Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/WS3lL0t_6jy6IUiH3KkrGaQhpW8.roa
File: WS3lL0t_6jy6IUiH3KkrGaQhpW8.roa (raw, json)
Hash identifier: PfKwMWF1Hm12Trj2dTB3TepMFc2oZ1WnqZX/T2QSDBs=
Subject key identifier: 59:2D:E5:2F:4B:7F:EA:3C:BA:21:48:87:DC:A9:2B:19:A4:21:A5:6F
Certificate issuer: /CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Certificate serial: 01856E2FCA29C94A31EBBE8A2C340D223826
Authority key identifier: 81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/WS3lL0t_6jy6IUiH3KkrGaQhpW8.roa
Signing time: Sun 01 Jan 2023 16:35:03 +0000
ROA not before: Sun 01 Jan 2023 16:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8258
IP address blocks: 195.64.224.0/22 maxlen: 22
195.64.228.0/24 maxlen: 24
195.64.254.0/23 maxlen: 23
2a02:2540::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:ca:29:c9:4a:31:eb:be:8a:2c:34:0d:22:38:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Validity
Not Before: Jan 1 16:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=592de52f4b7fea3cba214887dca92b19a421a56f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2a:1b:57:fb:c0:1f:db:6f:1c:1f:b3:df:00:
bc:03:d8:e8:b2:73:29:e5:67:e9:01:23:ba:53:05:
22:56:d0:e0:93:59:33:fc:f0:05:e8:36:3a:31:51:
e0:a9:f7:67:e4:d5:24:7a:ab:48:2b:01:77:d7:e7:
6e:ce:8e:dd:82:13:fa:e8:bc:b6:ee:e8:0d:f1:c9:
7f:aa:40:16:06:d4:95:62:d3:76:d3:04:94:7a:35:
8a:3d:53:b4:b0:40:a6:7d:57:a4:64:5e:aa:37:ba:
d8:37:c0:c4:72:c2:81:7e:07:49:83:a3:14:8b:0d:
af:26:f0:70:34:b7:ec:60:2c:da:6e:16:46:84:93:
70:dd:1e:61:c7:fe:68:c4:71:5a:66:b9:f0:a3:54:
5d:59:1c:27:7a:62:ea:8d:4e:c7:6a:51:d5:62:2f:
11:20:a1:ec:15:fc:01:e5:23:76:e7:b5:1b:07:9b:
76:ad:36:42:ab:19:3f:17:02:77:dd:68:da:db:a1:
26:bb:dd:76:de:90:f5:2d:43:03:c5:b5:0e:4d:44:
7c:bc:91:f9:91:56:1d:19:d9:59:dd:10:0c:02:89:
21:f4:9f:98:6b:4d:ea:07:0e:fa:3e:95:33:01:9b:
fe:1e:75:88:a2:7d:f8:26:82:ee:c3:01:a8:ce:50:
da:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:2D:E5:2F:4B:7F:EA:3C:BA:21:48:87:DC:A9:2B:19:A4:21:A5:6F
X509v3 Authority Key Identifier:
keyid:81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/WS3lL0t_6jy6IUiH3KkrGaQhpW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/gfpI9AvIRUDEa9I76bkIl6oYT00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.224.0-195.64.228.255
195.64.254.0/23
IPv6:
2a02:2540::/32
Signature Algorithm: sha256WithRSAEncryption
15:17:ea:1d:a0:80:ec:7e:a9:df:78:bb:9c:aa:79:1a:d2:65:
53:a8:bb:f5:5b:bd:d5:2c:db:26:6c:82:d5:c4:4b:07:85:89:
e7:57:31:43:cc:0a:97:88:1e:a6:b6:02:ee:c1:6e:3e:48:c6:
35:b8:da:d4:01:b8:56:30:a3:d4:34:9d:db:bc:95:8d:2c:f2:
85:32:bb:f9:e7:08:0b:2a:8d:a7:5c:58:16:4f:d5:e5:74:88:
b0:36:5b:db:d1:5e:42:7b:59:3d:5a:e2:5e:9d:c9:a3:80:46:
a9:ca:f4:ed:f0:26:1d:2c:89:55:8b:69:49:17:64:03:ab:b0:
df:77:f8:0d:1e:0b:b2:8f:42:b4:e5:ef:d2:eb:c8:10:7d:51:
08:a5:fe:7b:2a:5f:04:42:70:fe:7c:4d:d7:35:1e:c0:54:8a:
35:cb:c3:bf:bb:d6:d3:69:89:55:5e:2f:69:b4:ac:47:30:13:
a1:74:0f:77:92:17:25:ac:1d:c7:c1:8e:5b:20:4c:26:80:ee:
7c:00:80:8e:88:b2:d4:61:69:15:df:83:46:45:b5:8c:02:a6:
04:d4:21:2c:2e:1d:fa:de:7c:fd:53:05:1f:22:e4:32:fe:f3:
f6:0d:8e:d7:a9:25:cb:98:8b:0f:7a:1d:34:7f:7f:2b:b2:f5:
cc:3b:99:2c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVuL8opyUox676KLDQNIjgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZmE0OGY0MGJjODQ1NDBjNDZiZDIzYmU5YjkwODk3YWEx
ODRmNGQwHhcNMjMwMTAxMTYzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTJkZTUyZjRiN2ZlYTNjYmEyMTQ4ODdkY2E5MmIxOWE0MjFhNTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCobV/vAH9tvHB+z3wC8A9josnMp
5WfpASO6UwUiVtDgk1kz/PAF6DY6MVHgqfdn5NUkeqtIKwF31+duzo7dghP66Ly2
7ugN8cl/qkAWBtSVYtN20wSUejWKPVO0sECmfVekZF6qN7rYN8DEcsKBfgdJg6MU
iw2vJvBwNLfsYCzabhZGhJNw3R5hx/5oxHFaZrnwo1RdWRwnemLqjU7HalHVYi8R
IKHsFfwB5SN257UbB5t2rTZCqxk/FwJ33Wja26Emu9123pD1LUMDxbUOTUR8vJH5
kVYdGdlZ3RAMAokh9J+Ya03qBw76PpUzAZv+HnWIon34JoLuwwGozlDaPQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFkt5S9Lf+o8uiFIh9ypKxmkIaVvMB8GA1UdIwQY
MBaAFIH6SPQLyEVAxGvSO+m5CJeqGE9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEt
OGU5M2NiNWM1MzU1LzEvV1MzbEwwdF82ank2SVVpSDNLa3JHYVFocFc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEtOGU5M2NiNWM1MzU1
LzEvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAXDQOAD
BADDQOQDBAHDQP4wDQQCAAIwBwMFACoCJUAwDQYJKoZIhvcNAQELBQADggEBABUX
6h2ggOx+qd94u5yqeRrSZVOou/VbvdUs2yZsgtXESweFiedXMUPMCpeIHqa2Au7B
bj5IxjW42tQBuFYwo9Q0ndu8lY0s8oUyu/nnCAsqjadcWBZP1eV0iLA2W9vRXkJ7
WT1a4l6dyaOARqnK9O3wJh0siVWLaUkXZAOrsN93+A0eC7KPQrTl79LryBB9UQil
/nsqXwRCcP58Tdc1HsBUijXLw7+71tNpiVVeL2m0rEcwE6F0D3eSFyWsHcfBjlsg
TCaA7nwAgI6IstRhaRXfg0ZFtYwCpgTUISwuHfrefP1TBR8i5DL+8/YNjtepJcuY
iw96HTR/fyuy9cw7mSw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:55 2023 by rpki-client on console-fra.rpki-client.org