Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/cc920d-8109-4119-b840-664ef0da8c30/1/WnYVck0OnPSJwMrguTurNlHMqP0.roa
File: WnYVck0OnPSJwMrguTurNlHMqP0.roa (raw, json)
Hash identifier: UT1lzpM6VvMYSGaP83hY1ExZGeuavbqH5NWrUvsQM/8=
Subject key identifier: 5A:76:15:72:4D:0E:9C:F4:89:C0:CA:E0:B9:3B:AB:36:51:CC:A8:FD
Certificate issuer: /CN=6aa34a4bac3bf7813cd2a66b4f45b9c786dd3542
Certificate serial: 01887271F92271F2A85BEF4A3FF11557A581
Authority key identifier: 6A:A3:4A:4B:AC:3B:F7:81:3C:D2:A6:6B:4F:45:B9:C7:86:DD:35:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aqNKS6w794E80qZrT0W5x4bdNUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/cc920d-8109-4119-b840-664ef0da8c30/1/WnYVck0OnPSJwMrguTurNlHMqP0.roa
Signing time: Wed 31 May 2023 15:34:11 +0000
ROA not before: Wed 31 May 2023 15:34:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59877
IP address blocks: 217.197.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:72:71:f9:22:71:f2:a8:5b:ef:4a:3f:f1:15:57:a5:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aa34a4bac3bf7813cd2a66b4f45b9c786dd3542
Validity
Not Before: May 31 15:34:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a7615724d0e9cf489c0cae0b93bab3651cca8fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bc:16:eb:42:7c:0e:a9:7f:c5:2e:73:76:8c:
1f:49:33:35:94:d9:c2:c3:36:c4:73:36:cf:7c:1b:
b3:c0:80:37:ed:13:a1:44:fb:b9:67:9f:d8:40:8e:
a1:33:bd:56:a6:b3:da:71:ba:4b:4c:87:43:d8:53:
f3:e8:c3:0d:e4:c2:2c:0e:7f:ae:a2:78:e2:0f:aa:
6e:7d:0d:e1:f4:29:ef:5b:45:0d:77:e4:45:8b:02:
db:05:91:f9:59:dc:fc:cf:0e:b9:6c:85:12:6b:35:
ab:0a:3e:7e:6a:ac:86:7c:fc:6f:88:96:e2:43:97:
6e:f3:ec:4d:5c:a3:ae:b0:6e:66:04:49:4d:49:68:
b1:be:83:3a:03:3d:47:ee:a1:29:16:09:48:7b:7f:
10:80:73:e7:fc:2a:3c:f6:ec:14:d5:a8:14:e1:8f:
6b:55:5f:63:a2:b5:48:f9:06:59:fb:f8:c6:c9:6d:
c6:90:35:24:ba:d3:50:3b:98:90:e2:26:27:63:4c:
19:cf:43:2c:0c:b6:e6:38:3a:a7:42:c3:f0:e3:31:
b6:31:d6:43:13:31:57:b0:ec:46:d9:69:41:8d:8c:
b8:b7:0d:91:af:0c:39:65:47:9b:ef:dc:a3:8d:56:
f5:a3:7a:3d:ff:0c:53:9d:b1:33:fd:b4:89:33:a4:
90:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:76:15:72:4D:0E:9C:F4:89:C0:CA:E0:B9:3B:AB:36:51:CC:A8:FD
X509v3 Authority Key Identifier:
keyid:6A:A3:4A:4B:AC:3B:F7:81:3C:D2:A6:6B:4F:45:B9:C7:86:DD:35:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqNKS6w794E80qZrT0W5x4bdNUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/cc920d-8109-4119-b840-664ef0da8c30/1/WnYVck0OnPSJwMrguTurNlHMqP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/cc920d-8109-4119-b840-664ef0da8c30/1/aqNKS6w794E80qZrT0W5x4bdNUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.108.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:eb:68:4e:0f:cd:53:e1:39:2f:7b:41:fe:f6:d4:e2:c7:51:
d5:60:98:43:dd:3c:ae:51:62:6a:46:6e:34:0e:3f:13:d0:78:
53:0d:cb:0b:99:f6:6f:ca:ba:71:54:f1:b1:f2:ae:44:03:7c:
10:8e:19:ac:a0:de:63:b1:d7:5d:9d:03:7f:29:f2:05:9f:c1:
b3:ce:04:1e:a0:65:aa:db:8f:b5:3e:fb:2a:9c:9a:a4:3c:e5:
c3:9b:8a:8a:58:98:c2:99:50:ec:2c:f9:67:c5:ce:ee:74:42:
29:dc:8d:21:af:e7:fa:9a:8b:a7:c7:ad:19:94:b2:c2:a2:00:
5d:43:97:5a:10:c5:79:56:d7:b2:cd:a2:2d:d7:75:cf:27:71:
97:5f:30:5a:30:59:8f:cb:71:c0:f7:34:1b:99:be:d1:25:6a:
05:91:7f:3a:74:ed:d4:bb:1d:26:45:fc:1f:e4:db:60:12:59:
23:83:c4:f2:6e:46:6d:b2:c6:61:2a:28:7f:04:91:f4:1c:52:
24:3f:bb:72:d5:2c:72:75:b6:fc:b8:2f:c5:94:72:06:76:f2:
67:da:79:40:29:9f:7d:9c:86:99:0b:4f:b5:5e:75:b0:81:72:
73:eb:8e:b8:1b:82:7f:86:c9:a5:21:17:3c:8f:09:c2:67:ee:
fb:c8:4c:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhycfkicfKoW+9KP/EVV6WBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYTM0YTRiYWMzYmY3ODEzY2QyYTY2YjRmNDViOWM3ODZk
ZDM1NDIwHhcNMjMwNTMxMTUzNDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTc2MTU3MjRkMGU5Y2Y0ODljMGNhZTBiOTNiYWIzNjUxY2NhOGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbwW60J8Dql/xS5zdowfSTM1lNnC
wzbEczbPfBuzwIA37ROhRPu5Z5/YQI6hM71WprPacbpLTIdD2FPz6MMN5MIsDn+u
onjiD6pufQ3h9CnvW0UNd+RFiwLbBZH5Wdz8zw65bIUSazWrCj5+aqyGfPxviJbi
Q5du8+xNXKOusG5mBElNSWixvoM6Az1H7qEpFglIe38QgHPn/Co89uwU1agU4Y9r
VV9jorVI+QZZ+/jGyW3GkDUkutNQO5iQ4iYnY0wZz0MsDLbmODqnQsPw4zG2MdZD
EzFXsOxG2WlBjYy4tw2Rrww5ZUeb79yjjVb1o3o9/wxTnbEz/bSJM6SQjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFp2FXJNDpz0icDK4Lk7qzZRzKj9MB8GA1UdIwQY
MBaAFGqjSkusO/eBPNKma09FuceG3TVCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFOS1M2dzc5NEU4MHFaclQwVzV4NGJkTlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9jYzkyMGQtODEwOS00MTE5LWI4NDAt
NjY0ZWYwZGE4YzMwLzEvV25ZVmNrME9uUFNKd01yZ3VUdXJObEhNcVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9jYzkyMGQtODEwOS00MTE5LWI4NDAtNjY0ZWYwZGE4YzMw
LzEvYXFOS1M2dzc5NEU4MHFaclQwVzV4NGJkTlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cVsMA0G
CSqGSIb3DQEBCwUAA4IBAQBe62hOD81T4Tkve0H+9tTix1HVYJhD3TyuUWJqRm40
Dj8T0HhTDcsLmfZvyrpxVPGx8q5EA3wQjhmsoN5jsdddnQN/KfIFn8GzzgQeoGWq
24+1PvsqnJqkPOXDm4qKWJjCmVDsLPlnxc7udEIp3I0hr+f6mounx60ZlLLCogBd
Q5daEMV5VteyzaIt13XPJ3GXXzBaMFmPy3HA9zQbmb7RJWoFkX86dO3Uux0mRfwf
5NtgElkjg8TybkZtssZhKih/BJH0HFIkP7ty1Sxydbb8uC/FlHIGdvJn2nlAKZ99
nIaZC0+1XnWwgXJz6464G4J/hsmlIRc8jwnCZ+77yExt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:03 2024 by rpki-client on console-ams.rpki-client.org