Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/wAgmc623zUaVwkbmJDX4-WqRLi0.roa
File: wAgmc623zUaVwkbmJDX4-WqRLi0.roa (raw, json)
Hash identifier: uxRyrWEIV48hrCuG/gJFEMjUNzEUKaBE5RwIyRb+2vc=
Subject key identifier: C0:08:26:73:AD:B7:CD:46:95:C2:46:E6:24:35:F8:F9:6A:91:2E:2D
Certificate issuer: /CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Certificate serial: 018C82A256A412691D809EEF5D511161D6A7
Authority key identifier: E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/wAgmc623zUaVwkbmJDX4-WqRLi0.roa
Signing time: Tue 19 Dec 2023 15:12:06 +0000
ROA not before: Tue 19 Dec 2023 15:12:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20546
IP address blocks: 217.116.112.0/20 maxlen: 24
212.9.32.0/19 maxlen: 24
217.10.64.0/20 maxlen: 24
82.116.96.0/19 maxlen: 24
95.174.128.0/19 maxlen: 24
2001:ab0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:a2:56:a4:12:69:1d:80:9e:ef:5d:51:11:61:d6:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Validity
Not Before: Dec 19 15:12:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0082673adb7cd4695c246e62435f8f96a912e2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:06:f7:2c:80:05:6a:6f:8f:f7:6d:57:49:d6:
e4:51:4e:0a:6c:19:7b:46:03:2d:61:9c:e0:70:9c:
da:e2:2a:0d:2e:7a:37:1b:72:d5:b7:8d:6f:36:17:
86:24:e0:c8:06:08:52:63:67:06:d3:7a:6a:f2:18:
e1:b8:c7:11:4f:12:03:6a:da:bb:82:e2:7d:10:62:
16:65:64:0c:25:1a:84:5c:47:c0:97:6c:40:4a:49:
c0:d5:ee:bd:5b:d5:c8:a4:92:af:8c:6d:61:06:bc:
a3:81:6f:78:fe:31:20:f0:47:74:cf:e7:2b:a6:a6:
b7:0e:12:48:fa:63:c2:4d:5d:19:74:f1:07:ff:f8:
97:62:6e:d3:34:ab:8d:ed:57:bc:6b:ae:82:e2:76:
13:cd:7f:6c:20:89:d4:3f:a7:59:e3:15:0e:c9:a2:
6e:41:33:9e:ad:4f:b7:28:f5:38:6d:d7:57:6b:29:
5d:5d:a2:d8:ee:26:3e:df:70:f1:ca:71:72:e0:06:
e3:b4:1f:2e:8a:b7:d4:21:cb:83:ff:dc:94:3c:0a:
cb:80:f4:0c:60:1e:d7:3d:44:6c:93:37:f0:10:1d:
4c:61:e1:70:e3:61:04:f6:71:59:16:b5:7e:12:12:
62:34:d1:28:62:37:3b:46:04:51:ca:61:a2:32:b8:
f1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:08:26:73:AD:B7:CD:46:95:C2:46:E6:24:35:F8:F9:6A:91:2E:2D
X509v3 Authority Key Identifier:
keyid:E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/wAgmc623zUaVwkbmJDX4-WqRLi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.116.96.0/19
95.174.128.0/19
212.9.32.0/19
217.10.64.0/20
217.116.112.0/20
IPv6:
2001:ab0::/29
Signature Algorithm: sha256WithRSAEncryption
02:0f:57:98:40:50:c4:29:83:e6:3b:64:5d:21:69:9e:10:27:
9d:c6:61:0c:f4:05:07:a8:f2:7c:3a:b8:e8:c8:a4:11:1d:eb:
77:85:86:5d:b0:46:aa:1a:c2:59:ec:c4:0c:76:0d:7b:3d:92:
72:40:c5:65:9c:b0:54:94:1f:83:27:58:a1:69:92:bc:7a:76:
77:3a:48:39:d0:72:aa:31:ef:60:c8:9a:c6:61:8b:88:f5:fe:
63:ba:8d:2d:fe:e4:e2:7d:8a:86:43:14:64:30:c4:09:0f:b1:
a0:91:c9:4e:05:4a:a7:80:58:c0:be:4d:fe:d4:87:52:ac:ec:
56:42:1c:e6:c6:2b:1f:c6:f5:da:23:c6:d1:39:19:2c:23:3c:
fd:5c:7e:98:67:89:ad:a8:cd:23:e2:7a:35:43:8c:0a:b0:c4:
43:87:66:f9:10:f6:3f:45:79:31:02:4d:3a:48:e5:16:24:0d:
52:d2:84:57:2d:fb:66:22:57:a3:b2:84:44:ea:0b:d2:16:62:
82:d3:3a:a6:93:92:94:8a:6a:40:d3:3d:71:6b:f1:ea:75:4a:
76:41:2d:f9:26:1a:ea:ca:77:3f:bf:a4:be:49:38:04:a6:3f:
18:48:87:71:66:e6:69:bd:13:12:cf:58:0c:4c:36:f1:58:87:
ad:a3:88:38
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYyColakEmkdgJ7vXVERYdanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZjcwNzA2ZjZjMGNmYmQ5YzczYTdmM2Q4MzAyMzI0MGE0
MmY1MGQwHhcNMjMxMjE5MTUxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDA4MjY3M2FkYjdjZDQ2OTVjMjQ2ZTYyNDM1ZjhmOTZhOTEyZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQb3LIAFam+P921XSdbkUU4KbBl7
RgMtYZzgcJza4ioNLno3G3LVt41vNheGJODIBghSY2cG03pq8hjhuMcRTxIDatq7
guJ9EGIWZWQMJRqEXEfAl2xASknA1e69W9XIpJKvjG1hBryjgW94/jEg8Ed0z+cr
pqa3DhJI+mPCTV0ZdPEH//iXYm7TNKuN7Ve8a66C4nYTzX9sIInUP6dZ4xUOyaJu
QTOerU+3KPU4bddXayldXaLY7iY+33DxynFy4AbjtB8uirfUIcuD/9yUPArLgPQM
YB7XPURskzfwEB1MYeFw42EE9nFZFrV+EhJiNNEoYjc7RgRRymGiMrjxhwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMAIJnOtt81GlcJG5iQ1+PlqkS4tMB8GA1UdIwQY
MBaAFOP3Bwb2wM+9nHOn89gwIyQKQvUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTIt
MDlmZjc5MzA4YmJlLzEvd0FnbWM2MjN6VWFWd2tibUpEWDQtV3FSTGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTItMDlmZjc5MzA4YmJl
LzEvNF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFUnRgAwQF
X66AAwQF1AkgAwQE2QpAAwQE2XRwMA0EAgACMAcDBQMgAQqwMA0GCSqGSIb3DQEB
CwUAA4IBAQACD1eYQFDEKYPmO2RdIWmeECedxmEM9AUHqPJ8OrjoyKQRHet3hYZd
sEaqGsJZ7MQMdg17PZJyQMVlnLBUlB+DJ1ihaZK8enZ3Okg50HKqMe9gyJrGYYuI
9f5juo0t/uTifYqGQxRkMMQJD7GgkclOBUqngFjAvk3+1IdSrOxWQhzmxisfxvXa
I8bRORksIzz9XH6YZ4mtqM0j4no1Q4wKsMRDh2b5EPY/RXkxAk06SOUWJA1S0oRX
LftmIlejsoRE6gvSFmKC0zqmk5KUimpA0z1xa/HqdUp2QS35Jhrqync/v6S+STgE
pj8YSIdxZuZpvRMSz1gMTDbxWIeto4g4
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:20 2024 by rpki-client on console-fra.rpki-client.org