Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/WjfggSH-k5Ayh8hlyaLHlyTUlvw.roa
File: WjfggSH-k5Ayh8hlyaLHlyTUlvw.roa (raw, json)
Hash identifier: 8bBjqUlYL4O3VVWQNzZSK95sBycqi+sV4iURX4Q5KgE=
Subject key identifier: 5A:37:E0:81:21:FE:93:90:32:87:C8:65:C9:A2:C7:97:24:D4:96:FC
Certificate issuer: /CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Certificate serial: 01856FD51070E38C346D90E24BEF387BA882
Authority key identifier: 81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/WjfggSH-k5Ayh8hlyaLHlyTUlvw.roa
Signing time: Mon 02 Jan 2023 00:15:12 +0000
ROA not before: Mon 02 Jan 2023 00:15:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64475
IP address blocks: 2a0f:3786:80::/41 maxlen: 48
2a0f:3786:10::/44 maxlen: 44
2a0f:3786:20::/44 maxlen: 44
2a0f:3786::/40 maxlen: 40
2a0f:3785::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Mar 2023 22:04:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:10:70:e3:8c:34:6d:90:e2:4b:ef:38:7b:a8:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Validity
Not Before: Jan 2 00:15:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a37e08121fe93903287c865c9a2c79724d496fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f6:60:24:10:1a:a0:b3:dc:ce:ce:d1:a9:dc:
50:90:91:fb:82:93:d2:a8:a3:ba:dd:f7:47:7b:05:
2e:93:6c:25:33:7a:78:95:7b:aa:58:ca:c5:2a:89:
06:6d:dc:9c:d4:93:75:26:6c:47:3a:68:1a:1a:8e:
66:24:1b:f0:05:8f:1d:16:01:8f:b5:e9:55:d6:12:
2e:1e:ac:fe:6e:e7:95:41:89:a0:d8:ea:91:9f:91:
47:af:6a:f9:5a:78:26:83:57:c7:6b:1b:1f:ea:35:
18:87:09:2b:bc:57:f8:da:da:cf:38:48:9c:9f:ac:
00:2a:98:4a:48:cc:dc:17:f0:99:dd:c5:ba:03:9a:
22:b8:22:d6:f2:b5:54:5b:aa:2e:1e:77:b4:5f:39:
a2:51:79:03:2e:af:67:c4:37:cf:38:c4:7e:66:cd:
58:cb:ee:69:0f:eb:c5:3b:f7:99:e0:2f:df:28:55:
18:e7:0e:4f:e3:35:f6:73:72:a2:45:3c:90:50:0d:
ba:d6:1a:21:a6:a6:ed:4c:f4:a2:70:80:57:c8:a1:
2b:9d:32:17:02:23:ee:91:b3:b8:91:ea:fa:b8:87:
8d:2e:2e:32:59:84:1a:ff:ee:7c:4b:69:80:e6:b2:
e5:0d:7f:fa:34:f9:45:e9:dd:c2:1a:42:e1:b3:24:
8b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:37:E0:81:21:FE:93:90:32:87:C8:65:C9:A2:C7:97:24:D4:96:FC
X509v3 Authority Key Identifier:
keyid:81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/WjfggSH-k5Ayh8hlyaLHlyTUlvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/gTPYnAaoocydvDYiAffsVZ1_3Ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3785::-2a0f:3786:ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
74:16:49:15:95:76:c1:74:f3:01:69:ca:cf:b8:77:b8:15:dd:
71:34:e8:c9:84:81:4b:21:2f:d8:a8:42:96:dd:65:ab:6b:67:
b4:2b:8b:6f:32:f9:0b:a2:81:a4:dc:67:ba:3d:02:98:f1:fe:
77:26:42:23:38:1c:9d:05:24:97:29:dd:1c:1b:1d:34:52:56:
26:89:4c:a0:17:ea:a6:1e:a9:43:a7:64:a1:78:c4:c1:1d:cb:
d5:24:f3:ed:a7:69:fe:4b:69:41:f6:af:5b:2a:32:1c:11:39:
24:af:32:72:70:94:c5:d1:d5:0c:eb:c8:f0:11:d9:c1:f8:22:
79:b8:d4:3b:bd:69:27:b2:de:e8:b5:89:fb:93:81:ab:9e:3f:
9e:04:f0:1c:72:ed:80:df:a6:f5:0f:44:fa:02:14:2d:51:9e:
d1:f2:ad:49:1c:50:ac:e9:47:10:a0:8e:b3:00:c2:68:f3:cf:
36:44:7f:9e:9a:82:46:2e:a4:ec:00:66:45:fd:69:bf:f6:2a:
1b:03:e4:07:f7:6b:71:89:52:8c:08:d4:b0:77:9e:45:5a:0a:
57:96:49:d8:32:c7:60:0c:a2:9b:48:48:d3:8f:e5:3c:83:6b:
e6:aa:f6:04:b5:9b:26:aa:76:21:49:8b:48:b6:8b:c8:29:0c:
b6:3f:01:87
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVv1RBw44w0bZDiS+84e6iCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMzNkODljMDZhOGExY2M5ZGJjMzYyMjAxZjdlYzU1OWQ3
ZmRkNDgwHhcNMjMwMTAyMDAxNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTM3ZTA4MTIxZmU5MzkwMzI4N2M4NjVjOWEyYzc5NzI0ZDQ5NmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfZgJBAaoLPczs7RqdxQkJH7gpPS
qKO63fdHewUuk2wlM3p4lXuqWMrFKokGbdyc1JN1JmxHOmgaGo5mJBvwBY8dFgGP
telV1hIuHqz+bueVQYmg2OqRn5FHr2r5Wngmg1fHaxsf6jUYhwkrvFf42trPOEic
n6wAKphKSMzcF/CZ3cW6A5oiuCLW8rVUW6ouHne0XzmiUXkDLq9nxDfPOMR+Zs1Y
y+5pD+vFO/eZ4C/fKFUY5w5P4zX2c3KiRTyQUA261hohpqbtTPSicIBXyKErnTIX
AiPukbO4ker6uIeNLi4yWYQa/+58S2mA5rLlDX/6NPlF6d3CGkLhsySLkwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFFo34IEh/pOQMofIZcmix5ck1Jb8MB8GA1UdIwQY
MBaAFIEz2JwGqKHMnbw2IgH37FWdf91IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEt
YzVmZWJlNDg3YzQwLzEvV2pmZ2dTSC1rNUF5aDhobHlhTEhseVRVbHZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEtYzVmZWJlNDg3YzQw
LzEvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARMA8DBQAqDzeF
AwYAKg83hgAwDQYJKoZIhvcNAQELBQADggEBAHQWSRWVdsF08wFpys+4d7gV3XE0
6MmEgUshL9ioQpbdZatrZ7Qri28y+QuigaTcZ7o9Apjx/ncmQiM4HJ0FJJcp3Rwb
HTRSViaJTKAX6qYeqUOnZKF4xMEdy9Uk8+2naf5LaUH2r1sqMhwROSSvMnJwlMXR
1QzryPAR2cH4Inm41Du9aSey3ui1ifuTgaueP54E8Bxy7YDfpvUPRPoCFC1RntHy
rUkcUKzpRxCgjrMAwmjzzzZEf56agkYupOwAZkX9ab/2KhsD5Af3a3GJUowI1LB3
nkVaCleWSdgyx2AMoptISNOP5TyDa+aq9gS1myaqdiFJi0i2i8gpDLY/AYc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:11 2024 by rpki-client on console-ams.rpki-client.org