Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/whzES_whabLUfqUPo7m_tIHZauE.roa
File: whzES_whabLUfqUPo7m_tIHZauE.roa (raw, json)
Hash identifier: 1eHb9W9Quc9uLIqO4a5XCD8FROVgoDnvtOKTIlqtgzo=
Subject key identifier: C2:1C:C4:4B:FC:21:69:B2:D4:7E:A5:0F:A3:B9:BF:B4:81:D9:6A:E1
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018B8533A4E4DB8520B9DB749440C0471EE7
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/whzES_whabLUfqUPo7m_tIHZauE.roa
Signing time: Tue 31 Oct 2023 10:07:16 +0000
ROA not before: Tue 31 Oct 2023 10:07:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 2a0f:e383::/32 maxlen: 32
2a0f:e385::/32 maxlen: 32
2a0f:e384::/32 maxlen: 32
2a0f:2740::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:85:33:a4:e4:db:85:20:b9:db:74:94:40:c0:47:1e:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Oct 31 10:07:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c21cc44bfc2169b2d47ea50fa3b9bfb481d96ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b6:7a:cc:0c:23:84:1f:cf:c5:58:41:e7:38:
3f:e1:ba:72:4b:d2:fb:c1:ac:90:b1:f4:97:7a:fe:
ba:3f:8d:2a:76:84:3b:03:ca:ee:05:d9:4d:37:c3:
6a:55:1b:03:c4:4e:9f:b3:52:75:db:6c:96:ec:28:
d6:ec:97:11:4f:14:50:6e:bf:c2:d2:e6:a6:39:59:
90:fd:ca:f7:25:95:14:bc:9b:8f:e6:33:25:a1:2c:
dc:96:b7:f9:01:35:2f:0c:6e:4d:49:c9:ed:7e:1a:
e1:e7:7f:34:2c:e4:49:f4:88:fc:4a:f2:1e:26:2b:
1a:2d:82:f3:83:15:c7:4e:0c:19:9e:59:9e:4c:36:
23:84:81:9d:94:f1:cf:f7:cf:7b:6b:2c:0c:d2:03:
17:b8:8b:c2:99:69:c2:c6:49:f0:dd:2c:0c:55:fc:
c5:b5:77:e5:3a:c6:f0:8d:43:ce:05:bc:44:03:30:
7b:fe:83:11:f9:5e:4e:6b:de:62:2b:20:ec:4b:6f:
72:b4:84:4d:ef:fa:30:d6:57:ab:fd:06:7e:5e:58:
e0:48:47:d6:0c:f5:58:5a:2c:66:87:a0:a6:6a:ce:
8a:28:ab:80:5b:40:26:29:16:9d:6f:81:23:09:b8:
e3:cd:e1:e4:2f:a1:4b:24:d2:b0:9b:9a:8c:ae:c1:
88:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:1C:C4:4B:FC:21:69:B2:D4:7E:A5:0F:A3:B9:BF:B4:81:D9:6A:E1
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/whzES_whabLUfqUPo7m_tIHZauE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2740::/29
2a0f:e383::-2a0f:e385:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6b:23:50:f7:df:52:49:e3:11:bd:3e:60:e2:12:57:e6:93:f0:
06:10:eb:c4:14:bd:78:64:dd:6b:a4:7a:87:60:8d:79:77:b3:
13:79:df:63:0e:2e:1e:5f:47:af:5e:fa:61:27:60:e3:07:e2:
76:1a:89:bd:b7:b3:8e:fe:de:e0:eb:de:73:91:b6:6f:1a:1a:
ca:30:04:23:7a:63:92:d5:50:9e:ac:51:b5:dd:7e:96:4e:81:
74:d8:24:a6:3e:52:9d:85:45:72:b9:f7:ad:78:67:07:78:dd:
0c:30:7f:6b:91:25:68:44:5a:f8:7b:3a:ae:85:19:c0:f6:cd:
8a:bd:d3:f1:fc:b4:c5:56:25:88:70:75:82:a5:ea:a0:a9:38:
c5:dc:55:c1:f0:c4:9f:a4:ae:a9:6d:de:32:16:c8:0d:e2:d6:
69:54:69:09:12:59:18:82:44:ed:43:20:77:ed:35:99:3e:c0:
e9:13:a7:8e:cd:b8:e6:a3:52:6b:fb:2c:52:03:ce:15:18:26:
15:8c:0f:4d:37:ab:7d:d1:82:9e:8d:37:cb:66:e1:1b:af:eb:
76:51:b3:d9:40:24:0c:a6:dc:9b:0c:71:2f:d1:95:21:20:cd:
91:f1:de:4d:0b:f2:2d:7a:c1:85:89:11:23:fd:78:01:45:ee:
bd:b6:03:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuFM6Tk24Ugudt0lEDARx7nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMDMxMTAwNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjFjYzQ0YmZjMjE2OWIyZDQ3ZWE1MGZhM2I5YmZiNDgxZDk2YWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLZ6zAwjhB/PxVhB5zg/4bpyS9L7
wayQsfSXev66P40qdoQ7A8ruBdlNN8NqVRsDxE6fs1J122yW7CjW7JcRTxRQbr/C
0uamOVmQ/cr3JZUUvJuP5jMloSzclrf5ATUvDG5NScntfhrh5380LORJ9Ij8SvIe
JisaLYLzgxXHTgwZnlmeTDYjhIGdlPHP9897aywM0gMXuIvCmWnCxknw3SwMVfzF
tXflOsbwjUPOBbxEAzB7/oMR+V5Oa95iKyDsS29ytIRN7/ow1ler/QZ+XljgSEfW
DPVYWixmh6Cmas6KKKuAW0AmKRadb4EjCbjjzeHkL6FLJNKwm5qMrsGIiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMIcxEv8IWmy1H6lD6O5v7SB2WrhMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvd2h6RVNfd2hhYkxVZnFVUG83bV90SUhaYXVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUDKg8nQDAO
AwUAKg/jgwMFASoP44QwDQYJKoZIhvcNAQELBQADggEBAGsjUPffUknjEb0+YOIS
V+aT8AYQ68QUvXhk3WukeodgjXl3sxN532MOLh5fR69e+mEnYOMH4nYaib23s47+
3uDr3nORtm8aGsowBCN6Y5LVUJ6sUbXdfpZOgXTYJKY+Up2FRXK59614Zwd43Qww
f2uRJWhEWvh7Oq6FGcD2zYq90/H8tMVWJYhwdYKl6qCpOMXcVcHwxJ+krqlt3jIW
yA3i1mlUaQkSWRiCRO1DIHftNZk+wOkTp47NuOajUmv7LFIDzhUYJhWMD003q33R
gp6NN8tm4Ruv63ZRs9lAJAym3JsMcS/RlSEgzZHx3k0L8i16wYWJESP9eAFF7r22
AwQ=
Generated at Wed Nov 8 06:15:57 2023 by rpki-client on console-fra.rpki-client.org