Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/wrfSETLNBHp1RUjTofwxbLqvMw8.roa
File: wrfSETLNBHp1RUjTofwxbLqvMw8.roa (raw, json)
Hash identifier: Ir9Oah+tGfMAZ4lMRnzUQGKqDBji/m4xYKE19OevfEo=
Subject key identifier: C2:B7:D2:11:32:CD:04:7A:75:45:48:D3:A1:FC:31:6C:BA:AF:33:0F
Certificate issuer: /CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Certificate serial: 018570796AA59FD50B89F1C23C642D0C6AC6
Authority key identifier: 34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/wrfSETLNBHp1RUjTofwxbLqvMw8.roa
Signing time: Mon 02 Jan 2023 03:14:43 +0000
ROA not before: Mon 02 Jan 2023 03:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206767
IP address blocks: 185.171.13.0/24 maxlen: 24
185.171.12.0/24 maxlen: 24
185.171.15.0/24 maxlen: 24
185.171.14.0/24 maxlen: 24
2a0d:580::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:6a:a5:9f:d5:0b:89:f1:c2:3c:64:2d:0c:6a:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Validity
Not Before: Jan 2 03:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2b7d21132cd047a754548d3a1fc316cbaaf330f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1f:79:65:36:52:4f:db:fd:96:f0:d1:97:20:
89:24:0c:de:7c:54:3c:ba:e4:a7:af:99:f6:ad:93:
29:0c:d6:7b:dc:8c:90:c0:c8:77:f7:8b:44:e3:15:
57:a7:9e:f5:e5:20:49:95:a1:fa:c0:b2:e9:f6:00:
82:67:2d:87:9f:e0:b0:07:ed:87:86:d3:8f:52:69:
ac:fd:f7:a6:ff:93:5d:63:d7:20:64:8d:de:58:ad:
c4:99:11:c8:3b:15:00:d2:3c:d5:84:c1:e1:3d:fe:
82:16:a7:06:de:06:77:25:af:3d:98:96:93:dc:25:
0b:75:d4:f8:b0:89:ef:de:24:ba:f4:66:da:17:0b:
18:19:be:8e:73:57:ba:58:40:8c:8e:e3:84:11:65:
6d:d9:4e:a9:41:04:46:67:69:28:d3:7c:e3:b9:08:
b5:7e:66:e6:f0:08:e1:e0:84:e6:5b:29:e8:b0:f0:
ab:b4:66:9e:b7:cc:bc:04:fb:4e:80:e8:d2:d2:34:
4d:8c:3c:2d:48:bd:44:04:b7:81:6b:c7:62:c4:57:
7f:c2:51:66:57:ac:d1:08:68:3f:8f:48:d7:f3:91:
98:d1:48:b2:80:b1:61:fa:40:d7:c9:70:d4:6f:25:
79:43:26:46:25:85:61:6f:3a:d2:7c:f6:8d:2b:e4:
75:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B7:D2:11:32:CD:04:7A:75:45:48:D3:A1:FC:31:6C:BA:AF:33:0F
X509v3 Authority Key Identifier:
keyid:34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/wrfSETLNBHp1RUjTofwxbLqvMw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.12.0/22
IPv6:
2a0d:580::/32
Signature Algorithm: sha256WithRSAEncryption
69:ed:63:f0:4b:78:df:03:65:44:65:b7:2d:66:c2:b2:bd:d3:
3f:1e:ac:1d:b4:c7:be:2f:56:f2:0c:72:11:6a:de:e7:af:5e:
46:46:e2:d9:e4:25:9e:49:2f:08:ce:8d:c5:dd:61:66:18:43:
00:dd:92:ef:5e:3a:1a:88:af:ca:d3:63:90:5a:d1:40:b1:3b:
55:e7:52:d4:24:b0:9a:50:1e:e0:be:07:9f:3b:25:4c:f9:67:
b2:81:f2:ea:a4:e0:c8:8a:59:0d:cc:70:d8:a3:cc:e9:df:7b:
9c:d7:a3:5c:5e:27:9c:b4:34:ec:2e:a2:fa:25:12:92:10:e8:
e5:ea:68:69:36:1b:57:03:46:85:86:f2:a6:40:0b:c6:8e:5b:
29:e6:d5:b2:33:87:b6:4b:a3:07:28:4e:71:bf:4d:df:db:91:
c9:c2:30:64:8b:56:56:1b:75:f1:f4:4e:7a:8e:ce:ca:c8:9f:
4b:b4:c5:d1:34:ff:e5:ce:54:73:eb:ff:b8:1a:80:65:d1:fa:
6d:aa:3b:62:6c:b9:76:17:55:80:ff:d2:fb:30:19:70:8a:ee:
f7:a8:af:c4:a0:30:6d:8e:14:d1:5b:ad:54:a4:66:69:17:da:
94:1d:75:30:80:0a:b0:8a:91:0d:d9:70:2b:d8:96:9c:83:51:
b7:69:e0:42
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVweWqln9ULifHCPGQtDGrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDZhMTJlY2M1M2EyNTFhNzVjZTdiYWNhYWM5ZTQxYWVl
OGI0Y2EwHhcNMjMwMTAyMDMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmI3ZDIxMTMyY2QwNDdhNzU0NTQ4ZDNhMWZjMzE2Y2JhYWYzMzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzR95ZTZST9v9lvDRlyCJJAzefFQ8
uuSnr5n2rZMpDNZ73IyQwMh394tE4xVXp5715SBJlaH6wLLp9gCCZy2Hn+CwB+2H
htOPUmms/fem/5NdY9cgZI3eWK3EmRHIOxUA0jzVhMHhPf6CFqcG3gZ3Ja89mJaT
3CULddT4sInv3iS69GbaFwsYGb6Oc1e6WECMjuOEEWVt2U6pQQRGZ2ko03zjuQi1
fmbm8Ajh4ITmWynosPCrtGaet8y8BPtOgOjS0jRNjDwtSL1EBLeBa8dixFd/wlFm
V6zRCGg/j0jX85GY0UiygLFh+kDXyXDUbyV5QyZGJYVhbzrSfPaNK+R1wwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMK30hEyzQR6dUVI06H8MWy6rzMPMB8GA1UdIwQY
MBaAFDQGoS7MU6JRp1znusqsnkGu6LTKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUt
YTc3OWJhYWE3NTk5LzEvd3JmU0VUTE5CSHAxUlVqVG9md3hiTHF2TXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUtYTc3OWJhYWE3NTk5
LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuasMMA0E
AgACMAcDBQAqDQWAMA0GCSqGSIb3DQEBCwUAA4IBAQBp7WPwS3jfA2VEZbctZsKy
vdM/HqwdtMe+L1byDHIRat7nr15GRuLZ5CWeSS8Izo3F3WFmGEMA3ZLvXjoaiK/K
02OQWtFAsTtV51LUJLCaUB7gvgefOyVM+WeygfLqpODIilkNzHDYo8zp33uc16Nc
XiectDTsLqL6JRKSEOjl6mhpNhtXA0aFhvKmQAvGjlsp5tWyM4e2S6MHKE5xv03f
25HJwjBki1ZWG3Xx9E56js7KyJ9LtMXRNP/lzlRz6/+4GoBl0fptqjtibLl2F1WA
/9L7MBlwiu73qK/EoDBtjhTRW61UpGZpF9qUHXUwgAqwipEN2XAr2Jacg1G3aeBC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:46 2024 by rpki-client on console-ams.rpki-client.org