Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/WTKPNKXzkonno_3IBCIszfn-FtU.roa
File: WTKPNKXzkonno_3IBCIszfn-FtU.roa (raw, json)
Hash identifier: 8why15s8SySB0Bx4rF/6f050ibk81x+raJxqRwRlhH0=
Subject key identifier: 59:32:8F:34:A5:F3:92:89:E7:A3:FD:C8:04:22:2C:CD:F9:FE:16:D5
Certificate issuer: /CN=65ba15d47ba4f4482764472d8d97146a1ebbbf86
Certificate serial: 01856DE674599C18C49683D7A2CE282EBE38
Authority key identifier: 65:BA:15:D4:7B:A4:F4:48:27:64:47:2D:8D:97:14:6A:1E:BB:BF:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZboV1Huk9EgnZEctjZcUah67v4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/WTKPNKXzkonno_3IBCIszfn-FtU.roa
Signing time: Sun 01 Jan 2023 15:14:57 +0000
ROA not before: Sun 01 Jan 2023 15:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56510
IP address blocks: 91.235.174.0/24 maxlen: 24
195.88.202.0/23 maxlen: 23
195.69.225.0/24 maxlen: 24
188.227.204.0/22 maxlen: 22
185.38.103.0/24 maxlen: 24
2a02:7f84::/30 maxlen: 30
2a02:7f80::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 23 Jan 2023 09:07:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:74:59:9c:18:c4:96:83:d7:a2:ce:28:2e:be:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65ba15d47ba4f4482764472d8d97146a1ebbbf86
Validity
Not Before: Jan 1 15:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59328f34a5f39289e7a3fdc804222ccdf9fe16d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:47:a7:a4:74:a3:7e:6d:15:04:7e:50:2b:67:
1a:34:4a:ab:2d:1b:12:b4:7b:71:5f:3a:85:c0:c4:
84:41:30:9b:a2:af:0c:b1:af:eb:ec:fc:92:60:14:
30:a0:42:99:14:35:61:53:41:bb:00:53:03:f2:db:
ca:65:73:c1:51:e8:27:25:f0:8f:7c:88:a0:a6:3e:
d1:09:aa:53:75:82:91:68:1c:f3:75:6b:3a:6c:2a:
22:58:9b:b7:13:0d:54:35:7d:40:07:4a:9c:5c:97:
11:cb:6c:b7:06:77:67:64:7a:3c:8c:13:99:e5:9e:
63:d9:ce:a5:bb:8c:e5:f1:99:d1:db:6e:07:cd:ee:
7b:88:13:b2:6a:7e:f5:46:39:1c:cb:dd:6e:5f:d3:
d7:da:c8:ac:c0:64:30:e4:f0:67:19:d1:97:d4:40:
87:fd:7d:dd:30:b6:f3:3f:a5:b4:b6:05:b7:e1:5e:
45:29:6c:19:0b:7f:fb:29:7b:c8:8f:24:9d:68:42:
40:a2:0f:a0:2d:58:39:07:ba:e6:f3:71:57:11:05:
33:ec:ea:46:f3:3f:5d:cb:ff:fe:ce:7d:90:d5:94:
69:ca:7e:6f:cd:b6:2d:3d:a7:8b:27:aa:43:2f:02:
4d:91:c9:37:c3:b2:25:66:52:db:4a:98:4a:1a:64:
49:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:32:8F:34:A5:F3:92:89:E7:A3:FD:C8:04:22:2C:CD:F9:FE:16:D5
X509v3 Authority Key Identifier:
keyid:65:BA:15:D4:7B:A4:F4:48:27:64:47:2D:8D:97:14:6A:1E:BB:BF:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZboV1Huk9EgnZEctjZcUah67v4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/WTKPNKXzkonno_3IBCIszfn-FtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/ZboV1Huk9EgnZEctjZcUah67v4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.174.0/24
185.38.103.0/24
188.227.204.0/22
195.69.225.0/24
195.88.202.0/23
IPv6:
2a02:7f80::/29
Signature Algorithm: sha256WithRSAEncryption
47:6d:4f:07:78:10:26:c2:fd:8b:35:13:19:5c:86:59:16:4e:
56:98:0c:af:cb:2c:29:c0:ad:d0:1f:d7:1a:0d:6e:be:ef:86:
d3:aa:22:a1:ce:05:30:c3:41:fa:14:41:a2:2f:99:92:32:48:
c2:a5:41:68:a5:c8:e0:6b:b6:79:4e:1a:5b:4b:18:d6:d0:a8:
de:5b:c8:e7:f0:9c:5f:a8:31:32:19:d0:e4:c7:f8:33:d1:f9:
f8:c7:c8:75:34:81:aa:05:47:8c:d3:3d:a3:69:b7:82:a5:77:
46:e9:46:a4:c7:a8:ad:67:4b:2f:b2:b0:a7:f0:e4:d7:45:4b:
e0:7c:96:29:17:87:6a:fc:ff:14:19:34:1d:87:a1:b3:84:4e:
45:7a:16:2a:85:78:34:02:66:4c:f9:42:ed:2e:c5:2a:3f:80:
1e:54:fb:11:ed:49:bf:33:a4:04:9d:52:97:a2:a2:24:5f:2a:
aa:0e:33:00:99:d4:b9:1f:cd:d4:cf:0a:e8:8a:72:1f:05:e2:
4f:e8:95:64:b9:0d:d5:75:4a:57:26:25:7b:90:c7:f0:57:da:
c9:32:8b:2f:2e:7d:b9:62:29:52:55:5c:c0:4e:75:7b:b5:31:
ca:6c:98:f5:2f:ba:38:e1:4f:df:3d:17:c6:0e:37:95:29:e6:
ea:c1:ec:95
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVt5nRZnBjEloPXos4oLr44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmExNWQ0N2JhNGY0NDgyNzY0NDcyZDhkOTcxNDZhMWVi
YmJmODYwHhcNMjMwMTAxMTUxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTMyOGYzNGE1ZjM5Mjg5ZTdhM2ZkYzgwNDIyMmNjZGY5ZmUxNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkenpHSjfm0VBH5QK2caNEqrLRsS
tHtxXzqFwMSEQTCboq8Msa/r7PySYBQwoEKZFDVhU0G7AFMD8tvKZXPBUegnJfCP
fIigpj7RCapTdYKRaBzzdWs6bCoiWJu3Ew1UNX1AB0qcXJcRy2y3BndnZHo8jBOZ
5Z5j2c6lu4zl8ZnR224Hze57iBOyan71Rjkcy91uX9PX2siswGQw5PBnGdGX1ECH
/X3dMLbzP6W0tgW34V5FKWwZC3/7KXvIjySdaEJAog+gLVg5B7rm83FXEQUz7OpG
8z9dy//+zn2Q1ZRpyn5vzbYtPaeLJ6pDLwJNkck3w7IlZlLbSphKGmRJfwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFkyjzSl85KJ56P9yAQiLM35/hbVMB8GA1UdIwQY
MBaAFGW6FdR7pPRIJ2RHLY2XFGoeu7+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJvVjFIdWs5RWduWkVjdGpaY1VhaDY3djRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zMDkwZGMtN2QyOC00MjI4LTgzODAt
ZmUzYjkxOGMzMDk3LzEvV1RLUE5LWHprb25ub18zSUJDSXN6Zm4tRnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zMDkwZGMtN2QyOC00MjI4LTgzODAtZmUzYjkxOGMzMDk3
LzEvWmJvVjFIdWs5RWduWkVjdGpaY1VhaDY3djRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW+uuAwQA
uSZnAwQCvOPMAwQAw0XhAwQBw1jKMA0EAgACMAcDBQMqAn+AMA0GCSqGSIb3DQEB
CwUAA4IBAQBHbU8HeBAmwv2LNRMZXIZZFk5WmAyvyywpwK3QH9caDW6+74bTqiKh
zgUww0H6FEGiL5mSMkjCpUFopcjga7Z5ThpbSxjW0KjeW8jn8JxfqDEyGdDkx/gz
0fn4x8h1NIGqBUeM0z2jabeCpXdG6Uakx6itZ0svsrCn8OTXRUvgfJYpF4dq/P8U
GTQdh6GzhE5FehYqhXg0AmZM+ULtLsUqP4AeVPsR7Um/M6QEnVKXoqIkXyqqDjMA
mdS5H83UzwroinIfBeJP6JVkuQ3VdUpXJiV7kMfwV9rJMosvLn25YilSVVzATnV7
tTHKbJj1L7o44U/fPRfGDjeVKebqweyV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:39 2024 by rpki-client on console-fra.rpki-client.org