Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/wBHvJxROGuZrT5Plv8ckGvYEcfw.roa
File: wBHvJxROGuZrT5Plv8ckGvYEcfw.roa (raw, json)
Hash identifier: W62ny2nCrfnWxOuZsjDBVjlm32PW8xITotq8MKEP5I8=
Subject key identifier: C0:11:EF:27:14:4E:1A:E6:6B:4F:93:E5:BF:C7:24:1A:F6:04:71:FC
Certificate issuer: /CN=894928a39627cd5ee5f975bd897c2d775ab29940
Certificate serial: 01856C5CA30F3B2D3CE1F6F2D41B74E516F5
Authority key identifier: 89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/wBHvJxROGuZrT5Plv8ckGvYEcfw.roa
Signing time: Sun 01 Jan 2023 08:04:48 +0000
ROA not before: Sun 01 Jan 2023 08:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203970
IP address blocks: 139.15.0.0/20 maxlen: 24
185.112.176.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:a3:0f:3b:2d:3c:e1:f6:f2:d4:1b:74:e5:16:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=894928a39627cd5ee5f975bd897c2d775ab29940
Validity
Not Before: Jan 1 08:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c011ef27144e1ae66b4f93e5bfc7241af60471fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e5:c8:01:9d:20:47:66:a5:71:b5:48:1f:90:
e8:24:20:bc:2d:cd:c9:db:a3:16:50:9c:36:8b:fd:
e4:fb:94:33:dd:84:6b:77:30:11:6a:6f:0b:30:7f:
60:0d:f4:34:4d:f7:fc:3f:99:c0:19:70:de:59:09:
e7:34:4b:23:c5:39:f2:83:d1:ea:ed:2c:f0:b3:2f:
d5:2c:13:71:5a:dd:22:1b:c1:ee:79:f8:cc:fe:4d:
51:5a:2f:c8:1d:ff:09:ba:d0:23:14:22:b4:da:d3:
80:eb:ec:7a:28:bb:cd:c3:8f:fd:37:21:cd:a7:a8:
fa:16:a7:cd:5a:2f:ad:74:00:ce:23:ea:ba:15:4b:
0e:a0:d4:d8:0f:99:18:25:f6:76:e1:70:95:6b:63:
ca:fe:08:05:8a:2f:1f:95:ed:a5:2e:9a:48:58:c7:
fd:d6:9d:e8:d7:b1:1a:6c:86:78:83:fb:b3:21:39:
23:63:d9:70:f7:f8:5f:78:d2:06:59:af:1f:1a:58:
b7:ac:74:b9:97:6c:66:39:a8:de:06:ea:90:4e:92:
f6:41:e7:08:ec:66:38:94:b4:4f:28:8f:48:33:d2:
4c:eb:d5:86:8c:32:bf:33:18:ad:f3:34:57:f5:75:
46:bc:70:92:61:32:45:21:d7:b8:a4:88:26:66:f6:
a0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:11:EF:27:14:4E:1A:E6:6B:4F:93:E5:BF:C7:24:1A:F6:04:71:FC
X509v3 Authority Key Identifier:
keyid:89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/wBHvJxROGuZrT5Plv8ckGvYEcfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.15.0.0/20
185.112.176.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:64:41:dc:b5:68:19:66:96:1c:1c:45:3a:67:66:04:15:78:
b4:2c:4e:ad:e0:ba:e6:11:88:58:cb:b7:4c:99:46:de:ee:09:
cb:9b:11:8e:1e:b3:40:4e:cf:93:98:d2:c1:0e:62:fa:6e:56:
a6:d4:27:12:a6:58:8f:29:42:4b:99:7c:d0:36:1d:4d:1d:82:
92:70:67:71:2a:e3:3c:31:42:10:aa:c2:c6:24:26:ad:c1:c5:
24:9e:63:04:c6:d0:93:cd:25:91:2e:fe:bb:99:39:fc:e7:1b:
55:c5:84:25:2f:24:fa:7e:17:44:64:1e:6f:09:dd:8e:07:91:
3b:d1:0d:74:81:05:c5:0d:3d:3b:f1:78:7a:43:2f:80:d0:e8:
05:53:ad:36:e4:d6:ae:f7:2c:6f:74:dc:4f:32:6b:16:80:36:
d0:e7:d6:c5:a3:2b:a3:8d:45:c3:c5:53:18:33:a8:af:1a:a4:
4d:d5:56:d0:a8:bb:8d:a7:9e:49:75:fa:a0:41:5d:64:fa:e2:
a5:2f:9f:8a:25:05:52:78:f0:6b:44:65:4e:f7:48:61:ab:c7:
2b:81:84:84:74:a3:6b:31:42:85:a4:60:43:df:16:f5:67:c6:
21:e4:87:c6:68:11:85:cc:bd:4b:a8:22:92:e1:86:e3:73:54:
53:e5:a6:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsXKMPOy084fby1Bt05Rb1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NDkyOGEzOTYyN2NkNWVlNWY5NzViZDg5N2MyZDc3NWFi
Mjk5NDAwHhcNMjMwMTAxMDgwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDExZWYyNzE0NGUxYWU2NmI0ZjkzZTViZmM3MjQxYWY2MDQ3MWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuXIAZ0gR2alcbVIH5DoJCC8Lc3J
26MWUJw2i/3k+5Qz3YRrdzARam8LMH9gDfQ0Tff8P5nAGXDeWQnnNEsjxTnyg9Hq
7Szwsy/VLBNxWt0iG8HuefjM/k1RWi/IHf8JutAjFCK02tOA6+x6KLvNw4/9NyHN
p6j6FqfNWi+tdADOI+q6FUsOoNTYD5kYJfZ24XCVa2PK/ggFii8fle2lLppIWMf9
1p3o17EabIZ4g/uzITkjY9lw9/hfeNIGWa8fGli3rHS5l2xmOajeBuqQTpL2QecI
7GY4lLRPKI9IM9JM69WGjDK/Mxit8zRX9XVGvHCSYTJFIde4pIgmZvag0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMAR7ycUThrma0+T5b/HJBr2BHH8MB8GA1UdIwQY
MBaAFIlJKKOWJ81e5fl1vYl8LXdasplAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEt
MTU5M2Q0MDQ1Y2JjLzEvd0JIdkp4Uk9HdVpyVDVQbHY4Y2tHdllFY2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEtMTU5M2Q0MDQ1Y2Jj
LzEvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEiw8AAwQC
uXCwMA0GCSqGSIb3DQEBCwUAA4IBAQBtZEHctWgZZpYcHEU6Z2YEFXi0LE6t4Lrm
EYhYy7dMmUbe7gnLmxGOHrNATs+TmNLBDmL6blam1CcSpliPKUJLmXzQNh1NHYKS
cGdxKuM8MUIQqsLGJCatwcUknmMExtCTzSWRLv67mTn85xtVxYQlLyT6fhdEZB5v
Cd2OB5E70Q10gQXFDT078Xh6Qy+A0OgFU6025Nau9yxvdNxPMmsWgDbQ59bFoyuj
jUXDxVMYM6ivGqRN1VbQqLuNp55JdfqgQV1k+uKlL5+KJQVSePBrRGVO90hhq8cr
gYSEdKNrMUKFpGBD3xb1Z8Yh5IfGaBGFzL1LqCKS4Ybjc1RT5aZb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:06 2024 by rpki-client on console-fra.rpki-client.org