Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/Wr-Z7tj1Kb67GJoyxJREd8bX5UI.roa
File: Wr-Z7tj1Kb67GJoyxJREd8bX5UI.roa (raw, json)
Hash identifier: dSl/oCQYTyW45LnhhTEJaFGfmDyxndm+33/6dcvS7Ho=
Subject key identifier: 5A:BF:99:EE:D8:F5:29:BE:BB:18:9A:32:C4:94:44:77:C6:D7:E5:42
Certificate issuer: /CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Certificate serial: 01856EAFA4F34A73A22101688A191EFC8521
Authority key identifier: A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/Wr-Z7tj1Kb67GJoyxJREd8bX5UI.roa
Signing time: Sun 01 Jan 2023 18:54:42 +0000
ROA not before: Sun 01 Jan 2023 18:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198213
IP address blocks: 109.202.124.0/24 maxlen: 24
109.202.121.0/24 maxlen: 24
109.202.123.0/24 maxlen: 24
109.202.120.0/24 maxlen: 24
109.202.125.0/24 maxlen: 24
109.202.122.0/24 maxlen: 24
109.202.127.0/24 maxlen: 24
109.202.126.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:a4:f3:4a:73:a2:21:01:68:8a:19:1e:fc:85:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Validity
Not Before: Jan 1 18:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5abf99eed8f529bebb189a32c4944477c6d7e542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b1:35:f1:da:22:51:01:19:53:bc:5d:01:40:
bd:d1:45:00:90:bb:36:20:4a:f6:30:3e:88:2d:39:
a1:ae:b0:10:b7:1c:37:d2:fc:5a:66:a5:cf:2b:bd:
ed:18:ca:fb:6f:77:85:9e:24:1b:c4:6b:11:2a:05:
9d:84:0c:b9:74:89:f7:d6:35:c9:f4:74:b8:84:61:
ea:0b:7c:0f:d8:ed:42:f4:6a:ec:8f:32:f7:d6:2d:
83:77:06:41:f1:50:16:9b:c2:54:ff:ff:a3:1b:78:
78:23:b3:fa:29:6c:9f:81:5d:47:8a:78:34:52:49:
4e:64:c1:15:2b:fd:f1:ec:46:e5:08:d8:69:48:28:
13:09:b8:63:a4:46:96:ef:b6:87:21:48:86:be:af:
63:63:b7:1d:6c:a3:5f:30:15:21:9b:90:31:1f:24:
44:65:5e:f4:48:35:17:73:cc:44:ab:a2:54:d4:55:
f9:7f:e0:c4:84:ad:fa:cf:99:f6:e4:e0:e1:ce:eb:
84:3c:d9:ed:28:ad:15:ae:45:75:78:50:e8:4d:1b:
60:09:77:c5:50:aa:25:c0:54:e4:32:1b:79:99:94:
55:cd:1e:ce:aa:9d:77:ae:40:20:81:2a:cf:09:9b:
dc:55:81:37:cb:fe:6f:00:c4:c1:c6:eb:c5:d7:a6:
ca:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:BF:99:EE:D8:F5:29:BE:BB:18:9A:32:C4:94:44:77:C6:D7:E5:42
X509v3 Authority Key Identifier:
keyid:A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/Wr-Z7tj1Kb67GJoyxJREd8bX5UI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/pH9wjDSl5x2vPS5UuZq3Twae-As.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.120.0/21
Signature Algorithm: sha256WithRSAEncryption
19:47:51:bf:f7:a5:da:19:8d:d1:d3:54:a0:a4:ba:f1:fa:50:
37:07:5b:01:df:c2:b5:05:d3:2b:31:7a:47:30:8e:a4:d3:4c:
0b:cc:bf:72:16:3c:fd:cb:b6:08:7b:0b:35:fb:fe:a1:d3:db:
34:81:0a:e0:01:5b:5d:4d:99:ba:23:e7:10:a2:c6:36:dd:e8:
60:9b:ad:ac:18:87:26:2b:ea:10:6f:02:71:2d:02:68:e1:d3:
fb:a7:e5:f4:2d:6f:0e:4a:5b:f6:e6:32:99:1a:89:97:9b:88:
85:ba:b8:9a:7b:b5:c2:a8:a6:f1:63:b7:f6:81:12:46:d3:a8:
4e:59:70:52:96:84:f2:0f:1d:fa:7c:a5:83:10:21:0c:32:e9:
2c:9c:53:29:d1:c6:63:22:b8:0c:e5:d2:57:43:42:06:64:03:
43:d5:9e:3d:72:a5:42:a1:77:a5:90:21:0a:cf:2f:b6:48:e5:
2c:ee:ce:3b:61:6d:36:3f:bd:62:d2:cf:73:e6:99:65:b2:4c:
b9:dd:d3:21:f8:72:e5:10:80:1d:37:a9:b6:50:f9:95:52:08:
27:ff:ad:c5:e4:eb:9e:d8:ff:f4:e2:90:31:d4:07:98:b3:bb:
a3:0f:67:f3:69:ce:b3:04:d7:71:0d:a7:fc:26:61:07:5a:07:
d7:55:ee:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur6TzSnOiIQFoihke/IUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0N2Y3MDhjMzRhNWU3MWRhZjNkMmU1NGI5OWFiNzRmMDY5
ZWY4MGIwHhcNMjMwMTAxMTg1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWJmOTllZWQ4ZjUyOWJlYmIxODlhMzJjNDk0NDQ3N2M2ZDdlNTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7E18doiUQEZU7xdAUC90UUAkLs2
IEr2MD6ILTmhrrAQtxw30vxaZqXPK73tGMr7b3eFniQbxGsRKgWdhAy5dIn31jXJ
9HS4hGHqC3wP2O1C9GrsjzL31i2DdwZB8VAWm8JU//+jG3h4I7P6KWyfgV1Hing0
UklOZMEVK/3x7EblCNhpSCgTCbhjpEaW77aHIUiGvq9jY7cdbKNfMBUhm5AxHyRE
ZV70SDUXc8xEq6JU1FX5f+DEhK36z5n25ODhzuuEPNntKK0VrkV1eFDoTRtgCXfF
UKolwFTkMht5mZRVzR7Oqp13rkAggSrPCZvcVYE3y/5vAMTBxuvF16bKWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFq/me7Y9Sm+uxiaMsSURHfG1+VCMB8GA1UdIwQY
MBaAFKR/cIw0pecdrz0uVLmat08GnvgLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMt
NmIyN2ZmMjI1N2M2LzEvV3ItWjd0ajFLYjY3R0pveXhKUkVkOGJYNVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMtNmIyN2ZmMjI1N2M2
LzEvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbcp4MA0G
CSqGSIb3DQEBCwUAA4IBAQAZR1G/96XaGY3R01SgpLrx+lA3B1sB38K1BdMrMXpH
MI6k00wLzL9yFjz9y7YIews1+/6h09s0gQrgAVtdTZm6I+cQosY23ehgm62sGIcm
K+oQbwJxLQJo4dP7p+X0LW8OSlv25jKZGomXm4iFuriae7XCqKbxY7f2gRJG06hO
WXBSloTyDx36fKWDECEMMuksnFMp0cZjIrgM5dJXQ0IGZAND1Z49cqVCoXelkCEK
zy+2SOUs7s47YW02P71i0s9z5pllsky53dMh+HLlEIAdN6m2UPmVUggn/63F5Oue
2P/04pAx1AeYs7ujD2fzac6zBNdxDaf8JmEHWgfXVe41
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:26 2024 by rpki-client on console-fra.rpki-client.org