Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/WAA6ldfLs3YjFPIkDp63XvvE4Wo.roa
File: WAA6ldfLs3YjFPIkDp63XvvE4Wo.roa (raw, json)
Hash identifier: WYNKjGYm58UgCgQoGN+C92Y551ri8s/XHeIQXAdevCY=
Subject key identifier: 58:00:3A:95:D7:CB:B3:76:23:14:F2:24:0E:9E:B7:5E:FB:C4:E1:6A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189D929BE427E49B7404F124D9326B35373
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/WAA6ldfLs3YjFPIkDp63XvvE4Wo.roa
Signing time: Wed 09 Aug 2023 07:18:58 +0000
ROA not before: Wed 09 Aug 2023 07:18:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60064
IP address blocks: 45.129.132.0/24 maxlen: 24
45.129.133.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d9:29:be:42:7e:49:b7:40:4f:12:4d:93:26:b3:53:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 9 07:18:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58003a95d7cbb3762314f2240e9eb75efbc4e16a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:71:f5:d7:eb:9f:1b:f6:27:e2:40:b0:a3:17:
89:32:03:ec:fa:d5:8b:a3:3f:13:c9:4c:79:7a:6c:
3a:15:98:a4:7d:91:9e:61:b4:de:82:68:a4:d3:77:
5c:8e:2f:f8:f7:aa:12:f5:eb:d1:a6:f9:24:be:d3:
3f:3f:e7:3a:be:02:a8:9d:4b:2d:57:2a:15:92:2f:
be:a4:da:eb:99:da:25:e1:56:9a:cd:ac:99:7a:53:
0c:ad:92:26:f2:cf:02:83:cf:c3:98:b5:9f:90:2a:
90:2b:14:f7:03:36:ab:28:c3:fd:08:cc:21:7e:d1:
64:c0:b7:95:c9:4e:67:a9:12:fd:94:e7:8f:d1:26:
23:ee:b3:97:c4:b6:37:2e:4b:06:a4:30:8e:0a:76:
6b:9b:59:d0:ec:29:34:06:40:31:8d:f3:16:78:f8:
12:f8:a3:a0:08:85:03:66:86:d6:fb:99:ae:7d:60:
78:1e:74:dd:0a:d0:17:6a:d1:35:e5:45:51:d7:37:
bc:54:18:94:1f:94:f5:a5:65:90:24:b6:c1:6a:3d:
b1:b4:ed:b2:5a:fa:0a:c4:07:6e:d4:c2:b8:5d:ab:
d7:93:d6:0a:93:ea:6d:13:4f:30:09:9e:b2:22:01:
e9:48:36:65:fb:4e:98:01:c7:89:b7:39:10:95:d8:
59:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:00:3A:95:D7:CB:B3:76:23:14:F2:24:0E:9E:B7:5E:FB:C4:E1:6A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/WAA6ldfLs3YjFPIkDp63XvvE4Wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.132.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:31:4e:34:1a:76:5c:48:ef:ac:a7:3a:8a:fb:0b:91:8e:53:
d4:88:93:9e:bf:58:cd:ef:30:e4:39:5a:67:c0:7b:cc:5d:3e:
f2:b2:42:c2:0a:aa:6f:88:69:0b:68:6c:8e:0e:e7:8a:06:77:
11:1a:dc:ee:a7:2c:32:64:0c:0e:38:3f:a7:5a:7c:30:62:27:
1f:6a:94:7d:55:40:c9:61:c3:c0:8f:eb:3e:d4:8f:2c:c5:ef:
6b:af:26:d0:cd:78:ac:73:bd:88:34:c9:ee:c8:7f:e1:26:22:
97:5d:0d:7d:0b:ab:69:7d:57:45:f1:6d:b2:7e:33:f3:52:eb:
76:bb:5c:d1:8c:d8:c2:cd:54:80:98:58:e7:dc:e8:a8:74:d5:
a6:ab:b6:14:b0:a5:ad:a3:cc:91:0e:44:e3:49:27:1e:1c:44:
de:1c:1b:a1:fc:3b:54:23:db:20:32:90:37:47:37:76:d0:1c:
1f:1c:09:9f:a3:38:b0:80:6f:1d:2e:c1:6f:3f:df:54:f8:60:
17:12:6a:55:f2:b3:6a:21:5e:a8:f0:e6:c5:50:55:2c:4f:45:
fa:b2:14:c8:bb:09:a6:ae:87:77:d9:87:8b:c3:88:70:b9:3e:
34:60:d6:2f:d1:c1:b1:c7:fa:79:72:87:11:a4:eb:fc:aa:1f:
2f:6d:1d:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnZKb5Cfkm3QE8STZMms1NzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODA5MDcxODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODAwM2E5NWQ3Y2JiMzc2MjMxNGYyMjQwZTllYjc1ZWZiYzRlMTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnH11+ufG/Yn4kCwoxeJMgPs+tWL
oz8TyUx5emw6FZikfZGeYbTegmik03dcji/496oS9evRpvkkvtM/P+c6vgKonUst
VyoVki++pNrrmdol4VaazayZelMMrZIm8s8Cg8/DmLWfkCqQKxT3AzarKMP9CMwh
ftFkwLeVyU5nqRL9lOeP0SYj7rOXxLY3LksGpDCOCnZrm1nQ7Ck0BkAxjfMWePgS
+KOgCIUDZobW+5mufWB4HnTdCtAXatE15UVR1ze8VBiUH5T1pWWQJLbBaj2xtO2y
WvoKxAdu1MK4XavXk9YKk+ptE08wCZ6yIgHpSDZl+06YAceJtzkQldhZwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFgAOpXXy7N2IxTyJA6et177xOFqMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvV0FBNmxkZkxzM1lqRlBJa0RwNjNYdnZFNFdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYGEMA0G
CSqGSIb3DQEBCwUAA4IBAQB8MU40GnZcSO+spzqK+wuRjlPUiJOev1jN7zDkOVpn
wHvMXT7yskLCCqpviGkLaGyODueKBncRGtzupywyZAwOOD+nWnwwYicfapR9VUDJ
YcPAj+s+1I8sxe9rrybQzXisc72INMnuyH/hJiKXXQ19C6tpfVdF8W2yfjPzUut2
u1zRjNjCzVSAmFjn3OiodNWmq7YUsKWto8yRDkTjSSceHETeHBuh/DtUI9sgMpA3
Rzd20BwfHAmfoziwgG8dLsFvP99U+GAXEmpV8rNqIV6o8ObFUFUsT0X6shTIuwmm
rod32YeLw4hwuT40YNYv0cGxx/p5cocRpOv8qh8vbR2M
-----END CERTIFICATE-----
Generated at Thu Nov 2 12:23:28 2023 by rpki-client on console-fra.rpki-client.org