Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/wjfB9MW4ynSLkKhMTsPAzqIMBTs.roa
File: wjfB9MW4ynSLkKhMTsPAzqIMBTs.roa (raw, json)
Hash identifier: gn+IKDMM/jP2X0HOoATcpM7fMc1y6F/OkSuBurA11+k=
Subject key identifier: C2:37:C1:F4:C5:B8:CA:74:8B:90:A8:4C:4E:C3:C0:CE:A2:0C:05:3B
Certificate issuer: /CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Certificate serial: 01856C813FDECAD96B73B86FE7C4EBEC86C1
Authority key identifier: 88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/wjfB9MW4ynSLkKhMTsPAzqIMBTs.roa
Signing time: Sun 01 Jan 2023 08:44:47 +0000
ROA not before: Sun 01 Jan 2023 08:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197000
IP address blocks: 193.0.9.0/24 maxlen: 24
2001:67c:e0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:81:3f:de:ca:d9:6b:73:b8:6f:e7:c4:eb:ec:86:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Validity
Not Before: Jan 1 08:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c237c1f4c5b8ca748b90a84c4ec3c0cea20c053b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:72:d6:d2:88:ca:2c:f3:89:65:59:12:97:6b:
07:ff:4d:8f:e7:b9:66:ec:d3:d9:fa:e2:a1:0e:1e:
b8:c0:fd:2f:aa:f0:30:73:57:83:5d:7f:85:eb:6f:
97:0b:f4:3e:4d:73:93:9a:91:81:25:72:8a:90:03:
35:83:90:80:1a:61:45:20:62:ce:f8:40:fa:9e:61:
27:df:64:51:58:b9:f6:ff:95:1c:74:51:08:7b:13:
e5:41:f9:b0:a6:7d:70:f1:e6:be:bd:ea:7d:93:82:
ca:4b:21:ef:02:89:39:1c:de:a2:a0:7f:8d:ae:96:
45:b2:67:6d:b0:fd:50:0a:0f:cd:9c:f1:80:1b:78:
e4:7d:00:75:33:b8:e9:aa:e1:71:fc:cc:8f:eb:9a:
fb:4b:20:ac:5c:2c:13:c7:5a:d7:cc:b7:3d:58:8b:
dc:a1:b3:63:36:2f:44:2d:8d:97:ec:06:11:12:44:
b2:e0:fb:3d:a0:9b:3e:53:46:0a:de:d6:1e:d8:46:
38:31:40:c5:57:ff:b8:21:2a:fd:f1:e5:3e:c6:b6:
76:68:85:d4:39:78:b8:1c:93:b1:6b:75:6d:4a:e3:
94:a9:11:63:70:5f:22:b5:36:a6:fb:f5:f1:af:2e:
05:d1:10:8c:61:33:ad:c9:53:c7:ae:fe:06:84:d9:
00:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:37:C1:F4:C5:B8:CA:74:8B:90:A8:4C:4E:C3:C0:CE:A2:0C:05:3B
X509v3 Authority Key Identifier:
keyid:88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/wjfB9MW4ynSLkKhMTsPAzqIMBTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.9.0/24
IPv6:
2001:67c:e0::/48
Signature Algorithm: sha256WithRSAEncryption
31:f6:74:7e:9e:7e:24:7f:ab:b3:75:78:3e:17:26:81:a6:9b:
24:0a:3f:55:ba:26:04:7e:43:2a:44:ed:6c:3d:e9:3d:b9:44:
91:cd:e5:9f:2a:f0:27:66:8b:41:45:5d:6f:63:4f:5b:9b:a3:
c0:0c:c2:63:11:43:72:e8:25:f4:82:c8:c8:0f:8b:75:ec:a5:
d8:9d:9a:ee:dc:25:2a:a9:41:22:dd:46:e2:17:61:35:b0:36:
89:24:4c:15:ec:d5:d0:6b:7e:61:2a:b5:42:a0:a5:00:86:36:
29:34:cc:d3:e5:b2:72:e7:bc:3a:0b:e3:16:42:b7:59:26:ac:
55:7e:4b:93:d1:35:50:42:a7:09:54:a3:6e:b1:a8:c5:d2:ad:
e8:e2:35:05:86:41:4c:4f:22:98:22:ef:ba:2f:09:5c:b4:4d:
a4:dd:eb:fd:75:55:1b:bc:bd:0e:d5:39:84:77:52:34:f6:e9:
f0:89:e0:cc:14:d6:96:3f:ce:42:69:fe:e5:ca:f1:31:90:61:
37:95:c8:1c:3c:1e:b0:83:86:f2:d1:d9:04:d6:12:3d:64:2a:
41:f6:bc:c4:00:9a:b0:68:60:b4:8c:08:3b:bd:ef:43:a2:2d:
30:6a:52:6e:8b:c1:fe:ae:53:67:12:ce:ea:49:6d:5e:6d:29:
48:61:aa:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsgT/eytlrc7hv58Tr7IbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTdhYWZlYzYxYzNhNmIwMjRiNmE5ZjU0ZmZiNzY0Y2Ez
ZGY5MjIwHhcNMjMwMTAxMDg0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjM3YzFmNGM1YjhjYTc0OGI5MGE4NGM0ZWMzYzBjZWEyMGMwNTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHLW0ojKLPOJZVkSl2sH/02P57lm
7NPZ+uKhDh64wP0vqvAwc1eDXX+F62+XC/Q+TXOTmpGBJXKKkAM1g5CAGmFFIGLO
+ED6nmEn32RRWLn2/5UcdFEIexPlQfmwpn1w8ea+vep9k4LKSyHvAok5HN6ioH+N
rpZFsmdtsP1QCg/NnPGAG3jkfQB1M7jpquFx/MyP65r7SyCsXCwTx1rXzLc9WIvc
obNjNi9ELY2X7AYREkSy4Ps9oJs+U0YK3tYe2EY4MUDFV/+4ISr98eU+xrZ2aIXU
OXi4HJOxa3VtSuOUqRFjcF8itTam+/Xxry4F0RCMYTOtyVPHrv4GhNkA+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMI3wfTFuMp0i5CoTE7DwM6iDAU7MB8GA1UdIwQY
MBaAFIgXqv7GHDprAktqn1T/t2TKPfkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0Mjkt
ZTY2MzY5NjQ5NDExLzEvd2pmQjlNVzR5blNMa0toTVRzUEF6cUlNQlRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0MjktZTY2MzY5NjQ5NDEx
LzEvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwQAJMA8E
AgACMAkDBwAgAQZ8AOAwDQYJKoZIhvcNAQELBQADggEBADH2dH6efiR/q7N1eD4X
JoGmmyQKP1W6JgR+QypE7Ww96T25RJHN5Z8q8Cdmi0FFXW9jT1ubo8AMwmMRQ3Lo
JfSCyMgPi3Xspdidmu7cJSqpQSLdRuIXYTWwNokkTBXs1dBrfmEqtUKgpQCGNik0
zNPlsnLnvDoL4xZCt1kmrFV+S5PRNVBCpwlUo26xqMXSrejiNQWGQUxPIpgi77ov
CVy0TaTd6/11VRu8vQ7VOYR3UjT26fCJ4MwU1pY/zkJp/uXK8TGQYTeVyBw8HrCD
hvLR2QTWEj1kKkH2vMQAmrBoYLSMCDu970OiLTBqUm6Lwf6uU2cSzupJbV5tKUhh
qvg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:34 2024 by rpki-client on console-ams.rpki-client.org