Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/wgxRRGVcoxN5WvbQpNxNmP8ui1o.roa
File: wgxRRGVcoxN5WvbQpNxNmP8ui1o.roa (raw, json)
Hash identifier: UjDJFnq7Q0hbiJSuPDdmsQoYRNNzxHoYVqCIx1/Xsj4=
Subject key identifier: C2:0C:51:44:65:5C:A3:13:79:5A:F6:D0:A4:DC:4D:98:FF:2E:8B:5A
Certificate issuer: /CN=2793bde946ae936d3cacc136a5f3239edf2431f4
Certificate serial: 018C933D940A4AE77B7BDE9EE0F6F7475796
Authority key identifier: 27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/wgxRRGVcoxN5WvbQpNxNmP8ui1o.roa
Signing time: Fri 22 Dec 2023 20:35:35 +0000
ROA not before: Fri 22 Dec 2023 20:35:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.188.253.0/24 maxlen: 24
91.188.254.0/24 maxlen: 24
91.188.255.0/24 maxlen: 24
81.31.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:93:3d:94:0a:4a:e7:7b:7b:de:9e:e0:f6:f7:47:57:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2793bde946ae936d3cacc136a5f3239edf2431f4
Validity
Not Before: Dec 22 20:35:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c20c5144655ca313795af6d0a4dc4d98ff2e8b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9d:38:11:80:47:89:d1:7d:24:c4:ea:26:94:
28:a7:26:48:7f:60:18:32:e8:1f:ef:23:e3:4c:38:
b0:3c:a0:f9:69:9e:3c:5d:e0:05:7c:8d:31:c0:77:
a9:36:e2:91:f7:69:01:f1:1f:a8:5e:a3:5b:34:78:
e7:d2:80:d0:28:9f:a7:82:1b:3f:c3:72:85:8a:0d:
44:e2:e8:2c:62:4f:9d:08:b1:e6:cf:d2:d0:37:db:
e9:e2:f0:a1:d0:d8:6d:13:b0:65:99:c8:7a:0c:11:
5e:c3:0b:57:fa:05:3d:51:03:34:41:55:da:c9:69:
cf:66:4f:e5:20:64:77:b1:33:33:25:08:1e:9f:01:
a0:53:60:70:9f:e9:6e:e0:e1:2d:f3:7d:c1:21:5a:
df:6b:5f:00:9c:f2:bb:6f:a5:b4:40:18:21:74:2a:
8d:b6:fd:4b:b2:04:97:7d:ff:77:27:17:37:e3:fc:
55:ee:c5:af:3d:ca:74:09:79:ba:98:4d:60:e5:d9:
c6:68:a8:7c:74:bd:42:60:ea:70:3c:04:8b:3d:3b:
ea:ac:55:a8:83:e4:62:33:ac:8a:b5:ae:1e:9a:38:
73:3e:ef:6f:4b:9b:6e:d7:0b:a6:a3:98:09:cd:a6:
8e:60:36:4c:d2:f7:7a:0b:a5:68:d8:00:ac:9a:fa:
f0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:0C:51:44:65:5C:A3:13:79:5A:F6:D0:A4:DC:4D:98:FF:2E:8B:5A
X509v3 Authority Key Identifier:
keyid:27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/wgxRRGVcoxN5WvbQpNxNmP8ui1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/J5O96Uauk208rME2pfMjnt8kMfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.198.0/24
91.188.253.0-91.188.255.255
Signature Algorithm: sha256WithRSAEncryption
95:e2:42:33:5b:30:d8:16:dc:09:a3:4b:d1:64:16:46:6a:12:
b0:80:8f:76:6a:dd:76:b1:48:34:3f:63:c4:1d:bd:56:f1:23:
92:5c:a6:f8:f5:6f:ac:13:2f:7f:9c:87:de:45:e8:14:d3:65:
52:de:18:29:0f:1f:df:91:6f:66:ed:7c:7e:34:c8:01:db:7e:
69:a5:a8:91:3b:0d:99:c1:3f:56:28:42:a8:2c:5d:3a:11:63:
3a:06:1f:c5:e9:3f:12:16:3f:7e:97:5e:57:b4:2f:59:a0:f5:
81:91:b5:05:27:18:01:d4:3b:4d:c2:85:dc:46:c3:6b:11:e2:
ca:8d:88:0a:8d:22:a3:34:20:0d:bc:88:37:28:54:fa:3e:ef:
da:6e:1d:d2:ee:ea:21:c8:50:25:51:ac:1f:c2:fd:96:bf:20:
5d:68:22:81:cf:fd:d4:dc:ba:3e:81:f9:f1:98:67:56:de:65:
52:bd:1d:79:f3:0f:f4:7e:fe:0e:f4:1c:6c:f3:d8:fb:f0:45:
63:eb:08:1a:5c:89:a7:a3:9e:31:dd:04:7e:2a:6a:c4:ba:9d:
57:6e:bb:0b:85:56:f8:3f:aa:55:d5:e2:4c:51:69:ab:9c:d3:
aa:1b:70:d7:b7:01:76:6c:47:f9:da:e6:e0:f5:c5:36:ff:35:
10:9c:6d:62
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYyTPZQKSud7e96e4Pb3R1eWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTNiZGU5NDZhZTkzNmQzY2FjYzEzNmE1ZjMyMzllZGYy
NDMxZjQwHhcNMjMxMjIyMjAzNTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjBjNTE0NDY1NWNhMzEzNzk1YWY2ZDBhNGRjNGQ5OGZmMmU4YjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZ04EYBHidF9JMTqJpQopyZIf2AY
Mugf7yPjTDiwPKD5aZ48XeAFfI0xwHepNuKR92kB8R+oXqNbNHjn0oDQKJ+nghs/
w3KFig1E4ugsYk+dCLHmz9LQN9vp4vCh0NhtE7Blmch6DBFewwtX+gU9UQM0QVXa
yWnPZk/lIGR3sTMzJQgenwGgU2Bwn+lu4OEt833BIVrfa18AnPK7b6W0QBghdCqN
tv1LsgSXff93Jxc34/xV7sWvPcp0CXm6mE1g5dnGaKh8dL1CYOpwPASLPTvqrFWo
g+RiM6yKta4emjhzPu9vS5tu1wumo5gJzaaOYDZM0vd6C6Vo2ACsmvrwdQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMIMUURlXKMTeVr20KTcTZj/LotaMB8GA1UdIwQY
MBaAFCeTvelGrpNtPKzBNqXzI57fJDH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2Et
OTJjM2JmNzRhOTdiLzEvd2d4UlJHVmNveE41V3ZiUXBOeE5tUDh1aTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2EtOTJjM2JmNzRhOTdi
LzEvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwQAUR/GMAsD
BABbvP0DAwBbvDANBgkqhkiG9w0BAQsFAAOCAQEAleJCM1sw2BbcCaNL0WQWRmoS
sICPdmrddrFIND9jxB29VvEjklym+PVvrBMvf5yH3kXoFNNlUt4YKQ8f35FvZu18
fjTIAdt+aaWokTsNmcE/VihCqCxdOhFjOgYfxek/EhY/fpdeV7QvWaD1gZG1BScY
AdQ7TcKF3EbDaxHiyo2ICo0iozQgDbyINyhU+j7v2m4d0u7qIchQJVGsH8L9lr8g
XWgigc/91Ny6PoH58ZhnVt5lUr0defMP9H7+DvQcbPPY+/BFY+sIGlyJp6OeMd0E
fipqxLqdV267C4VW+D+qVdXiTFFpq5zTqhtw17cBdmxH+drm4PXFNv81EJxtYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:13 2024 by rpki-client on console-fra.rpki-client.org