Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/b170fb-a1be-4bd9-adb6-fe6dc17583e3/1/WFZ4CXfPPtKizLtslRzN1GXDoyc.roa
File: WFZ4CXfPPtKizLtslRzN1GXDoyc.roa (raw, json)
Hash identifier: Cj15pWGE1AThlRIbX2gubSYnnSD70nePMVMo8UTptoY=
Subject key identifier: 58:56:78:09:77:CF:3E:D2:A2:CC:BB:6C:95:1C:CD:D4:65:C3:A3:27
Certificate issuer: /CN=65c293380bc41f52d9131585a8580038f92f5dcc
Certificate serial: 01857030685CDF4704394D070520C815C06F
Authority key identifier: 65:C2:93:38:0B:C4:1F:52:D9:13:15:85:A8:58:00:38:F9:2F:5D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZcKTOAvEH1LZExWFqFgAOPkvXcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/b170fb-a1be-4bd9-adb6-fe6dc17583e3/1/WFZ4CXfPPtKizLtslRzN1GXDoyc.roa
Signing time: Mon 02 Jan 2023 01:54:58 +0000
ROA not before: Mon 02 Jan 2023 01:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 192.109.175.0/24 maxlen: 24
139.174.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:68:5c:df:47:04:39:4d:07:05:20:c8:15:c0:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65c293380bc41f52d9131585a8580038f92f5dcc
Validity
Not Before: Jan 2 01:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5856780977cf3ed2a2ccbb6c951ccdd465c3a327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ba:d5:38:e3:26:4c:49:d4:de:18:ff:90:ee:
ed:2e:5a:d7:d9:70:e5:00:5c:46:9b:7d:05:da:fc:
12:44:9e:28:c3:b5:30:70:b4:78:ff:1b:74:b0:54:
8a:ae:d5:3d:50:d8:64:2d:e8:b9:0c:98:9b:03:70:
2a:0a:87:cd:46:66:a3:7c:50:d7:36:83:9d:a0:69:
83:d7:55:be:e9:12:bc:c8:9d:ad:c7:b0:15:b3:96:
d0:4c:ed:64:84:17:87:3d:e3:db:d8:8a:23:8f:be:
2c:6e:1f:d9:33:5b:3f:07:09:63:38:b8:11:90:77:
1c:e4:d9:5e:dd:ca:53:0c:33:13:7d:00:79:9a:64:
81:5d:d4:d0:33:0b:cd:e7:45:25:cd:2e:0d:c6:7d:
a3:83:5c:c6:f2:e1:49:4c:29:88:a6:6b:68:fb:82:
d5:7c:ee:53:80:49:c7:2e:91:3b:e3:67:23:35:58:
7f:86:ce:95:0e:20:ef:34:49:e6:b9:e3:46:d8:ba:
4f:74:f0:9d:e2:0e:23:5b:2b:8b:f1:54:cf:41:cd:
91:80:ee:ce:c8:81:a5:8b:04:97:cb:ed:f1:66:03:
17:8a:be:a0:bc:3b:10:94:b5:40:0b:9f:e9:f9:78:
ac:40:3c:1e:cc:ac:9a:03:ba:57:f4:b8:96:ea:7f:
f0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:56:78:09:77:CF:3E:D2:A2:CC:BB:6C:95:1C:CD:D4:65:C3:A3:27
X509v3 Authority Key Identifier:
keyid:65:C2:93:38:0B:C4:1F:52:D9:13:15:85:A8:58:00:38:F9:2F:5D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZcKTOAvEH1LZExWFqFgAOPkvXcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/b170fb-a1be-4bd9-adb6-fe6dc17583e3/1/WFZ4CXfPPtKizLtslRzN1GXDoyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/b170fb-a1be-4bd9-adb6-fe6dc17583e3/1/ZcKTOAvEH1LZExWFqFgAOPkvXcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.174.0.0/16
192.109.175.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:cf:2f:8e:0e:cc:83:83:a6:8c:13:bf:a0:3e:24:35:1d:57:
63:ed:16:33:23:df:bd:65:6f:fd:95:98:7f:ee:2e:5b:ed:fa:
b9:78:bf:63:0e:23:99:b0:ed:53:cb:7f:1e:2a:84:f7:c7:a0:
a9:88:6f:66:21:43:e9:b3:f6:33:c7:48:5b:b3:d4:8e:8f:4d:
60:54:5d:6a:73:c4:1d:e6:b6:fc:8d:66:50:aa:8b:7e:08:e1:
29:b3:0a:81:a9:4b:83:85:7b:67:32:bf:bb:00:12:a4:fd:bf:
ce:71:88:68:39:fd:0a:a3:b0:57:fd:cc:82:ef:ae:df:20:98:
20:14:bf:d6:88:64:64:cb:31:e2:dc:16:15:34:43:03:4b:b6:
2f:ac:f7:c6:dd:09:84:aa:fb:45:6d:ec:23:44:79:0e:d7:d5:
33:f8:85:8a:be:b3:28:f3:4d:71:d9:51:e0:e7:f2:1c:9c:47:
43:49:f3:a9:bd:0b:7a:90:88:d0:7a:21:a2:da:6b:80:24:6d:
45:78:1d:55:67:32:9a:f1:65:b7:9a:71:54:08:35:48:99:a4:
97:ea:34:54:67:63:26:74:53:25:6c:a0:5c:8e:84:df:57:c9:
b6:ee:b5:5c:7e:f0:08:f2:5f:f3:c1:88:9f:c0:12:d3:f3:3b:
1c:bf:b8:96
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVwMGhc30cEOU0HBSDIFcBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YzI5MzM4MGJjNDFmNTJkOTEzMTU4NWE4NTgwMDM4Zjky
ZjVkY2MwHhcNMjMwMTAyMDE1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODU2NzgwOTc3Y2YzZWQyYTJjY2JiNmM5NTFjY2RkNDY1YzNhMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLrVOOMmTEnU3hj/kO7tLlrX2XDl
AFxGm30F2vwSRJ4ow7UwcLR4/xt0sFSKrtU9UNhkLei5DJibA3AqCofNRmajfFDX
NoOdoGmD11W+6RK8yJ2tx7AVs5bQTO1khBeHPePb2Iojj74sbh/ZM1s/BwljOLgR
kHcc5Nle3cpTDDMTfQB5mmSBXdTQMwvN50UlzS4Nxn2jg1zG8uFJTCmIpmto+4LV
fO5TgEnHLpE742cjNVh/hs6VDiDvNEnmueNG2LpPdPCd4g4jWyuL8VTPQc2RgO7O
yIGliwSXy+3xZgMXir6gvDsQlLVAC5/p+XisQDwezKyaA7pX9LiW6n/w+QIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFFhWeAl3zz7Sosy7bJUczdRlw6MnMB8GA1UdIwQY
MBaAFGXCkzgLxB9S2RMVhahYADj5L13MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmNLVE9BdkVIMUxaRXhXRnFGZ0FPUGt2WGN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9iMTcwZmItYTFiZS00YmQ5LWFkYjYt
ZmU2ZGMxNzU4M2UzLzEvV0ZaNENYZlBQdEtpekx0c2xSek4xR1hEb3ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9iMTcwZmItYTFiZS00YmQ5LWFkYjYtZmU2ZGMxNzU4M2Uz
LzEvWmNLVE9BdkVIMUxaRXhXRnFGZ0FPUGt2WGN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAi64DBADA
ba8wDQYJKoZIhvcNAQELBQADggEBAH/PL44OzIODpowTv6A+JDUdV2PtFjMj371l
b/2VmH/uLlvt+rl4v2MOI5mw7VPLfx4qhPfHoKmIb2YhQ+mz9jPHSFuz1I6PTWBU
XWpzxB3mtvyNZlCqi34I4SmzCoGpS4OFe2cyv7sAEqT9v85xiGg5/QqjsFf9zILv
rt8gmCAUv9aIZGTLMeLcFhU0QwNLti+s98bdCYSq+0Vt7CNEeQ7X1TP4hYq+syjz
TXHZUeDn8hycR0NJ86m9C3qQiNB6IaLaa4AkbUV4HVVnMprxZbeacVQINUiZpJfq
NFRnYyZ0UyVsoFyOhN9XybbutVx+8AjyX/PBiJ/AEtPzOxy/uJY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:06 2024 by rpki-client on console-ams.rpki-client.org