Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/W2cDWCmj0MUd28R4JCbUpj4ORFU.roa
File: W2cDWCmj0MUd28R4JCbUpj4ORFU.roa (raw, json)
Hash identifier: O+PLI/QPmItVqyBybW8I5Sr3QBdUpOhjUl6pENZiulk=
Subject key identifier: 5B:67:03:58:29:A3:D0:C5:1D:DB:C4:78:24:26:D4:A6:3E:0E:44:55
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 018780D3904B1FD57FE7C66E607DB7C5A843
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/W2cDWCmj0MUd28R4JCbUpj4ORFU.roa
Signing time: Fri 14 Apr 2023 17:32:41 +0000
ROA not before: Fri 14 Apr 2023 17:32:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34700
IP address blocks: 31.202.192.0/18 maxlen: 18
31.202.0.0/17 maxlen: 17
46.160.88.0/21 maxlen: 21
178.165.0.0/17 maxlen: 18
31.202.128.0/18 maxlen: 18
185.147.96.0/22 maxlen: 22
5.255.160.0/20 maxlen: 20
79.171.120.0/21 maxlen: 21
2a00:1210::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:d3:90:4b:1f:d5:7f:e7:c6:6e:60:7d:b7:c5:a8:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Apr 14 17:32:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b67035829a3d0c51ddbc4782426d4a63e0e4455
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:23:24:82:1f:30:d7:58:17:2d:2d:d6:13:26:
a6:d5:ee:40:07:5b:0b:0d:4c:44:b9:b5:89:b1:1b:
bf:94:02:49:5e:c9:03:72:37:e7:3e:39:d1:81:80:
cd:e7:c0:d4:2c:83:1f:aa:ce:e1:b6:87:d5:5d:6a:
7d:63:1e:0d:b7:2d:c3:77:8b:60:91:cc:9c:fd:22:
a9:3a:b4:d1:b6:3c:a3:c3:c1:dc:1f:6d:4e:ca:d1:
53:93:6e:38:a3:ab:b6:46:44:ea:9d:23:68:84:e1:
4a:14:3c:e8:3a:ea:9d:0c:cf:37:b8:4f:3c:f0:12:
10:28:e1:c8:b7:db:34:f0:c6:c2:58:94:74:7b:a3:
6d:41:30:de:c0:1a:c9:e9:ce:36:c9:48:7f:96:e4:
4d:b1:1a:47:73:f8:84:36:85:78:0d:8c:d8:b3:62:
fa:7f:eb:d6:af:a9:82:dc:66:91:0c:67:32:e7:81:
e2:c7:f8:dc:16:5f:3d:1a:ac:96:67:52:1e:03:a1:
dc:00:bc:1e:1f:fa:28:07:7d:6f:de:42:29:02:eb:
3b:7b:2f:5e:49:b7:21:26:62:03:10:96:5a:05:d8:
e6:f8:bb:e3:f2:a1:08:50:de:c8:d6:23:d3:97:eb:
da:4d:39:a3:97:ec:e7:06:96:bc:7c:9e:7a:7b:f9:
b8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:67:03:58:29:A3:D0:C5:1D:DB:C4:78:24:26:D4:A6:3E:0E:44:55
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/W2cDWCmj0MUd28R4JCbUpj4ORFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.160.0/20
31.202.0.0/16
46.160.88.0/21
79.171.120.0/21
178.165.0.0/17
185.147.96.0/22
IPv6:
2a00:1210::/32
Signature Algorithm: sha256WithRSAEncryption
45:7f:52:a7:f3:8d:68:36:cc:36:d9:8b:0c:be:8a:87:e9:24:
d7:ec:c7:b9:9d:ab:02:bf:b1:b8:72:16:3a:a6:22:51:d3:08:
f4:10:b8:9e:0c:b1:53:92:6f:84:ac:f5:3c:aa:b6:f6:a3:f4:
16:49:77:41:80:e3:b1:67:53:4d:dd:d5:94:a7:68:1e:3b:e1:
3a:52:a7:6c:85:4b:f8:73:e5:a2:67:b7:4b:bf:45:b8:c2:5d:
f8:47:e3:2f:82:5e:60:59:33:96:4f:b6:da:68:c3:89:2d:3a:
aa:8c:77:00:a9:fd:66:b8:78:ba:7b:6a:d2:99:9e:c3:ee:a0:
5c:24:0a:90:7d:b7:dd:51:a3:12:40:14:6f:0f:ec:08:1d:ca:
60:46:90:28:0a:e6:c5:0a:13:be:86:e4:ca:30:79:7c:72:6d:
21:6b:4e:37:42:c6:17:69:88:07:3f:ac:12:4f:66:28:b9:9b:
c2:8e:ee:75:64:c2:35:7d:f3:1b:92:c7:43:79:80:1a:d0:b3:
ec:67:b9:43:f5:68:79:db:c3:62:56:d8:00:8c:dc:e8:62:8e:
8a:72:a1:80:a6:2b:55:64:9c:b5:fe:83:cc:af:5d:74:d0:0d:
d5:e8:55:78:52:90:ae:b2:88:c6:46:fb:83:f2:48:e7:51:5d:
66:d3:b1:84
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYeA05BLH9V/58ZuYH23xahDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2E5YjE3NDVhNWE3MGMzYmY3YmNjMmMyZWUxNjY0NjBh
ZmY3YTgwHhcNMjMwNDE0MTczMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjY3MDM1ODI5YTNkMGM1MWRkYmM0NzgyNDI2ZDRhNjNlMGU0NDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCMkgh8w11gXLS3WEyam1e5AB1sL
DUxEubWJsRu/lAJJXskDcjfnPjnRgYDN58DULIMfqs7htofVXWp9Yx4Nty3Dd4tg
kcyc/SKpOrTRtjyjw8HcH21OytFTk244o6u2RkTqnSNohOFKFDzoOuqdDM83uE88
8BIQKOHIt9s08MbCWJR0e6NtQTDewBrJ6c42yUh/luRNsRpHc/iENoV4DYzYs2L6
f+vWr6mC3GaRDGcy54Hix/jcFl89GqyWZ1IeA6HcALweH/ooB31v3kIpAus7ey9e
SbchJmIDEJZaBdjm+Lvj8qEIUN7I1iPTl+vaTTmjl+znBpa8fJ56e/m4TQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFFtnA1gpo9DFHdvEeCQm1KY+DkRVMB8GA1UdIwQY
MBaAFK56mxdFpacMO/e8wsLuFmRgr/eoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMt
Y2M5YTc1OGM5OTE2LzEvVzJjRFdDbWowTVVkMjhSNEpDYlVwajRPUkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMtY2M5YTc1OGM5OTE2
LzEvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQEBf+gAwMA
H8oDBAMuoFgDBANPq3gDBAeypQADBAK5k2AwDQQCAAIwBwMFACoAEhAwDQYJKoZI
hvcNAQELBQADggEBAEV/UqfzjWg2zDbZiwy+iofpJNfsx7mdqwK/sbhyFjqmIlHT
CPQQuJ4MsVOSb4Ss9Tyqtvaj9BZJd0GA47FnU03d1ZSnaB474TpSp2yFS/hz5aJn
t0u/RbjCXfhH4y+CXmBZM5ZPttpow4ktOqqMdwCp/Wa4eLp7atKZnsPuoFwkCpB9
t91RoxJAFG8P7AgdymBGkCgK5sUKE76G5MoweXxybSFrTjdCxhdpiAc/rBJPZii5
m8KO7nVkwjV98xuSx0N5gBrQs+xnuUP1aHnbw2JW2ACM3OhijopyoYCmK1VknLX+
g8yvXXTQDdXoVXhSkK6yiMZG+4PySOdRXWbTsYQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:59 2023 by rpki-client on console-fra.rpki-client.org