Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/WMXG2l7xjXzYoP4apfHVNRQ2las.roa
File: WMXG2l7xjXzYoP4apfHVNRQ2las.roa (raw, json)
Hash identifier: IuiGoUAZpirdH9RxbEuBmGEUfmyJtQmhTpxvFziD8MI=
Subject key identifier: 58:C5:C6:DA:5E:F1:8D:7C:D8:A0:FE:1A:A5:F1:D5:35:14:36:95:AB
Certificate issuer: /CN=41763db1ed334a7c5280ab9854742914ae0c4c52
Certificate serial: 0185718317DD27B5BD637755B568551441DF
Authority key identifier: 41:76:3D:B1:ED:33:4A:7C:52:80:AB:98:54:74:29:14:AE:0C:4C:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXY9se0zSnxSgKuYVHQpFK4MTFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/WMXG2l7xjXzYoP4apfHVNRQ2las.roa
Signing time: Mon 02 Jan 2023 08:04:54 +0000
ROA not before: Mon 02 Jan 2023 08:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9121
IP address blocks: 195.142.244.0/24 maxlen: 24
195.142.245.0/24 maxlen: 24
195.142.246.0/24 maxlen: 24
195.142.247.0/24 maxlen: 24
195.142.200.0/24 maxlen: 24
195.142.201.0/24 maxlen: 24
195.142.202.0/24 maxlen: 24
195.142.203.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:17:dd:27:b5:bd:63:77:55:b5:68:55:14:41:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41763db1ed334a7c5280ab9854742914ae0c4c52
Validity
Not Before: Jan 2 08:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58c5c6da5ef18d7cd8a0fe1aa5f1d535143695ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c8:aa:99:d6:78:26:b0:8a:f0:c4:b4:34:57:
1f:7f:d9:fd:8b:b9:d0:00:a4:36:64:05:42:76:92:
58:14:2d:d3:da:41:38:62:26:8e:28:0e:dc:4a:db:
7c:db:ae:94:46:b3:ef:ae:c8:ae:6b:1c:be:1f:5f:
c4:3f:72:17:3b:09:67:64:56:59:6a:bb:fe:86:88:
b7:5f:3c:03:4a:89:60:a9:90:25:21:3b:58:ca:29:
d4:07:4a:78:12:c4:90:10:bd:1a:33:6d:ad:b3:70:
b3:32:c1:95:ea:df:5b:0d:7c:0b:95:06:a6:7a:fa:
bc:8b:ff:0a:06:4a:24:30:22:d9:5f:6f:46:b0:72:
cc:4a:34:dd:f2:4d:9f:30:8a:89:69:eb:c0:95:4c:
06:35:00:25:47:55:c4:03:90:12:41:6f:a1:71:b2:
1d:64:25:11:c2:2b:a0:90:0e:4e:a8:77:8a:f0:da:
ae:7f:f7:25:da:7b:14:0c:1c:a2:b4:7b:21:18:09:
90:b0:33:8e:fa:f7:9e:21:25:79:13:dd:c3:6b:e6:
19:f0:35:39:14:c8:8f:7d:ae:5e:3f:ca:7f:59:84:
53:65:3a:71:fb:f3:f6:ad:07:31:d2:52:75:5f:d0:
4f:b6:f4:b3:a8:75:39:1a:23:4c:ab:0c:85:12:b2:
df:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:C5:C6:DA:5E:F1:8D:7C:D8:A0:FE:1A:A5:F1:D5:35:14:36:95:AB
X509v3 Authority Key Identifier:
keyid:41:76:3D:B1:ED:33:4A:7C:52:80:AB:98:54:74:29:14:AE:0C:4C:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXY9se0zSnxSgKuYVHQpFK4MTFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/WMXG2l7xjXzYoP4apfHVNRQ2las.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/QXY9se0zSnxSgKuYVHQpFK4MTFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.142.200.0/22
195.142.244.0/22
Signature Algorithm: sha256WithRSAEncryption
54:a3:83:13:5f:3f:80:3c:1d:d9:b5:06:10:27:b0:5a:03:63:
83:14:d6:7f:dd:83:de:c2:90:1b:f1:7f:43:75:ca:c7:d8:6f:
4b:47:fa:0e:bd:c7:00:a5:98:5f:2e:fb:6b:b3:f7:f6:52:64:
d3:a2:32:d0:4e:6d:df:8c:ab:77:b6:8d:e8:b3:d0:63:a7:1c:
27:3a:28:bc:24:d0:e8:87:5c:c8:71:0b:1b:59:ee:a2:c3:69:
a1:b6:64:ce:b8:40:e6:c2:0c:d7:66:d9:f9:09:14:e7:19:72:
ce:aa:b6:bb:a0:ba:ad:fb:e5:e5:a9:00:0e:bb:0e:39:89:93:
20:4f:1c:2e:87:42:11:db:f5:d7:98:89:47:d0:6d:3e:33:8c:
80:b9:ed:b1:b0:65:58:89:8f:21:6c:b2:14:69:0d:13:05:0c:
1b:2e:0a:4c:c0:ce:fb:a3:59:aa:21:2b:df:4e:07:df:08:d2:
fc:83:1d:15:ad:1d:39:38:bf:3f:dd:44:bf:b3:08:b9:b4:f5:
e6:6b:09:66:d7:9f:48:65:59:b0:f5:43:6e:c5:a7:96:57:03:
21:e0:7d:5f:3b:ad:6f:43:32:d3:04:93:57:47:fe:2c:ff:98:
0b:d4:8a:05:e7:c6:b2:6e:c6:a7:35:8f:a7:cd:25:3c:dd:b0:
de:ba:70:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxgxfdJ7W9Y3dVtWhVFEHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzYzZGIxZWQzMzRhN2M1MjgwYWI5ODU0NzQyOTE0YWUw
YzRjNTIwHhcNMjMwMTAyMDgwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGM1YzZkYTVlZjE4ZDdjZDhhMGZlMWFhNWYxZDUzNTE0MzY5NWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmciqmdZ4JrCK8MS0NFcff9n9i7nQ
AKQ2ZAVCdpJYFC3T2kE4YiaOKA7cStt8266URrPvrsiuaxy+H1/EP3IXOwlnZFZZ
arv+hoi3XzwDSolgqZAlITtYyinUB0p4EsSQEL0aM22ts3CzMsGV6t9bDXwLlQam
evq8i/8KBkokMCLZX29GsHLMSjTd8k2fMIqJaevAlUwGNQAlR1XEA5ASQW+hcbId
ZCURwiugkA5OqHeK8Nquf/cl2nsUDByitHshGAmQsDOO+veeISV5E93Da+YZ8DU5
FMiPfa5eP8p/WYRTZTpx+/P2rQcx0lJ1X9BPtvSzqHU5GiNMqwyFErLf/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFjFxtpe8Y182KD+GqXx1TUUNpWrMB8GA1UdIwQY
MBaAFEF2PbHtM0p8UoCrmFR0KRSuDExSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhZOXNlMHpTbnhTZ0t1WVZIUXBGSzRNVEZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lZmQwOTQtNGJjMC00YWQwLWFiYTMt
NDljOTVlZWFjODEyLzEvV01YRzJsN3hqWHpZb1A0YXBmSFZOUlEybGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lZmQwOTQtNGJjMC00YWQwLWFiYTMtNDljOTVlZWFjODEy
LzEvUVhZOXNlMHpTbnhTZ0t1WVZIUXBGSzRNVEZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw47IAwQC
w470MA0GCSqGSIb3DQEBCwUAA4IBAQBUo4MTXz+APB3ZtQYQJ7BaA2ODFNZ/3YPe
wpAb8X9DdcrH2G9LR/oOvccApZhfLvtrs/f2UmTTojLQTm3fjKt3to3os9Bjpxwn
Oii8JNDoh1zIcQsbWe6iw2mhtmTOuEDmwgzXZtn5CRTnGXLOqra7oLqt++XlqQAO
uw45iZMgTxwuh0IR2/XXmIlH0G0+M4yAue2xsGVYiY8hbLIUaQ0TBQwbLgpMwM77
o1mqISvfTgffCNL8gx0VrR05OL8/3US/swi5tPXmawlm159IZVmw9UNuxaeWVwMh
4H1fO61vQzLTBJNXR/4s/5gL1IoF58aybsanNY+nzSU83bDeunDA
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:58 2024 by rpki-client on console-ams.rpki-client.org