Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/waxyNhw0jLQXGt9IGlm9uRoGiek.roa
File: waxyNhw0jLQXGt9IGlm9uRoGiek.roa (raw, json)
Hash identifier: Ykur8h9qu1zx1XmTiDwUV6t1wpu1nXo1chIKOR90OhA=
Subject key identifier: C1:AC:72:36:1C:34:8C:B4:17:1A:DF:48:1A:59:BD:B9:1A:06:89:E9
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0189813C19D6E7A4A23A0A649E79AA510CBB
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/waxyNhw0jLQXGt9IGlm9uRoGiek.roa
Signing time: Sun 23 Jul 2023 05:32:26 +0000
ROA not before: Sun 23 Jul 2023 05:32:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.22.0/23 maxlen: 24
178.253.40.0/22 maxlen: 24
178.253.55.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:81:3c:19:d6:e7:a4:a2:3a:0a:64:9e:79:aa:51:0c:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jul 23 05:32:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1ac72361c348cb4171adf481a59bdb91a0689e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c8:1b:1a:4e:ff:e0:77:14:07:b9:5e:c9:00:
f4:49:e7:90:1c:36:05:b2:92:aa:e5:50:54:13:e6:
f7:f4:b0:5d:2f:41:00:b7:2a:36:35:f9:a8:c0:10:
a4:d1:33:19:c5:d6:72:bd:ea:54:b5:41:e4:49:2a:
cf:26:5b:99:4e:5e:6e:f9:7b:e8:12:a0:0b:7b:87:
c0:15:1f:77:d0:7c:09:83:16:e9:0d:2f:c7:be:47:
84:6b:ef:87:0c:a1:af:11:ce:ed:f2:af:ff:82:df:
64:29:d5:65:64:da:18:0b:5f:e8:3c:42:d0:be:85:
2c:c2:8c:f2:d8:30:d7:09:8e:e1:48:cd:d9:09:d4:
27:44:63:7c:f3:ab:b8:a2:0a:71:1d:d5:2c:a4:75:
35:84:c3:22:e3:13:43:cb:ff:73:5d:10:09:1d:c8:
95:d8:03:43:57:02:4e:ba:cc:2e:f2:fe:82:de:67:
73:33:40:6a:ee:f0:47:b5:e8:8c:e6:19:1d:e4:ec:
f7:39:12:6d:18:b9:b9:34:2f:ef:13:48:2b:eb:90:
1b:24:71:28:ee:e0:ae:cd:6b:f9:73:74:3f:09:18:
cb:86:21:d3:ef:bf:46:8e:d6:06:10:20:ef:34:80:
a0:81:0f:b3:31:95:5b:52:23:fa:fb:ad:bf:8f:c0:
0e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:AC:72:36:1C:34:8C:B4:17:1A:DF:48:1A:59:BD:B9:1A:06:89:E9
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/waxyNhw0jLQXGt9IGlm9uRoGiek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
83.147.252.0/22
91.186.216.0/22
94.241.168.0/21
178.253.22.0/23
178.253.40.0/22
178.253.55.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:e8:57:77:22:f1:80:a3:6f:fb:4e:f4:cf:4f:48:91:5c:37:
cd:b1:fb:3b:0d:98:1a:7c:86:53:a8:ec:13:81:8b:14:43:6f:
37:64:7c:be:57:7d:7b:38:f1:4f:66:e5:36:57:75:98:8f:fc:
3d:3b:7e:6f:a6:98:75:a7:fc:5c:39:17:c3:25:ae:12:f5:96:
25:fc:8f:48:ca:92:14:4c:1e:c2:eb:a4:67:f4:3f:97:53:81:
61:d0:cd:2f:77:cd:ee:67:df:d4:41:5a:69:dc:5a:7d:4a:e8:
76:ee:94:74:65:c7:f9:a3:09:68:87:bd:f0:1f:ab:33:a3:3d:
79:15:da:15:16:94:b7:f5:9e:69:2c:3e:30:0c:9f:6d:fa:5f:
c1:02:b8:81:7d:78:ef:99:12:54:ee:7a:ab:db:8f:20:70:ad:
7b:aa:a5:70:eb:7b:ad:71:41:1f:f0:98:9b:00:93:bf:1c:ce:
7e:d2:4e:cd:e2:0d:55:1e:2c:07:90:1b:02:0e:ba:2d:58:37:
e8:42:1a:65:75:84:4b:67:98:8d:5a:e0:f9:4d:5c:55:95:20:
8e:37:25:7a:44:a9:13:de:34:ac:18:05:bb:2f:d7:9a:46:22:
82:72:8d:5a:e5:23:99:03:0a:b2:c6:7f:09:84:55:33:4a:45:
75:50:75:17
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYmBPBnW56SiOgpknnmqUQy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNzIzMDUzMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWFjNzIzNjFjMzQ4Y2I0MTcxYWRmNDgxYTU5YmRiOTFhMDY4OWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsgbGk7/4HcUB7leyQD0SeeQHDYF
spKq5VBUE+b39LBdL0EAtyo2NfmowBCk0TMZxdZyvepUtUHkSSrPJluZTl5u+Xvo
EqALe4fAFR930HwJgxbpDS/HvkeEa++HDKGvEc7t8q//gt9kKdVlZNoYC1/oPELQ
voUswozy2DDXCY7hSM3ZCdQnRGN886u4ogpxHdUspHU1hMMi4xNDy/9zXRAJHciV
2ANDVwJOuswu8v6C3mdzM0Bq7vBHteiM5hkd5Oz3ORJtGLm5NC/vE0gr65AbJHEo
7uCuzWv5c3Q/CRjLhiHT779GjtYGECDvNICggQ+zMZVbUiP6+62/j8AODwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMGscjYcNIy0FxrfSBpZvbkaBonpMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvd2F4eU5odzBqTFFYR3Q5SUdsbTl1Um9HaWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCU5P0AwQC
U5P8AwQCW7rYAwQDXvGoAwQBsv0WAwQCsv0oAwQAsv03MA0GCSqGSIb3DQEBCwUA
A4IBAQBP6Fd3IvGAo2/7TvTPT0iRXDfNsfs7DZgafIZTqOwTgYsUQ283ZHy+V317
OPFPZuU2V3WYj/w9O35vpph1p/xcORfDJa4S9ZYl/I9IypIUTB7C66Rn9D+XU4Fh
0M0vd83uZ9/UQVpp3Fp9Suh27pR0Zcf5owloh73wH6szoz15FdoVFpS39Z5pLD4w
DJ9t+l/BAriBfXjvmRJU7nqr248gcK17qqVw63utcUEf8JibAJO/HM5+0k7N4g1V
HiwHkBsCDrotWDfoQhpldYRLZ5iNWuD5TVxVlSCONyV6RKkT3jSsGAW7L9eaRiKC
co1a5SOZAwqyxn8JhFUzSkV1UHUX
Generated at Sun Jul 23 06:33:43 2023 by rpki-client on console-fra.rpki-client.org