Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/WS1I5F3tfVRefUOCCZS0zMys8pw.roa
File: WS1I5F3tfVRefUOCCZS0zMys8pw.roa (raw, json)
Hash identifier: XvfvmXsajGJCjetXfhgprpx/Rlg9PZwrmpDaP494WRw=
Subject key identifier: 59:2D:48:E4:5D:ED:7D:54:5E:7D:43:82:09:94:B4:CC:CC:AC:F2:9C
Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506
Certificate serial: 018CC4930724F1B17D841CED32A6FED323C4
Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/WS1I5F3tfVRefUOCCZS0zMys8pw.roa
Signing time: Mon 01 Jan 2024 10:30:19 +0000
ROA not before: Mon 01 Jan 2024 10:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1764
IP address blocks: 2a03:e600::/32 maxlen: 32
2001:678:c1c::/48 maxlen: 48
2a01:190::/29 maxlen: 32
2a04:9300::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 06 May 2024 17:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:07:24:f1:b1:7d:84:1c:ed:32:a6:fe:d3:23:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506
Validity
Not Before: Jan 1 10:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=592d48e45ded7d545e7d43820994b4ccccacf29c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5d:bb:d9:e9:ff:c9:b3:1f:55:d8:3d:83:6d:
ec:69:db:7f:cc:38:80:ae:00:08:e3:f7:8f:d6:26:
7f:97:a6:77:8b:7e:0e:59:bb:85:4c:86:69:ce:1a:
f7:c0:bb:c8:79:a7:ca:e1:0e:09:d8:a2:2f:df:8f:
6f:56:fc:a4:53:be:2c:89:ed:f0:8b:a7:19:2c:ae:
1e:e1:b7:6e:14:f1:e9:3b:22:55:e7:79:e4:23:16:
75:65:9f:13:c1:82:80:bf:99:00:67:7a:9b:62:d6:
6a:f9:6b:64:65:2e:9e:dd:36:d6:7d:21:76:45:28:
10:f2:00:42:f2:67:32:51:54:ab:c0:71:34:1e:5a:
b5:61:05:b5:64:79:b3:98:cc:b6:29:37:9e:b9:e9:
b1:f0:98:36:1b:2b:4d:74:5a:8f:37:71:50:54:1d:
23:3e:1e:d7:aa:1c:8c:8b:77:49:ae:f7:d2:26:5e:
90:33:cf:0d:bf:5c:49:a0:f5:65:d6:67:01:95:71:
d8:9a:36:8c:bc:cb:d8:e8:5f:ca:9f:ae:26:54:3c:
a8:e5:24:b0:d8:cf:ad:74:de:b0:ab:26:d8:f1:ee:
af:0c:e2:ff:76:54:10:55:22:9d:de:5f:7c:28:92:
95:f5:98:88:ee:2f:f0:87:63:b7:f5:31:2c:60:43:
c6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:2D:48:E4:5D:ED:7D:54:5E:7D:43:82:09:94:B4:CC:CC:AC:F2:9C
X509v3 Authority Key Identifier:
keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/WS1I5F3tfVRefUOCCZS0zMys8pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c1c::/48
2a01:190::/29
2a03:e600::/32
2a04:9300::/29
Signature Algorithm: sha256WithRSAEncryption
81:b3:95:75:6f:f3:56:16:15:ca:87:dd:9d:f7:a9:6f:80:71:
c8:f7:88:52:e8:7a:fd:be:ff:ad:9f:b9:68:29:32:a0:23:51:
13:dd:45:67:d3:7a:10:23:24:65:d3:48:7b:62:ce:92:5c:b4:
f4:18:ac:67:a8:8c:b3:32:e8:d7:9b:5f:f2:fb:c4:ea:e3:7a:
a0:ee:60:a7:4b:1b:71:56:0f:29:d0:02:d6:dd:a7:c2:c2:b3:
6b:3c:67:2b:25:2d:9f:a1:0d:a5:32:2b:39:00:b9:3a:95:da:
06:90:5d:ce:33:15:a7:7e:ad:4b:a8:cd:2f:34:d0:5a:84:95:
f1:4d:fe:2e:fa:3d:6f:e4:0d:b6:a8:cf:76:fc:a8:69:3b:e0:
0b:6f:76:7e:e7:53:49:d9:4a:60:d8:15:11:26:95:f5:d2:b3:
5d:f0:92:e5:43:4e:37:59:19:f5:7d:c0:86:6f:73:0a:ae:02:
a0:cc:61:d6:63:1e:82:13:4a:1e:66:90:1f:d1:8e:6b:88:85:
9f:b7:de:fc:51:25:d7:e7:ce:85:bc:ef:f5:62:ad:8b:d3:5f:
39:f8:70:41:89:57:8b:ab:ed:27:c4:25:f4:4c:d2:57:0e:d4:
21:dc:30:0e:07:cf:bd:5b:f9:e5:d5:08:97:d8:af:88:91:4c:
27:d7:52:af
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEkwck8bF9hBztMqb+0yPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NzNkODQ5YjdkNTA0NzM3NmQ1N2U2Zjc5NmYwMDE4Yjcw
YjQ1MDYwHhcNMjQwMTAxMTAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTJkNDhlNDVkZWQ3ZDU0NWU3ZDQzODIwOTk0YjRjY2NjYWNmMjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1272en/ybMfVdg9g23sadt/zDiA
rgAI4/eP1iZ/l6Z3i34OWbuFTIZpzhr3wLvIeafK4Q4J2KIv349vVvykU74sie3w
i6cZLK4e4bduFPHpOyJV53nkIxZ1ZZ8TwYKAv5kAZ3qbYtZq+WtkZS6e3TbWfSF2
RSgQ8gBC8mcyUVSrwHE0Hlq1YQW1ZHmzmMy2KTeeuemx8Jg2GytNdFqPN3FQVB0j
Ph7XqhyMi3dJrvfSJl6QM88Nv1xJoPVl1mcBlXHYmjaMvMvY6F/Kn64mVDyo5SSw
2M+tdN6wqybY8e6vDOL/dlQQVSKd3l98KJKV9ZiI7i/wh2O39TEsYEPGpwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFktSORd7X1UXn1DggmUtMzMrPKcMB8GA1UdIwQY
MBaAFNZz2Em31QRzdtV+b3lvABi3C0UGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgt
OGVlYjc1N2NmNTQ1LzEvV1MxSTVGM3RmVlJlZlVPQ0NaUzB6TXlzOHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgtOGVlYjc1N2NmNTQ1
LzEvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwcAIAEGeAwc
AwUDKgEBkAMFACoD5gADBQMqBJMAMA0GCSqGSIb3DQEBCwUAA4IBAQCBs5V1b/NW
FhXKh92d96lvgHHI94hS6Hr9vv+tn7loKTKgI1ET3UVn03oQIyRl00h7Ys6SXLT0
GKxnqIyzMujXm1/y+8Tq43qg7mCnSxtxVg8p0ALW3afCwrNrPGcrJS2foQ2lMis5
ALk6ldoGkF3OMxWnfq1LqM0vNNBahJXxTf4u+j1v5A22qM92/KhpO+ALb3Z+51NJ
2Upg2BURJpX10rNd8JLlQ043WRn1fcCGb3MKrgKgzGHWYx6CE0oeZpAf0Y5riIWf
t978USXX586FvO/1Yq2L0185+HBBiVeLq+0nxCX0TNJXDtQh3DAOB8+9W/nl1QiX
2K+IkUwn11Kv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:14 2024 by rpki-client on console-ams.rpki-client.org