Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/WqHESrIF5C6zRFl5iQrGiCvCbc4.roa
File: WqHESrIF5C6zRFl5iQrGiCvCbc4.roa (raw, json)
Hash identifier: QxfJaPhPsAHJfwacnQQzrMuadyvrgMtacMUAfz6uKmA=
Subject key identifier: 5A:A1:C4:4A:B2:05:E4:2E:B3:44:59:79:89:0A:C6:88:2B:C2:6D:CE
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0185725F89477334AB6E10E5BF565EDD2B53
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/WqHESrIF5C6zRFl5iQrGiCvCbc4.roa
Signing time: Mon 02 Jan 2023 12:05:41 +0000
ROA not before: Mon 02 Jan 2023 12:05:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 37.156.5.0/24 maxlen: 24
77.81.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Jan 2023 07:20:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:5f:89:47:73:34:ab:6e:10:e5:bf:56:5e:dd:2b:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 2 12:05:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5aa1c44ab205e42eb3445979890ac6882bc26dce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d9:c5:67:75:20:fb:ae:52:2a:b2:fd:f9:e4:
c9:f2:e6:8a:f9:9a:41:66:d8:ba:25:16:94:5b:da:
d4:54:c8:99:8c:b5:6f:fa:8e:18:e8:b8:03:f7:db:
5b:5b:03:d3:42:d7:6f:5b:57:96:2b:c2:30:81:12:
db:10:90:dc:e3:ba:d4:db:42:e8:48:85:ef:f9:71:
e9:cb:01:50:d7:dd:b3:be:24:ba:e8:d2:3e:78:70:
57:00:4c:77:b2:fa:f5:f3:53:56:b6:23:03:b4:d9:
d3:6b:08:8e:6b:c2:6b:9b:7c:7f:f9:a4:13:b8:55:
26:41:df:92:53:f6:24:f7:66:01:90:7e:92:63:50:
53:c4:09:4d:be:ea:61:ac:57:36:73:03:9e:8b:2d:
ec:ae:f5:59:d7:5e:aa:df:26:b7:9a:23:04:bc:4f:
b0:ac:21:cc:ea:7c:ca:fe:66:a5:d2:f1:60:30:55:
da:e4:6c:b2:5f:a2:bc:02:2c:f1:76:3d:dd:0d:a8:
2b:5a:f4:68:f0:31:31:11:2c:2d:33:ec:7e:14:bb:
01:dc:77:94:97:6b:c3:23:fb:61:93:0e:f1:c8:a0:
11:88:02:db:8f:4e:e1:3b:ad:76:74:d3:91:64:7f:
d6:8b:0e:9f:f3:7a:f3:48:03:2d:dd:c7:61:6b:e1:
44:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:A1:C4:4A:B2:05:E4:2E:B3:44:59:79:89:0A:C6:88:2B:C2:6D:CE
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/WqHESrIF5C6zRFl5iQrGiCvCbc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.5.0/24
77.81.65.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:f8:f1:2b:b6:af:9a:5c:af:dc:ae:3d:e0:78:56:86:57:fa:
c4:8c:74:4f:50:37:47:db:9b:be:c8:f4:e6:93:c2:f4:d4:08:
b8:d5:bb:8c:6b:2a:27:dc:32:38:ef:40:10:e9:ca:62:1c:fe:
ed:b1:07:2b:b6:40:06:b8:78:fe:e7:04:b9:1d:22:d5:4d:12:
30:1b:67:0b:2b:1f:04:6f:3a:c3:b2:2b:69:b6:53:10:50:9f:
79:9c:c7:66:e3:b1:9b:3f:79:d6:80:96:36:fa:74:6d:1f:c8:
5e:63:eb:20:83:cf:b3:db:5f:8b:72:69:17:8d:5c:b4:14:9b:
fc:db:36:53:4c:8a:b8:3d:c8:65:bd:1f:9f:f3:6e:e1:c5:2c:
67:d0:bd:15:1d:19:9d:87:82:e6:12:46:3e:77:2e:8a:a1:73:
7e:26:63:1c:69:78:f7:57:4d:1e:b3:f5:01:e6:b5:57:e8:cb:
23:52:fe:7a:89:9f:49:68:2b:a9:57:ad:50:d0:6f:5c:a8:54:
ab:e4:8e:8c:23:ab:92:2e:d1:65:20:03:7b:b3:53:9b:db:ad:
49:f8:ca:ca:0d:b5:2c:a4:5f:45:4d:1d:09:ee:93:69:3d:88:
cb:12:10:74:de:64:5c:74:eb:a0:33:62:9f:41:31:b5:69:06:
47:00:44:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyX4lHczSrbhDlv1Ze3StTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwMTAyMTIwNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWExYzQ0YWIyMDVlNDJlYjM0NDU5Nzk4OTBhYzY4ODJiYzI2ZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9nFZ3Ug+65SKrL9+eTJ8uaK+ZpB
Zti6JRaUW9rUVMiZjLVv+o4Y6LgD99tbWwPTQtdvW1eWK8IwgRLbEJDc47rU20Lo
SIXv+XHpywFQ192zviS66NI+eHBXAEx3svr181NWtiMDtNnTawiOa8Jrm3x/+aQT
uFUmQd+SU/Yk92YBkH6SY1BTxAlNvuphrFc2cwOeiy3srvVZ116q3ya3miMEvE+w
rCHM6nzK/mal0vFgMFXa5GyyX6K8Aizxdj3dDagrWvRo8DExESwtM+x+FLsB3HeU
l2vDI/thkw7xyKARiALbj07hO612dNORZH/Wiw6f83rzSAMt3cdha+FEUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFqhxEqyBeQus0RZeYkKxogrwm3OMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvV3FIRVNySUY1QzZ6UkZsNWlRckdpQ3ZDYmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJZwFAwQA
TVFBMA0GCSqGSIb3DQEBCwUAA4IBAQB8+PErtq+aXK/crj3geFaGV/rEjHRPUDdH
25u+yPTmk8L01Ai41buMayon3DI470AQ6cpiHP7tsQcrtkAGuHj+5wS5HSLVTRIw
G2cLKx8EbzrDsitptlMQUJ95nMdm47GbP3nWgJY2+nRtH8heY+sgg8+z21+LcmkX
jVy0FJv82zZTTIq4PchlvR+f827hxSxn0L0VHRmdh4LmEkY+dy6KoXN+JmMcaXj3
V00es/UB5rVX6MsjUv56iZ9JaCupV61Q0G9cqFSr5I6MI6uSLtFlIAN7s1Ob261J
+MrKDbUspF9FTR0J7pNpPYjLEhB03mRcdOugM2KfQTG1aQZHAERU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:07 2024 by rpki-client on console-fra.rpki-client.org