Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/wtolHAJhjVYErU9mcqmKHWiMP54.roa
File: wtolHAJhjVYErU9mcqmKHWiMP54.roa (raw, json)
Hash identifier: KpJObHGICUsxG3oxIcX+RWJpMhcCv1ToUAC8H7i9c4U=
Subject key identifier: C2:DA:25:1C:02:61:8D:56:04:AD:4F:66:72:A9:8A:1D:68:8C:3F:9E
Certificate issuer: /CN=1220dd2b92da284c63cec46f6f6a41c013a9c881
Certificate serial: 01878ED69FA95D18BEB1957A399AE691FC93
Authority key identifier: 12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/wtolHAJhjVYErU9mcqmKHWiMP54.roa
Signing time: Mon 17 Apr 2023 10:50:42 +0000
ROA not before: Mon 17 Apr 2023 10:50:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61414
IP address blocks: 185.243.40.0/24 maxlen: 24
185.243.41.0/24 maxlen: 24
193.3.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:d6:9f:a9:5d:18:be:b1:95:7a:39:9a:e6:91:fc:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1220dd2b92da284c63cec46f6f6a41c013a9c881
Validity
Not Before: Apr 17 10:50:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2da251c02618d5604ad4f6672a98a1d688c3f9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:28:c5:c0:c3:bd:f2:28:02:ac:c9:e3:12:89:
6b:1e:78:bc:fc:aa:7a:18:f0:03:31:0b:94:9c:70:
94:70:78:56:19:8d:18:13:ab:5a:6f:72:ef:36:fb:
83:5b:d7:f5:44:de:95:6a:95:6c:04:e4:f6:4a:bc:
e2:46:aa:c2:ca:10:99:b2:27:7b:26:d7:e6:d8:ac:
9d:9c:41:34:28:7f:9c:cf:9d:dc:42:53:90:63:e8:
28:65:45:17:13:50:89:82:52:03:b9:ae:6e:fd:3e:
3f:52:67:d5:38:02:c4:07:62:e1:b7:14:5d:da:8c:
3d:f8:66:08:88:4e:96:e5:b5:8e:83:6d:b5:50:e5:
34:2b:01:3e:7a:3b:10:c4:29:d5:3b:e5:6e:cc:a2:
3f:a5:a1:31:d2:cf:c5:06:95:83:5b:d3:de:5d:49:
24:f7:c5:f0:54:7b:27:b2:15:37:f1:d9:80:24:51:
5b:e0:d0:96:9f:85:9a:6d:b8:d4:dc:2c:d8:9c:e3:
96:46:43:ea:14:f2:72:9b:19:af:4b:5f:71:5b:08:
47:bb:a6:04:77:85:1b:b4:65:7c:f2:a0:0a:4d:e4:
6a:8b:90:c4:ee:16:ca:42:2a:9b:f6:b2:bf:8c:30:
85:e9:86:bb:09:61:2f:f0:f5:96:27:4e:36:8a:28:
62:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:DA:25:1C:02:61:8D:56:04:AD:4F:66:72:A9:8A:1D:68:8C:3F:9E
X509v3 Authority Key Identifier:
keyid:12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/wtolHAJhjVYErU9mcqmKHWiMP54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/EiDdK5LaKExjzsRvb2pBwBOpyIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.40.0/23
193.3.191.0/24
Signature Algorithm: sha256WithRSAEncryption
27:c7:70:f2:23:1a:ef:9e:aa:4a:8d:96:85:6c:13:6f:4f:8a:
6d:fe:0f:85:8c:cf:62:82:32:0c:84:72:dd:2d:f2:c0:5f:ad:
0c:62:27:23:59:33:03:ef:ea:21:2d:2d:c3:b7:03:24:6b:29:
0d:4c:36:70:89:cd:d9:ae:f3:de:c5:dc:6f:52:b5:ae:dc:fa:
e4:31:33:f3:d2:5a:08:8d:b6:77:3a:31:a7:a1:a2:5a:58:fe:
f7:3e:0c:bb:83:d0:db:8a:d9:63:d0:cb:72:cf:a2:46:e0:b0:
b7:b0:28:09:19:8b:cc:95:15:f3:12:50:88:93:8e:a9:d5:84:
ff:16:2c:13:49:63:84:95:73:cb:48:4f:d1:13:03:ff:31:ce:
2e:72:32:24:aa:d0:96:1b:6f:18:2f:7d:b6:6c:80:07:4f:1c:
46:52:09:59:65:c1:af:59:6a:90:86:e2:d2:56:81:a3:02:97:
9a:6e:ff:47:00:c0:df:f5:b8:ea:3a:1a:86:71:c0:9a:99:9e:
36:9b:0b:d0:98:5e:6a:e9:ce:c4:91:ff:c4:2a:9a:2f:a5:e3:
d6:26:5b:30:75:2c:1b:e2:cf:53:1b:fc:6c:b3:7a:85:5e:c2:
6d:e5:3b:be:6b:ee:07:03:8a:0e:8d:f4:12:bc:0f:91:7e:b4:
a9:7a:f5:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeO1p+pXRi+sZV6OZrmkfyTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjBkZDJiOTJkYTI4NGM2M2NlYzQ2ZjZmNmE0MWMwMTNh
OWM4ODEwHhcNMjMwNDE3MTA1MDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmRhMjUxYzAyNjE4ZDU2MDRhZDRmNjY3MmE5OGExZDY4OGMzZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSjFwMO98igCrMnjEolrHni8/Kp6
GPADMQuUnHCUcHhWGY0YE6tab3LvNvuDW9f1RN6VapVsBOT2SrziRqrCyhCZsid7
Jtfm2KydnEE0KH+cz53cQlOQY+goZUUXE1CJglIDua5u/T4/UmfVOALEB2LhtxRd
2ow9+GYIiE6W5bWOg221UOU0KwE+ejsQxCnVO+VuzKI/paEx0s/FBpWDW9PeXUkk
98XwVHsnshU38dmAJFFb4NCWn4WabbjU3CzYnOOWRkPqFPJymxmvS19xWwhHu6YE
d4UbtGV88qAKTeRqi5DE7hbKQiqb9rK/jDCF6Ya7CWEv8PWWJ042iihiAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMLaJRwCYY1WBK1PZnKpih1ojD+eMB8GA1UdIwQY
MBaAFBIg3SuS2ihMY87Eb29qQcATqciBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWIt
YTg1ODU4NDliZTE0LzEvd3RvbEhBSmhqVllFclU5bWNxbUtIV2lNUDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWItYTg1ODU4NDliZTE0
LzEvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBufMoAwQA
wQO/MA0GCSqGSIb3DQEBCwUAA4IBAQAnx3DyIxrvnqpKjZaFbBNvT4pt/g+FjM9i
gjIMhHLdLfLAX60MYicjWTMD7+ohLS3DtwMkaykNTDZwic3ZrvPexdxvUrWu3Prk
MTPz0loIjbZ3OjGnoaJaWP73Pgy7g9Dbitlj0Mtyz6JG4LC3sCgJGYvMlRXzElCI
k46p1YT/FiwTSWOElXPLSE/REwP/Mc4ucjIkqtCWG28YL322bIAHTxxGUglZZcGv
WWqQhuLSVoGjApeabv9HAMDf9bjqOhqGccCamZ42mwvQmF5q6c7Ekf/EKpovpePW
JlswdSwb4s9TG/xss3qFXsJt5Tu+a+4HA4oOjfQSvA+RfrSpevV7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org