a53gzQv2nydgAc1hbEwfQKSI6ZkB/iXfDx7efl02mnYzsQeqE1L+
By8oFTGWxzSUiSPpJ2HJXOlaJGb9iXeQxU3uj72rlLfqE8o5ZC8LQfDplUKwfs23
F2VmV+6OZI52eqU3mtlZaY/R9aEXBJRbQZIsKBICuHx8VJYPbPbPZRaGNk92yDgo
L/gqUCqW1rQ20Vsv1yp3+qrPpd6/y4Jhcf20KWZp6z2A36F4bsb/O18xk6OTnFoY
Ojg4eJBupxmvRUOngM3KPkKOClUWMOIyhHSY/zeiW7VA8uCOPpenJfDoWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMLiFyg0ivznoQOyNTEgP+GQvuFdMB8GA1UdIwQY
MBaAFF2Cym+OtoWlc+XR2R+PBhIasCo3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlMS2I0NjJoYVZ6NWRIWkg0OEdFaHF3S2pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kNTRiYzAtZjc4MS00OGIwLTlmNmQt
YjVmMGQyMTA1M2Y4LzEvd3VJWEtEU0tfT2VoQTdJMU1TQV80WkMtNFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kNTRiYzAtZjc4MS00OGIwLTlmNmQtYjVmMGQyMTA1M2Y4
LzEvWFlMS2I0NjJoYVZ6NWRIWkg0OEdFaHF3S2pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+fAMA0G
CSqGSIb3DQEBCwUAA4IBAQA5z9aeObZiPXXu75vmlI1PnVywwrMwgwMlFv0ItYDH
9oAT0pXJd02/57Oqp3FmxWmmluiipWJd+79hlIGqo7UHjtWGgIc1JwyAdEWQKfev
7PdjT3tuLNCAazgOCNcxJ7/ff2vJuCA7ahk/3aeCqom03GkzE57TEdzPP781n8Zv
axQnAYRkGBtg5s55g1MXn7fF1F6ytyhxbOd/tfimDH31GHG5/RM4XsEd2okGyb9N
0nWJy3uf3IumdwxvT13JvnoCnp3yM4uoSO/LspGFQqJBJUykMygCCOGsdEtIQ5+B
F6USsXcMwz0gqbiOZ7UbbGM3p2Eh/6Dor2m0By3jcbLx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:41 2024 by rpki-client on console-ams.rpki-client.org