Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/fde2f5-af35-4a49-9b44-946d92c3f093/1/_whfwcnW2Gs3-QENvFbBzEDDLnw.roa
File: _whfwcnW2Gs3-QENvFbBzEDDLnw.roa (raw, json)
Hash identifier: M5QEIzBk5+/HqceU4lr96dIpctwsgVWYXTuBGNqFva0=
Subject key identifier: FF:08:5F:C1:C9:D6:D8:6B:37:F9:01:0D:BC:56:C1:CC:40:C3:2E:7C
Certificate issuer: /CN=e9ee65ec66d90ff8fff8d1707320577402e85cc7
Certificate serial: 01857227C5C7E402B92AD4B0B00BDAA81E39
Authority key identifier: E9:EE:65:EC:66:D9:0F:F8:FF:F8:D1:70:73:20:57:74:02:E8:5C:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6e5l7GbZD_j_-NFwcyBXdALoXMc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/fde2f5-af35-4a49-9b44-946d92c3f093/1/_whfwcnW2Gs3-QENvFbBzEDDLnw.roa
Signing time: Mon 02 Jan 2023 11:04:47 +0000
ROA not before: Mon 02 Jan 2023 11:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42948
IP address blocks: 193.142.149.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:c5:c7:e4:02:b9:2a:d4:b0:b0:0b:da:a8:1e:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9ee65ec66d90ff8fff8d1707320577402e85cc7
Validity
Not Before: Jan 2 11:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff085fc1c9d6d86b37f9010dbc56c1cc40c32e7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:dc:cb:9a:7c:c7:22:d0:83:58:1c:fc:3b:5a:
5e:24:42:14:8c:35:a4:58:f3:85:86:92:0e:cc:1c:
4f:90:1d:5e:db:7f:29:9b:6f:22:97:48:c3:50:5a:
55:2b:ff:7e:f3:93:c8:6b:93:0c:c9:6c:1f:61:ea:
cb:14:52:be:e6:2f:67:29:40:ad:5e:11:f9:60:52:
b4:dc:39:5c:34:a9:18:e9:13:f9:29:0b:5d:ed:23:
2f:49:97:af:d4:23:6e:e3:af:5e:88:a8:8e:b9:5c:
3f:96:f7:8f:c5:5e:90:7f:e6:f3:ce:d9:8e:44:f6:
a6:3b:c4:cc:05:93:b7:d7:39:0b:2a:a4:16:0b:ff:
f8:7e:12:ed:bc:25:95:51:2c:93:22:08:7c:03:66:
a8:aa:1c:2b:33:05:43:5c:ad:8c:ed:15:f2:a8:44:
f2:44:f3:e6:0b:38:c0:0c:3a:8d:f6:00:ad:a1:5b:
e2:87:ab:5b:8d:ff:74:83:28:89:11:8d:e4:85:4b:
e3:13:9b:80:f4:30:2c:19:64:25:d1:d8:d0:18:71:
fb:8d:50:d0:81:bc:79:78:77:98:16:7c:68:27:df:
c4:13:27:d2:6c:23:2d:69:f7:0a:ce:10:e6:f2:36:
05:9c:85:f5:9a:62:be:6a:c7:45:35:3e:4a:e0:ef:
0c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:08:5F:C1:C9:D6:D8:6B:37:F9:01:0D:BC:56:C1:CC:40:C3:2E:7C
X509v3 Authority Key Identifier:
keyid:E9:EE:65:EC:66:D9:0F:F8:FF:F8:D1:70:73:20:57:74:02:E8:5C:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e5l7GbZD_j_-NFwcyBXdALoXMc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/fde2f5-af35-4a49-9b44-946d92c3f093/1/_whfwcnW2Gs3-QENvFbBzEDDLnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/fde2f5-af35-4a49-9b44-946d92c3f093/1/6e5l7GbZD_j_-NFwcyBXdALoXMc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.149.0/24
Signature Algorithm: sha256WithRSAEncryption
71:22:38:c1:c9:41:86:0e:0e:a6:ea:b5:63:45:a3:34:1d:19:
d5:a3:99:a4:cd:5e:cd:3b:82:66:3d:ef:d1:2b:50:c5:38:d1:
d7:81:7e:b8:fb:47:22:8e:72:f0:82:25:bf:99:70:61:f5:1f:
eb:c8:fb:14:82:50:0f:ef:78:dd:80:f6:d8:94:d1:ff:47:10:
71:32:57:6c:f6:1e:84:16:f7:76:3f:7e:f7:db:fb:2f:e1:46:
eb:9b:29:29:b5:f0:fc:ae:81:98:5a:f2:ca:dd:f9:47:ec:ba:
e4:ce:aa:b0:4b:58:18:c5:29:94:85:e5:c3:99:2f:0a:69:20:
7f:a2:12:d5:52:c6:50:8c:a5:b3:4f:d9:01:8a:89:8a:cf:98:
7c:f9:16:68:d7:0c:32:05:6a:ec:cf:5d:89:4a:70:fc:f4:fd:
b7:5a:f7:dd:22:26:80:f1:3a:55:16:bb:b6:3e:24:17:77:e2:
26:d6:99:ac:60:08:80:f8:68:a3:0e:6a:18:98:37:b9:cd:80:
4b:e0:da:a5:f0:60:af:53:ce:f3:76:62:9e:2e:8e:76:d3:c3:
7b:3b:e3:0d:78:26:94:42:85:4a:c4:2e:98:1a:dc:ac:c9:5e:
1b:16:70:46:64:1b:c1:e8:aa:8f:1b:ea:74:25:a1:11:e0:7e:
69:f8:99:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyJ8XH5AK5KtSwsAvaqB45MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZWU2NWVjNjZkOTBmZjhmZmY4ZDE3MDczMjA1Nzc0MDJl
ODVjYzcwHhcNMjMwMTAyMTEwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjA4NWZjMWM5ZDZkODZiMzdmOTAxMGRiYzU2YzFjYzQwYzMyZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtzLmnzHItCDWBz8O1peJEIUjDWk
WPOFhpIOzBxPkB1e238pm28il0jDUFpVK/9+85PIa5MMyWwfYerLFFK+5i9nKUCt
XhH5YFK03DlcNKkY6RP5KQtd7SMvSZev1CNu469eiKiOuVw/lvePxV6Qf+bzztmO
RPamO8TMBZO31zkLKqQWC//4fhLtvCWVUSyTIgh8A2aoqhwrMwVDXK2M7RXyqETy
RPPmCzjADDqN9gCtoVvih6tbjf90gyiJEY3khUvjE5uA9DAsGWQl0djQGHH7jVDQ
gbx5eHeYFnxoJ9/EEyfSbCMtafcKzhDm8jYFnIX1mmK+asdFNT5K4O8MOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8IX8HJ1thrN/kBDbxWwcxAwy58MB8GA1UdIwQY
MBaAFOnuZexm2Q/4//jRcHMgV3QC6FzHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmU1bDdHYlpEX2pfLU5Gd2N5QlhkQUxvWE1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mZGUyZjUtYWYzNS00YTQ5LTliNDQt
OTQ2ZDkyYzNmMDkzLzEvX3doZndjblcyR3MzLVFFTnZGYkJ6RURETG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mZGUyZjUtYWYzNS00YTQ5LTliNDQtOTQ2ZDkyYzNmMDkz
LzEvNmU1bDdHYlpEX2pfLU5Gd2N5QlhkQUxvWE1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY6VMA0G
CSqGSIb3DQEBCwUAA4IBAQBxIjjByUGGDg6m6rVjRaM0HRnVo5mkzV7NO4JmPe/R
K1DFONHXgX64+0cijnLwgiW/mXBh9R/ryPsUglAP73jdgPbYlNH/RxBxMlds9h6E
Fvd2P3732/sv4UbrmykptfD8roGYWvLK3flH7LrkzqqwS1gYxSmUheXDmS8KaSB/
ohLVUsZQjKWzT9kBiomKz5h8+RZo1wwyBWrsz12JSnD89P23WvfdIiaA8TpVFru2
PiQXd+Im1pmsYAiA+GijDmoYmDe5zYBL4Nql8GCvU87zdmKeLo5208N7O+MNeCaU
QoVKxC6YGtysyV4bFnBGZBvB6KqPG+p0JaER4H5p+Jkf
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:13 2024 by rpki-client on console-ams.rpki-client.org