Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/WppZyD4JaUMiGlW6zv7-GZh_n3s.roa
File: WppZyD4JaUMiGlW6zv7-GZh_n3s.roa (raw, json)
Hash identifier: EMk+Hp8xK8n11PRsBtlqfWocVk5xqI6YzrcAdALpJQU=
Subject key identifier: 5A:9A:59:C8:3E:09:69:43:22:1A:55:BA:CE:FE:FE:19:98:7F:9F:7B
Certificate issuer: /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial: 018BF1C54E7258A2A248571FF8F9D886F97E
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/WppZyD4JaUMiGlW6zv7-GZh_n3s.roa
Signing time: Tue 21 Nov 2023 12:05:21 +0000
ROA not before: Tue 21 Nov 2023 12:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62261
IP address blocks: 194.85.28.0/24 maxlen: 24
194.85.28.0/23 maxlen: 23
194.85.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Nov 2023 13:36:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f1:c5:4e:72:58:a2:a2:48:57:1f:f8:f9:d8:86:f9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Validity
Not Before: Nov 21 12:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a9a59c83e096943221a55bacefefe19987f9f7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a6:3b:b1:4e:65:32:87:88:9c:36:37:74:73:
09:aa:3d:dc:c9:67:40:37:36:b4:fa:a0:b8:f2:06:
a2:11:98:ad:31:27:a3:ea:65:65:a9:7e:0c:1f:ab:
06:49:b0:dc:b6:50:fa:b4:ac:29:23:ee:f9:c3:c6:
92:a4:46:ae:18:be:32:12:19:05:70:d3:83:e1:89:
76:86:fd:36:ce:5b:07:fe:c2:71:2c:6c:9c:29:97:
f0:3b:1b:df:3e:ff:4e:43:78:4f:3a:b7:19:66:20:
bc:23:48:1b:d6:2e:cc:91:d9:bb:36:c5:d4:0c:e9:
0c:41:cf:c9:93:ac:17:03:63:65:f6:45:96:f0:6c:
2f:15:6e:22:50:81:ed:9f:a4:6d:80:db:73:b7:8e:
6f:9b:ba:79:ca:06:2a:f8:f5:0a:bc:69:3d:9a:45:
21:d7:0a:2b:76:61:a6:ff:fd:79:0a:2f:97:5e:4e:
49:b6:66:10:4b:7d:78:8f:d3:20:4e:0e:e2:26:2b:
c4:f1:44:e1:b8:0f:e6:2f:7e:3c:6a:cb:e2:46:14:
81:ad:83:77:27:c2:65:f9:5f:3b:fa:bd:e3:54:e7:
44:b6:b1:06:9d:36:06:5b:73:57:b8:07:b9:cf:ef:
8c:7c:65:cd:31:da:23:1e:58:69:3c:73:1c:48:a9:
c7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:9A:59:C8:3E:09:69:43:22:1A:55:BA:CE:FE:FE:19:98:7F:9F:7B
X509v3 Authority Key Identifier:
keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/WppZyD4JaUMiGlW6zv7-GZh_n3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.28.0/23
Signature Algorithm: sha256WithRSAEncryption
85:2d:3f:61:c0:ed:62:f4:8b:b0:b9:6e:42:15:0e:3f:ab:82:
bc:da:46:ba:28:0a:ed:91:69:14:58:93:e3:e4:42:87:5e:fe:
32:5c:79:eb:39:27:66:cb:47:69:50:35:33:7e:1f:dc:f9:ca:
f1:c4:5f:a5:07:3c:20:61:a0:76:7f:22:8e:e9:6c:72:74:a3:
c0:8c:fc:c6:34:42:67:35:75:2e:63:40:5a:1d:33:6b:a4:e0:
0f:9e:17:1b:41:ae:a8:e0:7f:e7:e5:a5:9b:4a:f0:91:2e:32:
d4:78:a1:51:7e:9e:2b:76:49:4c:ff:aa:b9:55:85:e4:dc:d7:
ab:d3:71:6d:12:d3:f1:82:d3:96:cd:50:48:81:61:7b:38:fa:
05:da:9c:d9:7a:d9:e4:3d:e5:a4:7a:a7:d7:39:ce:11:38:5a:
70:a8:4b:57:09:db:98:46:77:4b:f1:00:4c:ad:9d:6f:e1:3e:
19:8b:98:5a:c6:18:9b:1d:3d:78:09:72:04:31:f6:0f:16:b8:
ea:9f:1d:6b:1c:8c:cc:95:4d:22:4e:97:49:45:51:40:e7:62:
54:31:0b:04:79:b4:28:b9:71:76:e7:dc:3c:21:c9:f8:3d:53:
24:42:b1:e9:7e:18:a9:13:0e:c2:6b:b1:9f:45:7f:47:57:0a:
d9:4f:24:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvxxU5yWKKiSFcf+PnYhvl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjMxMTIxMTIwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTlhNTljODNlMDk2OTQzMjIxYTU1YmFjZWZlZmUxOTk4N2Y5ZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKY7sU5lMoeInDY3dHMJqj3cyWdA
Nza0+qC48gaiEZitMSej6mVlqX4MH6sGSbDctlD6tKwpI+75w8aSpEauGL4yEhkF
cNOD4Yl2hv02zlsH/sJxLGycKZfwOxvfPv9OQ3hPOrcZZiC8I0gb1i7Mkdm7NsXU
DOkMQc/Jk6wXA2Nl9kWW8GwvFW4iUIHtn6RtgNtzt45vm7p5ygYq+PUKvGk9mkUh
1wordmGm//15Ci+XXk5JtmYQS314j9MgTg7iJivE8UThuA/mL348asviRhSBrYN3
J8Jl+V87+r3jVOdEtrEGnTYGW3NXuAe5z++MfGXNMdojHlhpPHMcSKnHuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqaWcg+CWlDIhpVus7+/hmYf597MB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvV3BwWnlENEphVU1pR2xXNnp2Ny1HWmhfbjNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwlUcMA0G
CSqGSIb3DQEBCwUAA4IBAQCFLT9hwO1i9IuwuW5CFQ4/q4K82ka6KArtkWkUWJPj
5EKHXv4yXHnrOSdmy0dpUDUzfh/c+crxxF+lBzwgYaB2fyKO6WxydKPAjPzGNEJn
NXUuY0BaHTNrpOAPnhcbQa6o4H/n5aWbSvCRLjLUeKFRfp4rdklM/6q5VYXk3Ner
03FtEtPxgtOWzVBIgWF7OPoF2pzZetnkPeWkeqfXOc4ROFpwqEtXCduYRndL8QBM
rZ1v4T4Zi5haxhibHT14CXIEMfYPFrjqnx1rHIzMlU0iTpdJRVFA52JUMQsEebQo
uXF259w8Icn4PVMkQrHpfhipEw7Ca7GfRX9HVwrZTyTh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:51 2024 by rpki-client on console-fra.rpki-client.org