Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/6d38cc-c0f6-4018-b929-9b64c25156b9/1/WjqOeE8s5rS3FCCNdJjOFOY2LPQ.roa
File: WjqOeE8s5rS3FCCNdJjOFOY2LPQ.roa (raw, json)
Hash identifier: jC3CTjO4GpiNOHoQyozXDYw/+o/upAqQLEQEwXLJmCY=
Subject key identifier: 5A:3A:8E:78:4F:2C:E6:B4:B7:14:20:8D:74:98:CE:14:E6:36:2C:F4
Certificate issuer: /CN=744aea53ef60f8a8a9345e582982a9a59bc13767
Certificate serial: 01856C41371E95BF7172E1437AC15A6C4B7A
Authority key identifier: 74:4A:EA:53:EF:60:F8:A8:A9:34:5E:58:29:82:A9:A5:9B:C1:37:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dErqU-9g-KipNF5YKYKppZvBN2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/6d38cc-c0f6-4018-b929-9b64c25156b9/1/WjqOeE8s5rS3FCCNdJjOFOY2LPQ.roa
Signing time: Sun 01 Jan 2023 07:34:51 +0000
ROA not before: Sun 01 Jan 2023 07:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197301
IP address blocks: 194.62.168.0/22 maxlen: 23
80.71.128.0/20 maxlen: 21
2a01:7a80::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:37:1e:95:bf:71:72:e1:43:7a:c1:5a:6c:4b:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=744aea53ef60f8a8a9345e582982a9a59bc13767
Validity
Not Before: Jan 1 07:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a3a8e784f2ce6b4b714208d7498ce14e6362cf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c6:ae:5e:d6:69:c3:12:5f:0b:77:d0:92:99:
13:64:a0:90:18:3b:31:f2:f2:4c:95:02:1d:54:e2:
f9:44:6c:6d:a7:8e:49:ad:1f:41:43:62:bb:40:f3:
3a:06:cc:c1:50:e6:dc:78:e6:e8:cb:e2:76:63:81:
4f:fe:4e:0e:42:11:f7:dc:6f:8a:46:0b:c0:3b:d8:
2a:9d:4a:ad:33:f6:0b:0b:9f:53:79:fe:09:e4:4a:
57:c0:97:70:2e:b6:83:e8:21:95:6e:ca:ea:6c:d8:
74:0d:be:73:fc:3f:16:b6:19:fc:d9:dc:15:c4:fb:
b9:54:3b:9e:c0:15:14:33:4d:38:67:94:28:e2:76:
f6:f9:2b:74:f9:9d:b4:da:e0:d7:bd:6b:9a:70:c5:
78:28:f7:9d:bd:c4:fe:97:03:ba:d3:0d:4f:ee:f7:
45:ce:b1:f9:d6:44:4f:73:b0:6e:18:de:38:60:22:
2f:2d:dd:0b:f4:04:b9:a3:f9:ac:1c:5d:ae:81:8c:
0b:1d:c8:81:0f:3c:c2:a7:5b:4c:ba:e2:ad:18:08:
e0:5e:57:ff:9f:43:0e:06:1c:ae:96:f7:7d:1c:17:
e3:d7:15:1e:1e:09:04:0b:2f:41:a4:67:03:c1:10:
19:b5:d7:65:59:f0:23:40:91:fe:3c:ce:2d:95:07:
e0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:3A:8E:78:4F:2C:E6:B4:B7:14:20:8D:74:98:CE:14:E6:36:2C:F4
X509v3 Authority Key Identifier:
keyid:74:4A:EA:53:EF:60:F8:A8:A9:34:5E:58:29:82:A9:A5:9B:C1:37:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dErqU-9g-KipNF5YKYKppZvBN2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/6d38cc-c0f6-4018-b929-9b64c25156b9/1/WjqOeE8s5rS3FCCNdJjOFOY2LPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/6d38cc-c0f6-4018-b929-9b64c25156b9/1/dErqU-9g-KipNF5YKYKppZvBN2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.128.0/20
194.62.168.0/22
IPv6:
2a01:7a80::/29
Signature Algorithm: sha256WithRSAEncryption
6d:18:69:ca:37:75:1f:0c:1b:1b:f2:62:8e:26:93:7b:5c:ff:
78:26:04:9f:a2:eb:6c:dc:7d:1b:86:ce:19:2b:a3:b3:5c:06:
ce:d1:78:6e:ce:d9:e7:18:90:45:b4:ff:50:59:a4:83:36:a3:
86:b5:3f:dd:e3:bc:df:3a:97:38:60:17:fd:47:c8:2c:f7:4c:
19:1c:df:41:2d:3d:58:16:3d:af:e7:28:9a:7d:d9:6d:f5:fe:
2b:b0:b3:69:06:80:11:32:f1:8b:a7:53:e0:f2:20:3f:98:10:
92:50:0a:80:04:d2:55:9b:da:a3:d8:63:30:c3:43:ca:58:b3:
eb:c0:49:d6:16:59:cd:c0:5a:b5:bc:f7:6e:a0:ee:73:9b:0b:
9f:63:03:be:87:e4:dc:15:ec:6d:63:c8:be:ee:c2:8c:95:24:
66:b0:37:fe:73:29:41:cd:9e:b3:0e:66:e5:be:41:78:fb:a9:
73:b7:c2:1e:d9:20:4d:a2:f1:07:d3:bd:91:9b:c6:13:ed:8c:
4f:1b:d8:0e:c9:aa:17:7d:4a:7e:29:88:6e:c2:d9:f1:a9:67:
e9:7b:cd:0c:c7:ab:86:0e:f6:47:2e:66:cd:ce:99:b2:e5:45:
a8:57:31:27:2a:1e:dc:de:dd:5a:d8:63:ad:8c:63:6a:64:7e:
d9:78:a9:4a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsQTcelb9xcuFDesFabEt6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NGFlYTUzZWY2MGY4YThhOTM0NWU1ODI5ODJhOWE1OWJj
MTM3NjcwHhcNMjMwMTAxMDczNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTNhOGU3ODRmMmNlNmI0YjcxNDIwOGQ3NDk4Y2UxNGU2MzYyY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsauXtZpwxJfC3fQkpkTZKCQGDsx
8vJMlQIdVOL5RGxtp45JrR9BQ2K7QPM6BszBUObceOboy+J2Y4FP/k4OQhH33G+K
RgvAO9gqnUqtM/YLC59Tef4J5EpXwJdwLraD6CGVbsrqbNh0Db5z/D8Wthn82dwV
xPu5VDuewBUUM004Z5Qo4nb2+St0+Z202uDXvWuacMV4KPedvcT+lwO60w1P7vdF
zrH51kRPc7BuGN44YCIvLd0L9AS5o/msHF2ugYwLHciBDzzCp1tMuuKtGAjgXlf/
n0MOBhyulvd9HBfj1xUeHgkECy9BpGcDwRAZtddlWfAjQJH+PM4tlQfg8wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFo6jnhPLOa0txQgjXSYzhTmNiz0MB8GA1UdIwQY
MBaAFHRK6lPvYPioqTReWCmCqaWbwTdnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEVycVUtOWctS2lwTkY1WUtZS3BwWnZCTjJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy82ZDM4Y2MtYzBmNi00MDE4LWI5Mjkt
OWI2NGMyNTE1NmI5LzEvV2pxT2VFOHM1clMzRkNDTmRKak9GT1kyTFBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy82ZDM4Y2MtYzBmNi00MDE4LWI5MjktOWI2NGMyNTE1NmI5
LzEvZEVycVUtOWctS2lwTkY1WUtZS3BwWnZCTjJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUEeAAwQC
wj6oMA0EAgACMAcDBQMqAXqAMA0GCSqGSIb3DQEBCwUAA4IBAQBtGGnKN3UfDBsb
8mKOJpN7XP94JgSfouts3H0bhs4ZK6OzXAbO0XhuztnnGJBFtP9QWaSDNqOGtT/d
47zfOpc4YBf9R8gs90wZHN9BLT1YFj2v5yiafdlt9f4rsLNpBoARMvGLp1Pg8iA/
mBCSUAqABNJVm9qj2GMww0PKWLPrwEnWFlnNwFq1vPduoO5zmwufYwO+h+TcFext
Y8i+7sKMlSRmsDf+cylBzZ6zDmblvkF4+6lzt8Ie2SBNovEH072Rm8YT7YxPG9gO
yaoXfUp+KYhuwtnxqWfpe80Mx6uGDvZHLmbNzpmy5UWoVzEnKh7c3t1a2GOtjGNq
ZH7ZeKlK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:15 2024 by rpki-client on console-fra.rpki-client.org