Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/ef846c-ec08-4f79-b93a-ff4f8394b91c/1/W1ytSrB4GIZTl0TRdwIF8iqLqYc.roa
File: W1ytSrB4GIZTl0TRdwIF8iqLqYc.roa (raw, json)
Hash identifier: pwfNFOUTSqh4xzm1pb/5r9+8RKGTfPi2qnl8WcuIm4I=
Subject key identifier: 5B:5C:AD:4A:B0:78:18:86:53:97:44:D1:77:02:05:F2:2A:8B:A9:87
Certificate issuer: /CN=d1e55f25295d4d82db20721cd8117a7d283baa4c
Certificate serial: 01856D0AD926D20A04C4420CD74F6306EFB4
Authority key identifier: D1:E5:5F:25:29:5D:4D:82:DB:20:72:1C:D8:11:7A:7D:28:3B:AA:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eVfJSldTYLbIHIc2BF6fSg7qkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/ef846c-ec08-4f79-b93a-ff4f8394b91c/1/W1ytSrB4GIZTl0TRdwIF8iqLqYc.roa
Signing time: Sun 01 Jan 2023 11:15:05 +0000
ROA not before: Sun 01 Jan 2023 11:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49515
IP address blocks: 185.230.32.0/22 maxlen: 24
188.95.32.0/21 maxlen: 24
2a02:ca80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:d9:26:d2:0a:04:c4:42:0c:d7:4f:63:06:ef:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e55f25295d4d82db20721cd8117a7d283baa4c
Validity
Not Before: Jan 1 11:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b5cad4ab0781886539744d1770205f22a8ba987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:90:ec:2a:30:a3:8e:dc:68:de:b3:4b:23:d1:
15:6f:be:d4:d4:7f:09:8d:ce:ac:11:58:98:46:89:
0e:3d:25:6a:ab:0c:53:0e:50:ba:e7:47:2e:e6:13:
66:fe:18:37:ec:be:79:16:b8:81:93:1d:46:40:1a:
40:6a:ea:6e:c6:6b:b4:5e:fe:5e:e1:ce:1d:b8:4e:
72:c6:96:46:15:72:00:ef:61:e4:65:17:05:ac:c0:
bf:8a:0e:fa:f4:4e:24:f7:6a:5b:d4:7b:2d:6d:eb:
ca:36:9c:5c:6f:dd:15:2d:67:51:5b:f8:02:e6:5a:
a9:97:8c:11:f5:6f:58:21:a3:35:55:32:5e:b6:75:
0e:82:95:28:0a:c8:ec:f8:cf:21:45:90:86:a6:e8:
05:5a:00:c6:b9:c9:db:47:8b:40:88:ac:a4:09:f2:
f1:5d:1a:99:44:e6:e5:5d:b5:92:97:e5:15:ea:3f:
a8:2e:65:53:c4:00:64:48:1a:40:04:c0:6e:00:b1:
2d:e8:8f:d8:a0:24:25:cc:d0:68:a1:fc:ce:b4:8a:
6f:d6:a5:1d:87:17:a3:81:12:ed:e3:25:50:8b:16:
9a:50:59:35:b1:26:07:82:92:54:fd:ef:67:df:08:
b5:e9:11:a9:f0:98:3b:67:32:78:ec:34:d1:cf:1e:
ff:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:5C:AD:4A:B0:78:18:86:53:97:44:D1:77:02:05:F2:2A:8B:A9:87
X509v3 Authority Key Identifier:
keyid:D1:E5:5F:25:29:5D:4D:82:DB:20:72:1C:D8:11:7A:7D:28:3B:AA:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eVfJSldTYLbIHIc2BF6fSg7qkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/ef846c-ec08-4f79-b93a-ff4f8394b91c/1/W1ytSrB4GIZTl0TRdwIF8iqLqYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/ef846c-ec08-4f79-b93a-ff4f8394b91c/1/0eVfJSldTYLbIHIc2BF6fSg7qkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.32.0/22
188.95.32.0/21
IPv6:
2a02:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
98:71:4d:a2:df:2d:a9:1f:50:61:26:45:ad:11:82:46:fe:20:
de:d0:23:ff:e5:e7:b2:21:1d:ae:a9:0d:dc:bd:ce:68:91:7c:
10:cf:60:38:d8:23:cb:61:5b:0a:2b:d8:5e:e4:89:0b:fa:28:
66:d2:ac:62:37:f2:f7:9c:b8:b3:db:50:c9:43:8b:1b:d5:bf:
88:eb:2b:db:1a:6a:44:b1:2e:a0:44:bc:0b:62:76:20:37:2d:
59:6e:3d:5d:a6:cd:e4:9b:46:3d:ae:67:c3:cc:5e:4b:da:b8:
10:8b:41:cb:83:29:2e:01:59:1e:36:3d:0c:93:4d:b4:87:29:
f1:14:ad:b9:45:a1:e5:bc:19:86:e1:ea:3f:c5:6c:fe:a5:90:
3c:00:de:0f:9a:ec:83:53:c2:40:f6:7d:f0:60:f8:e0:25:c9:
ab:9f:8e:4e:a6:25:ae:a8:6d:01:15:78:a8:39:83:0d:0b:e6:
10:c4:7a:fa:ee:07:9c:56:5e:07:f7:de:74:a8:9c:b6:42:b2:
8c:c3:04:9d:93:bd:e0:ea:c6:20:57:02:a1:34:47:8f:bc:0c:
74:95:af:ee:75:b2:ee:cf:af:48:68:68:fb:6c:02:56:7a:c2:
48:e1:84:a7:1e:36:13:81:8f:ba:72:ba:d1:eb:11:66:35:45:
d0:4b:8c:b7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtCtkm0goExEIM109jBu+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTU1ZjI1Mjk1ZDRkODJkYjIwNzIxY2Q4MTE3YTdkMjgz
YmFhNGMwHhcNMjMwMTAxMTExNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjVjYWQ0YWIwNzgxODg2NTM5NzQ0ZDE3NzAyMDVmMjJhOGJhOTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZDsKjCjjtxo3rNLI9EVb77U1H8J
jc6sEViYRokOPSVqqwxTDlC650cu5hNm/hg37L55FriBkx1GQBpAaupuxmu0Xv5e
4c4duE5yxpZGFXIA72HkZRcFrMC/ig769E4k92pb1HstbevKNpxcb90VLWdRW/gC
5lqpl4wR9W9YIaM1VTJetnUOgpUoCsjs+M8hRZCGpugFWgDGucnbR4tAiKykCfLx
XRqZROblXbWSl+UV6j+oLmVTxABkSBpABMBuALEt6I/YoCQlzNBoofzOtIpv1qUd
hxejgRLt4yVQixaaUFk1sSYHgpJU/e9n3wi16RGp8Jg7ZzJ47DTRzx7/IQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFtcrUqweBiGU5dE0XcCBfIqi6mHMB8GA1UdIwQY
MBaAFNHlXyUpXU2C2yByHNgRen0oO6pMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVWZkpTbGRUWUxiSUhJYzJCRjZmU2c3cWt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9lZjg0NmMtZWMwOC00Zjc5LWI5M2Et
ZmY0ZjgzOTRiOTFjLzEvVzF5dFNyQjRHSVpUbDBUUmR3SUY4aXFMcVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9lZjg0NmMtZWMwOC00Zjc5LWI5M2EtZmY0ZjgzOTRiOTFj
LzEvMGVWZkpTbGRUWUxiSUhJYzJCRjZmU2c3cWt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCueYgAwQD
vF8gMA0EAgACMAcDBQMqAsqAMA0GCSqGSIb3DQEBCwUAA4IBAQCYcU2i3y2pH1Bh
JkWtEYJG/iDe0CP/5eeyIR2uqQ3cvc5okXwQz2A42CPLYVsKK9he5IkL+ihm0qxi
N/L3nLiz21DJQ4sb1b+I6yvbGmpEsS6gRLwLYnYgNy1Zbj1dps3km0Y9rmfDzF5L
2rgQi0HLgykuAVkeNj0Mk020hynxFK25RaHlvBmG4eo/xWz+pZA8AN4PmuyDU8JA
9n3wYPjgJcmrn45OpiWuqG0BFXioOYMNC+YQxHr67gecVl4H9950qJy2QrKMwwSd
k73g6sYgVwKhNEePvAx0la/udbLuz69IaGj7bAJWesJI4YSnHjYTgY+6crrR6xFm
NUXQS4y3
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:31 2024 by rpki-client on console-fra.rpki-client.org