Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/0ce569-ab8e-4712-949a-cec9e17f504b/1/W1ysjj27whZEATUQGxLue1PP2FQ.roa
File: W1ysjj27whZEATUQGxLue1PP2FQ.roa (raw, json)
Hash identifier: k83BYXY+Zu0HUj2GkGgsv0Fxifie4WcISu/p9S8VYi0=
Subject key identifier: 5B:5C:AC:8E:3D:BB:C2:16:44:01:35:10:1B:12:EE:7B:53:CF:D8:54
Certificate issuer: /CN=61fbd8887da84471318d83884ac005f01b44fd49
Certificate serial: 01856F020C689A2EDB25899313DA7DF995C1
Authority key identifier: 61:FB:D8:88:7D:A8:44:71:31:8D:83:88:4A:C0:05:F0:1B:44:FD:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YfvYiH2oRHExjYOISsAF8BtE_Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/0ce569-ab8e-4712-949a-cec9e17f504b/1/W1ysjj27whZEATUQGxLue1PP2FQ.roa
Signing time: Sun 01 Jan 2023 20:24:43 +0000
ROA not before: Sun 01 Jan 2023 20:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203412
IP address blocks: 79.142.44.0/22 maxlen: 22
185.125.172.0/22 maxlen: 22
2a07:f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:0c:68:9a:2e:db:25:89:93:13:da:7d:f9:95:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61fbd8887da84471318d83884ac005f01b44fd49
Validity
Not Before: Jan 1 20:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b5cac8e3dbbc216440135101b12ee7b53cfd854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8b:9d:84:7c:de:3b:fa:ce:ba:56:19:ba:e4:
46:a9:4c:5f:27:94:42:55:0f:7c:4e:52:12:cf:54:
ff:a0:c6:d3:86:dd:92:f1:79:c4:10:87:9e:bb:6c:
8b:33:cf:62:23:ad:7f:6e:3a:ec:a7:c7:74:12:02:
53:76:b8:7a:ef:68:06:04:50:5f:32:9b:ac:5d:74:
2f:6e:b9:52:ab:66:8d:ce:81:a7:87:1c:52:22:1d:
38:d2:12:5d:75:b1:54:a2:0a:c4:af:9c:74:91:58:
7d:5d:b6:53:cc:2a:91:27:19:77:ba:83:9d:64:d7:
a4:5b:37:b7:00:c4:13:87:54:60:b0:a0:81:a2:57:
34:6e:4a:75:f1:47:3f:12:40:92:85:fe:92:6c:88:
bc:f8:2f:d1:fd:3f:77:3c:b7:d0:97:0a:43:3a:25:
9a:e2:08:56:fb:b6:e6:b8:57:9e:d8:ef:77:0c:b2:
fb:ad:00:cd:19:60:02:d1:33:65:f1:b4:c0:34:73:
30:b6:47:6c:90:05:78:d5:51:ac:82:b7:79:2f:85:
a4:d8:49:6d:d7:e9:f3:e8:72:9a:99:83:a6:d0:99:
22:5b:90:9c:5a:53:5a:4c:37:71:6d:c5:c8:dd:32:
b8:9c:a3:da:76:a0:73:a2:e6:0b:b4:f4:8b:d7:3b:
97:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:5C:AC:8E:3D:BB:C2:16:44:01:35:10:1B:12:EE:7B:53:CF:D8:54
X509v3 Authority Key Identifier:
keyid:61:FB:D8:88:7D:A8:44:71:31:8D:83:88:4A:C0:05:F0:1B:44:FD:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YfvYiH2oRHExjYOISsAF8BtE_Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0ce569-ab8e-4712-949a-cec9e17f504b/1/W1ysjj27whZEATUQGxLue1PP2FQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0ce569-ab8e-4712-949a-cec9e17f504b/1/YfvYiH2oRHExjYOISsAF8BtE_Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.142.44.0/22
185.125.172.0/22
IPv6:
2a07:f00::/29
Signature Algorithm: sha256WithRSAEncryption
30:7f:83:c8:66:d8:f7:32:88:ed:a4:5a:8a:75:a8:ec:82:0e:
61:15:30:b9:61:8c:ad:02:ee:76:88:d3:4a:0c:11:70:c0:7c:
56:37:7d:ac:ff:0f:42:17:33:46:5a:7d:3f:98:26:13:7d:af:
a7:84:41:37:62:77:0d:06:7a:2a:0e:1d:6a:8e:24:9b:96:db:
ac:bd:34:89:7f:3f:cd:4e:dc:57:e7:60:5d:ca:ea:d9:08:4c:
a6:4d:6a:6c:84:4a:c1:ff:69:8b:f1:88:26:c4:26:2f:17:43:
a4:16:df:10:0b:53:8a:e3:f4:de:eb:dd:91:d6:cd:22:cf:77:
ba:f6:25:e3:ab:7e:02:93:13:30:e4:c1:e4:93:69:04:95:d1:
64:05:96:80:70:8e:f1:6f:99:f7:43:b7:68:a4:d2:bc:af:1d:
9f:55:08:5c:a8:17:71:36:c3:19:85:60:95:be:1c:fd:3e:7b:
3d:17:4e:12:b3:1a:9d:86:cf:d3:cf:2c:7a:11:10:27:38:fb:
cb:47:99:8a:4d:40:19:b2:12:e4:49:44:ee:bc:08:89:08:2b:
37:6d:7c:a3:b1:dd:b7:a5:ba:93:f7:ee:9e:5b:ab:01:9d:9f:
ff:20:b4:3f:48:01:6a:59:b2:45:55:d1:2e:1a:86:28:d3:8d:
3a:53:93:df
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvAgxomi7bJYmTE9p9+ZXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZmJkODg4N2RhODQ0NzEzMThkODM4ODRhYzAwNWYwMWI0
NGZkNDkwHhcNMjMwMTAxMjAyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjVjYWM4ZTNkYmJjMjE2NDQwMTM1MTAxYjEyZWU3YjUzY2ZkODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIudhHzeO/rOulYZuuRGqUxfJ5RC
VQ98TlISz1T/oMbTht2S8XnEEIeeu2yLM89iI61/bjrsp8d0EgJTdrh672gGBFBf
MpusXXQvbrlSq2aNzoGnhxxSIh040hJddbFUogrEr5x0kVh9XbZTzCqRJxl3uoOd
ZNekWze3AMQTh1RgsKCBolc0bkp18Uc/EkCShf6SbIi8+C/R/T93PLfQlwpDOiWa
4ghW+7bmuFee2O93DLL7rQDNGWAC0TNl8bTANHMwtkdskAV41VGsgrd5L4Wk2Elt
1+nz6HKamYOm0JkiW5CcWlNaTDdxbcXI3TK4nKPadqBzouYLtPSL1zuXawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFtcrI49u8IWRAE1EBsS7ntTz9hUMB8GA1UdIwQY
MBaAFGH72Ih9qERxMY2DiErABfAbRP1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWZ2WWlIMm9SSEV4allPSVNzQUY4QnRFX1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8wY2U1NjktYWI4ZS00NzEyLTk0OWEt
Y2VjOWUxN2Y1MDRiLzEvVzF5c2pqMjd3aFpFQVRVUUd4THVlMVBQMkZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8wY2U1NjktYWI4ZS00NzEyLTk0OWEtY2VjOWUxN2Y1MDRi
LzEvWWZ2WWlIMm9SSEV4allPSVNzQUY4QnRFX1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCT44sAwQC
uX2sMA0EAgACMAcDBQMqBw8AMA0GCSqGSIb3DQEBCwUAA4IBAQAwf4PIZtj3Mojt
pFqKdajsgg5hFTC5YYytAu52iNNKDBFwwHxWN32s/w9CFzNGWn0/mCYTfa+nhEE3
YncNBnoqDh1qjiSbltusvTSJfz/NTtxX52BdyurZCEymTWpshErB/2mL8YgmxCYv
F0OkFt8QC1OK4/Te692R1s0iz3e69iXjq34CkxMw5MHkk2kEldFkBZaAcI7xb5n3
Q7dopNK8rx2fVQhcqBdxNsMZhWCVvhz9Pns9F04Ssxqdhs/Tzyx6ERAnOPvLR5mK
TUAZshLkSUTuvAiJCCs3bXyjsd23pbqT9+6eW6sBnZ//ILQ/SAFqWbJFVdEuGoYo
0406U5Pf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:27 2024 by rpki-client on console-ams.rpki-client.org