Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/0c9de8-cef2-4d8d-a920-76594a19177c/1/wAqvKIhTTQ12gJNyaF3ZBj_38Ok.roa
File: wAqvKIhTTQ12gJNyaF3ZBj_38Ok.roa (raw, json)
Hash identifier: yqFJ2btJCg3ME/d5XoxLtLLvF7I6HQhzyu9qUZFynVQ=
Subject key identifier: C0:0A:AF:28:88:53:4D:0D:76:80:93:72:68:5D:D9:06:3F:F7:F0:E9
Certificate issuer: /CN=f939b03f1294ebd35a3b15d695d7e91f8cb41fa0
Certificate serial: 01856F79668AF3EC04D13D4BE6945F4B708D
Authority key identifier: F9:39:B0:3F:12:94:EB:D3:5A:3B:15:D6:95:D7:E9:1F:8C:B4:1F:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TmwPxKU69NaOxXWldfpH4y0H6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/0c9de8-cef2-4d8d-a920-76594a19177c/1/wAqvKIhTTQ12gJNyaF3ZBj_38Ok.roa
Signing time: Sun 01 Jan 2023 22:35:05 +0000
ROA not before: Sun 01 Jan 2023 22:35:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200530
IP address blocks: 194.5.40.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:66:8a:f3:ec:04:d1:3d:4b:e6:94:5f:4b:70:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f939b03f1294ebd35a3b15d695d7e91f8cb41fa0
Validity
Not Before: Jan 1 22:35:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c00aaf2888534d0d76809372685dd9063ff7f0e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a8:3d:a7:b8:1d:6c:ef:c5:e9:16:03:5a:cf:
9b:07:a2:b6:81:b6:2e:8c:fc:6d:e9:eb:8b:1b:fb:
cd:06:75:90:2a:7b:d7:aa:e3:da:d4:b8:2d:c3:0f:
5e:81:a3:3d:fc:f1:dd:21:06:3e:e8:5a:2c:87:3f:
0a:a4:d8:22:76:2e:fa:92:88:66:0a:f1:fa:68:29:
01:f5:87:4a:35:91:e5:22:a3:cf:05:9d:85:09:cd:
69:44:2a:96:c3:4e:38:6f:90:63:e6:5d:05:25:66:
3a:6c:9a:31:39:a4:85:84:b6:2e:bb:5a:fa:43:dc:
92:21:03:a6:96:57:c5:30:b9:76:42:2b:98:6e:aa:
05:ac:d6:14:65:60:1b:8c:49:38:1f:62:86:9b:73:
c2:e2:ef:0e:a6:bd:7f:98:72:43:ed:fc:f4:4c:d1:
b8:17:7d:cd:46:b1:82:39:4e:01:f9:e8:66:78:a2:
bf:db:33:24:11:86:6d:5c:23:65:8b:b9:14:60:18:
01:41:12:dc:72:a1:0d:a3:b9:b4:06:12:0a:64:49:
31:31:d4:65:63:bf:05:7a:dd:79:bb:1c:39:7c:27:
7f:3a:73:ce:75:11:b1:a1:cd:d8:b8:18:d7:59:7e:
64:01:fa:81:17:6d:ec:8c:fe:ea:26:12:09:32:fb:
ea:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:0A:AF:28:88:53:4D:0D:76:80:93:72:68:5D:D9:06:3F:F7:F0:E9
X509v3 Authority Key Identifier:
keyid:F9:39:B0:3F:12:94:EB:D3:5A:3B:15:D6:95:D7:E9:1F:8C:B4:1F:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TmwPxKU69NaOxXWldfpH4y0H6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/0c9de8-cef2-4d8d-a920-76594a19177c/1/wAqvKIhTTQ12gJNyaF3ZBj_38Ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/0c9de8-cef2-4d8d-a920-76594a19177c/1/1-TmwPxKU69NaOxXWldfpH4y0H6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.40.0/22
Signature Algorithm: sha256WithRSAEncryption
91:d4:7e:51:fd:79:81:04:f1:60:66:d4:19:c1:b4:f9:2f:b3:
6d:15:5c:57:7f:27:c8:72:30:15:04:56:56:39:5c:79:4b:fa:
12:44:c4:32:2e:b5:ff:e8:7d:9a:98:4d:e9:1e:3e:0b:2c:dd:
ba:ee:32:ef:43:2c:ce:69:e7:db:0f:fc:3f:4f:cb:60:07:90:
33:03:cf:f3:33:9f:bf:16:de:1b:61:96:bc:5e:58:f3:62:8e:
cc:d3:17:f8:cf:07:64:a2:c1:db:3d:21:27:73:53:95:df:18:
f0:05:3d:e2:bf:f9:c5:f6:a3:4f:46:3d:b6:60:6e:1c:32:75:
a5:f5:a0:bf:3e:39:0a:33:9e:52:68:7e:9f:67:4a:0e:0c:0f:
59:8b:53:39:88:4f:3e:a6:0a:8a:c8:a2:26:33:37:95:fa:e7:
92:33:b3:27:1d:78:09:bf:35:3e:93:d6:08:f6:01:ed:69:a4:
33:a8:bc:37:1c:76:cd:db:e6:7e:b1:fd:10:82:29:e3:00:68:
21:67:2a:f0:80:14:83:2c:91:f1:b8:c9:89:2c:35:78:1e:da:
27:4d:33:88:ef:65:b6:13:a9:3a:04:84:56:5f:3c:2f:98:02:
24:a5:7c:c5:c3:c2:b7:c2:49:59:7d:69:df:a9:76:fc:18:2b:
d9:84:7e:64
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVveWaK8+wE0T1L5pRfS3CNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MzliMDNmMTI5NGViZDM1YTNiMTVkNjk1ZDdlOTFmOGNi
NDFmYTAwHhcNMjMwMTAxMjIzNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDBhYWYyODg4NTM0ZDBkNzY4MDkzNzI2ODVkZDkwNjNmZjdmMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhag9p7gdbO/F6RYDWs+bB6K2gbYu
jPxt6euLG/vNBnWQKnvXquPa1Lgtww9egaM9/PHdIQY+6Foshz8KpNgidi76kohm
CvH6aCkB9YdKNZHlIqPPBZ2FCc1pRCqWw044b5Bj5l0FJWY6bJoxOaSFhLYuu1r6
Q9ySIQOmllfFMLl2QiuYbqoFrNYUZWAbjEk4H2KGm3PC4u8Opr1/mHJD7fz0TNG4
F33NRrGCOU4B+ehmeKK/2zMkEYZtXCNli7kUYBgBQRLccqENo7m0BhIKZEkxMdRl
Y78Fet15uxw5fCd/OnPOdRGxoc3YuBjXWX5kAfqBF23sjP7qJhIJMvvq+QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMAKryiIU00NdoCTcmhd2QY/9/DpMB8GA1UdIwQY
MBaAFPk5sD8SlOvTWjsV1pXX6R+MtB+gMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1UbXdQeEtVNjlOYU94WFdsZGZwSDR5MEg2QS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcvMGM5ZGU4LWNlZjItNGQ4ZC1hOTIw
LTc2NTk0YTE5MTc3Yy8xL3dBcXZLSWhUVFExMmdKTnlhRjNaQmpfMzhPay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTcvMGM5ZGU4LWNlZjItNGQ4ZC1hOTIwLTc2NTk0YTE5MTc3
Yy8xLzEtVG13UHhLVTY5TmFPeFhXbGRmcEg0eTBINkEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALCBSgw
DQYJKoZIhvcNAQELBQADggEBAJHUflH9eYEE8WBm1BnBtPkvs20VXFd/J8hyMBUE
VlY5XHlL+hJExDIutf/ofZqYTekePgss3bruMu9DLM5p59sP/D9Py2AHkDMDz/Mz
n78W3hthlrxeWPNijszTF/jPB2Siwds9ISdzU5XfGPAFPeK/+cX2o09GPbZgbhwy
daX1oL8+OQoznlJofp9nSg4MD1mLUzmITz6mCorIoiYzN5X655IzsycdeAm/NT6T
1gj2Ae1ppDOovDccds3b5n6x/RCCKeMAaCFnKvCAFIMskfG4yYksNXge2idNM4jv
ZbYTqToEhFZfPC+YAiSlfMXDwrfCSVl9ad+pdvwYK9mEfmQ=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:20 2024 by rpki-client on console-ams.rpki-client.org