Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/220ce4-11a3-4d92-a488-c3947e76be75/1/WjsIMvH0XPhcdvGdVdOsqt4hdLk.roa
File: WjsIMvH0XPhcdvGdVdOsqt4hdLk.roa (raw, json)
Hash identifier: jIPhDOPjwuq5ebNDaJTTrNoZRhLG3OGIKW2+qTSuCyg=
Subject key identifier: 5A:3B:08:32:F1:F4:5C:F8:5C:76:F1:9D:55:D3:AC:AA:DE:21:74:B9
Certificate issuer: /CN=f37063a85445019ab845a5b7e54395cdd39927f6
Certificate serial: 01856FF94DEA21CE5068C0C8E3C652C553CF
Authority key identifier: F3:70:63:A8:54:45:01:9A:B8:45:A5:B7:E5:43:95:CD:D3:99:27:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/83BjqFRFAZq4RaW35UOVzdOZJ_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/220ce4-11a3-4d92-a488-c3947e76be75/1/WjsIMvH0XPhcdvGdVdOsqt4hdLk.roa
Signing time: Mon 02 Jan 2023 00:54:47 +0000
ROA not before: Mon 02 Jan 2023 00:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212476
IP address blocks: 193.3.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:4d:ea:21:ce:50:68:c0:c8:e3:c6:52:c5:53:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f37063a85445019ab845a5b7e54395cdd39927f6
Validity
Not Before: Jan 2 00:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a3b0832f1f45cf85c76f19d55d3acaade2174b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:18:16:27:db:6a:73:2b:4d:f9:c1:83:21:5f:
c0:74:55:38:89:01:7a:26:61:64:ff:dc:df:d8:4f:
d4:18:5a:6e:83:3c:dc:b3:92:a3:5f:06:8b:09:17:
7b:1b:19:d7:8c:a2:12:fc:aa:7d:15:db:ed:4c:5c:
e3:f4:c5:80:ff:2c:4b:58:76:e4:8c:a5:04:e2:84:
f2:a7:9f:8c:d2:f9:94:0c:c5:a6:59:5c:a2:60:8a:
38:35:43:d3:ec:2c:60:63:04:b6:81:ba:bf:09:16:
4d:94:0f:0b:8d:80:ba:ad:ba:7c:20:75:66:dc:0b:
89:86:ae:ae:93:5b:a9:f0:46:8d:7e:cb:12:bc:62:
1b:bb:e1:2a:74:b9:f2:40:db:cc:c4:e7:69:7b:d9:
c0:7e:7f:5c:43:2e:7c:c1:c6:0b:c4:7d:2e:fc:ef:
a8:63:f6:80:82:a9:97:95:cf:5a:03:f4:7e:e9:35:
02:a5:6e:aa:27:11:58:fe:f9:17:ba:7d:be:62:12:
ec:b3:af:cf:fd:f4:28:d1:91:2f:2b:bb:1c:dd:ef:
db:bc:a8:4f:4c:68:25:d0:b8:d3:ee:ee:17:e9:e9:
df:2a:ba:82:1d:58:2e:fe:49:a0:5e:a5:48:98:4c:
f2:a9:32:c1:93:03:c6:4e:b4:a6:0e:dc:3b:95:16:
0c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:3B:08:32:F1:F4:5C:F8:5C:76:F1:9D:55:D3:AC:AA:DE:21:74:B9
X509v3 Authority Key Identifier:
keyid:F3:70:63:A8:54:45:01:9A:B8:45:A5:B7:E5:43:95:CD:D3:99:27:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/83BjqFRFAZq4RaW35UOVzdOZJ_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/220ce4-11a3-4d92-a488-c3947e76be75/1/WjsIMvH0XPhcdvGdVdOsqt4hdLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/220ce4-11a3-4d92-a488-c3947e76be75/1/83BjqFRFAZq4RaW35UOVzdOZJ_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.31.0/24
Signature Algorithm: sha256WithRSAEncryption
40:7c:97:a5:5a:0c:2e:cc:9a:6f:3a:b5:e5:7c:5c:01:c8:be:
2a:7b:3a:21:b8:17:75:fd:b2:18:0d:43:03:8d:3c:40:60:9d:
7a:f0:7d:2d:24:e5:4e:61:f1:b4:89:45:db:90:75:35:a2:e4:
ef:ad:f2:a1:a4:c0:3c:58:3e:db:b1:76:e2:a2:9b:ec:99:d1:
0d:ea:95:98:19:bc:70:50:34:4f:fe:25:ab:d2:51:d4:16:96:
ce:12:18:a2:ac:ed:3d:5c:36:b8:ba:ee:6f:32:1e:72:a6:ab:
85:eb:11:ff:79:dc:52:7e:d2:a5:9d:5b:8e:18:05:e7:11:4e:
bc:e5:ae:35:7e:de:90:37:ce:4f:28:10:91:91:00:b4:de:78:
25:b7:60:5b:89:ff:0f:ff:ff:bb:79:ff:13:07:c7:d0:02:17:
ef:90:30:4f:fe:e5:0b:0d:75:7f:4b:5e:ca:88:75:91:d5:57:
10:dc:1b:d8:7b:11:40:3a:f4:16:01:eb:29:f2:42:11:1c:d0:
7f:ef:2b:14:70:52:c8:d0:8f:be:26:31:4f:37:85:cc:1c:a4:
ab:9e:f8:c4:9e:7a:21:26:36:d3:a3:50:54:7a:01:e1:81:c7:
d8:c7:9e:6e:1a:76:2e:15:15:87:67:01:35:b7:f6:69:78:39:
fb:fb:62:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+U3qIc5QaMDI48ZSxVPPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNzA2M2E4NTQ0NTAxOWFiODQ1YTViN2U1NDM5NWNkZDM5
OTI3ZjYwHhcNMjMwMTAyMDA1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTNiMDgzMmYxZjQ1Y2Y4NWM3NmYxOWQ1NWQzYWNhYWRlMjE3NGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBgWJ9tqcytN+cGDIV/AdFU4iQF6
JmFk/9zf2E/UGFpugzzcs5KjXwaLCRd7GxnXjKIS/Kp9FdvtTFzj9MWA/yxLWHbk
jKUE4oTyp5+M0vmUDMWmWVyiYIo4NUPT7CxgYwS2gbq/CRZNlA8LjYC6rbp8IHVm
3AuJhq6uk1up8EaNfssSvGIbu+EqdLnyQNvMxOdpe9nAfn9cQy58wcYLxH0u/O+o
Y/aAgqmXlc9aA/R+6TUCpW6qJxFY/vkXun2+YhLss6/P/fQo0ZEvK7sc3e/bvKhP
TGgl0LjT7u4X6enfKrqCHVgu/kmgXqVImEzyqTLBkwPGTrSmDtw7lRYMPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFo7CDLx9Fz4XHbxnVXTrKreIXS5MB8GA1UdIwQY
MBaAFPNwY6hURQGauEWlt+VDlc3TmSf2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODNCanFGUkZBWnE0UmFXMzVVT1Z6ZE9aSl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yMjBjZTQtMTFhMy00ZDkyLWE0ODgt
YzM5NDdlNzZiZTc1LzEvV2pzSU12SDBYUGhjZHZHZFZkT3NxdDRoZExrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yMjBjZTQtMTFhMy00ZDkyLWE0ODgtYzM5NDdlNzZiZTc1
LzEvODNCanFGUkZBWnE0UmFXMzVVT1Z6ZE9aSl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQMfMA0G
CSqGSIb3DQEBCwUAA4IBAQBAfJelWgwuzJpvOrXlfFwByL4qezohuBd1/bIYDUMD
jTxAYJ168H0tJOVOYfG0iUXbkHU1ouTvrfKhpMA8WD7bsXbiopvsmdEN6pWYGbxw
UDRP/iWr0lHUFpbOEhiirO09XDa4uu5vMh5ypquF6xH/edxSftKlnVuOGAXnEU68
5a41ft6QN85PKBCRkQC03nglt2Bbif8P//+7ef8TB8fQAhfvkDBP/uULDXV/S17K
iHWR1VcQ3BvYexFAOvQWAesp8kIRHNB/7ysUcFLI0I++JjFPN4XMHKSrnvjEnnoh
JjbTo1BUegHhgcfYx55uGnYuFRWHZwE1t/ZpeDn7+2Km
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:46 2024 by rpki-client on console-fra.rpki-client.org