Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/wgSgPWF5j1_JYi9SFDfflevNm7w.roa
File: wgSgPWF5j1_JYi9SFDfflevNm7w.roa (raw, json)
Hash identifier: o3sYTdAa6KPxuBGlCFDCYe6ytg81yp4+YrfdAngbdOU=
Subject key identifier: C2:04:A0:3D:61:79:8F:5F:C9:62:2F:52:14:37:DF:95:EB:CD:9B:BC
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 018570F09A00C693BD0AAAAFCA2923CD5A30
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/wgSgPWF5j1_JYi9SFDfflevNm7w.roa
Signing time: Mon 02 Jan 2023 05:24:54 +0000
ROA not before: Mon 02 Jan 2023 05:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 91.132.114.0/23 maxlen: 32
103.53.82.0/23 maxlen: 32
193.28.237.0/24 maxlen: 32
103.240.180.0/22 maxlen: 32
45.114.8.0/22 maxlen: 32
193.19.206.0/24 maxlen: 32
193.28.182.0/24 maxlen: 32
193.28.191.0/24 maxlen: 32
193.28.202.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:9a:00:c6:93:bd:0a:aa:af:ca:29:23:cd:5a:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Jan 2 05:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c204a03d61798f5fc9622f521437df95ebcd9bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e3:d2:a0:f2:38:07:0d:0d:4b:c3:0d:ed:ef:
28:6c:21:af:82:f6:f2:31:b0:13:8c:78:59:68:db:
88:c9:84:b2:58:71:6f:6f:c7:c4:af:e7:65:10:c4:
1b:d1:4a:cd:77:5a:9a:87:9c:b4:01:c7:c1:67:9d:
f1:d8:cc:2b:c6:7a:ba:f9:b2:85:b8:56:88:01:8b:
01:c8:c0:6e:c3:75:56:84:4a:cb:88:c5:fb:94:ee:
c1:21:f6:60:72:29:a4:86:3a:64:5c:00:27:7c:ab:
57:9d:9d:d5:7a:7c:6c:ca:6d:c4:14:f9:47:8f:d2:
ea:e4:ca:a8:79:5c:64:a9:ec:5e:9a:9c:b0:15:bc:
2c:9e:ad:22:2d:37:11:fd:dd:5d:01:10:9b:ce:d3:
70:35:a7:ba:a8:b9:3a:bc:44:24:d3:bb:e1:18:7d:
d8:c1:44:21:e7:25:47:e7:ad:14:2c:b7:a7:18:cc:
a4:ae:bb:c3:81:4e:96:3c:b2:35:e3:b6:c7:81:cd:
ad:e6:aa:4e:68:3e:f8:a7:ba:0e:61:0b:a1:5f:a1:
89:54:85:59:d3:29:e8:92:da:10:b0:4f:09:8f:f6:
88:a9:51:aa:63:8c:bc:89:95:43:44:46:d3:d8:93:
b7:d3:56:28:c2:0f:52:85:2a:2d:bb:a9:53:b1:b2:
66:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:04:A0:3D:61:79:8F:5F:C9:62:2F:52:14:37:DF:95:EB:CD:9B:BC
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/wgSgPWF5j1_JYi9SFDfflevNm7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.114.8.0/22
91.132.114.0/23
103.53.82.0/23
103.240.180.0/22
193.19.206.0/24
193.28.182.0/24
193.28.191.0/24
193.28.202.0/24
193.28.237.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:eb:f0:d6:66:af:13:ac:a3:37:ef:06:be:07:f3:d9:45:c1:
83:8c:e4:41:84:c1:41:5b:e8:bf:57:7d:fd:1b:3e:94:e4:e8:
8f:4a:bf:2f:af:ab:78:a3:76:d9:6d:48:9b:dd:2a:db:c0:e5:
3c:a9:2b:2e:5d:fd:95:55:99:3f:ae:c3:f3:e8:a6:81:a4:11:
14:8b:49:c7:8a:a9:1c:44:67:7f:a6:38:55:38:55:82:18:39:
b3:8d:d5:f3:5e:8e:f1:07:3b:67:ac:bd:89:d0:d3:36:fd:12:
e1:1e:ee:2d:c5:3e:78:64:ef:6a:7f:7d:1d:61:29:19:aa:87:
92:f9:a7:f3:4a:35:b8:07:00:82:27:8b:98:87:6c:68:bb:c0:
8e:c6:34:87:50:29:e6:a7:51:da:47:99:56:c0:43:df:8a:85:
d1:d9:c9:af:87:d2:73:34:5a:c0:42:ed:15:93:a4:59:96:3b:
a8:ad:69:2a:82:fd:6f:3e:99:3c:7e:fd:81:aa:6a:32:72:8f:
34:4a:09:84:48:f9:73:cc:93:e2:6b:cd:5c:6f:b0:90:7e:0d:
0e:19:d1:aa:11:3b:00:62:6e:3f:aa:06:c0:7d:a2:86:16:4f:
14:2b:ce:42:65:85:95:da:8e:aa:b5:ac:bd:98:a6:73:e6:aa:
e0:4e:06:d6
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVw8JoAxpO9CqqvyikjzVowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjMwMTAyMDUyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjA0YTAzZDYxNzk4ZjVmYzk2MjJmNTIxNDM3ZGY5NWViY2Q5YmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtePSoPI4Bw0NS8MN7e8obCGvgvby
MbATjHhZaNuIyYSyWHFvb8fEr+dlEMQb0UrNd1qah5y0AcfBZ53x2Mwrxnq6+bKF
uFaIAYsByMBuw3VWhErLiMX7lO7BIfZgcimkhjpkXAAnfKtXnZ3Venxsym3EFPlH
j9Lq5MqoeVxkqexempywFbwsnq0iLTcR/d1dARCbztNwNae6qLk6vEQk07vhGH3Y
wUQh5yVH560ULLenGMykrrvDgU6WPLI147bHgc2t5qpOaD74p7oOYQuhX6GJVIVZ
0ynoktoQsE8Jj/aIqVGqY4y8iZVDREbT2JO301Yowg9ShSotu6lTsbJmQQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMIEoD1heY9fyWIvUhQ335XrzZu8MB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvd2dTZ1BXRjVqMV9KWWk5U0ZEZmZsZXZObTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLXIIAwQB
W4RyAwQBZzVSAwQCZ/C0AwQAwRPOAwQAwRy2AwQAwRy/AwQAwRzKAwQAwRztMA0G
CSqGSIb3DQEBCwUAA4IBAQCg6/DWZq8TrKM37wa+B/PZRcGDjORBhMFBW+i/V339
Gz6U5OiPSr8vr6t4o3bZbUib3SrbwOU8qSsuXf2VVZk/rsPz6KaBpBEUi0nHiqkc
RGd/pjhVOFWCGDmzjdXzXo7xBztnrL2J0NM2/RLhHu4txT54ZO9qf30dYSkZqoeS
+afzSjW4BwCCJ4uYh2xou8COxjSHUCnmp1HaR5lWwEPfioXR2cmvh9JzNFrAQu0V
k6RZljuorWkqgv1vPpk8fv2Bqmoyco80SgmESPlzzJPia81cb7CQfg0OGdGqETsA
Ym4/qgbAfaKGFk8UK85CZYWV2o6qtay9mKZz5qrgTgbW
Generated at Fri Oct 27 08:17:57 2023 by rpki-client on console-fra.rpki-client.org