Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/WxCw8X5zQKx4i-19lfG5CbzX-aw.roa
File: WxCw8X5zQKx4i-19lfG5CbzX-aw.roa (raw, json)
Hash identifier: MmzuaTLByY1Ws7Svu6pP2T7gLhbsBXFu3gyhcW8rJyA=
Subject key identifier: 5B:10:B0:F1:7E:73:40:AC:78:8B:ED:7D:95:F1:B9:09:BC:D7:F9:AC
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01864FC22C7FF7ACF232BE9CB9A23DD22349
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/WxCw8X5zQKx4i-19lfG5CbzX-aw.roa
Signing time: Tue 14 Feb 2023 11:49:30 +0000
ROA not before: Tue 14 Feb 2023 11:49:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 93.115.254.0/23 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.241.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Feb 2023 14:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4f:c2:2c:7f:f7:ac:f2:32:be:9c:b9:a2:3d:d2:23:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 14 11:49:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b10b0f17e7340ac788bed7d95f1b909bcd7f9ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e1:1e:b6:b6:80:ab:3b:59:91:db:1b:48:45:
7e:1f:d6:f1:21:ab:d4:89:7d:0d:9d:93:cd:11:05:
f0:ba:7d:6f:58:61:7e:65:98:f3:f2:1f:4c:ff:44:
6b:74:82:da:be:52:d4:69:1b:e3:64:a5:9a:45:1c:
86:8b:ee:71:37:49:9c:3d:f8:c1:a1:58:30:6b:28:
7b:5b:d6:0d:f3:74:5a:68:a0:b3:4b:00:98:8b:92:
a1:4b:1b:34:bd:7d:19:d9:3c:fd:6a:7e:7d:4c:9f:
cc:6b:46:01:46:88:bd:a0:7c:6c:df:b7:76:5b:bf:
21:2b:6f:cb:93:d0:87:55:60:70:31:17:8e:e0:fd:
2f:02:d2:6e:d6:84:5e:49:9f:51:b5:ed:c8:d4:32:
2d:9c:b2:11:f1:a4:27:8c:f8:df:f0:8f:da:d9:7a:
5d:0c:71:db:7d:e2:e0:24:39:00:e6:b9:0a:20:cc:
67:87:7b:3f:a9:48:a0:ba:c4:95:38:30:64:c7:b8:
56:1c:82:db:83:d0:30:cb:49:b2:19:8d:0e:38:97:
3a:10:61:ca:b3:fd:8e:bc:0b:8a:41:42:3d:30:a2:
f4:39:8e:4d:14:51:e9:58:79:fb:2e:82:5a:5e:ac:
ae:0f:4f:c9:e6:3d:38:99:c0:1b:60:ff:f8:fa:b6:
b4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:10:B0:F1:7E:73:40:AC:78:8B:ED:7D:95:F1:B9:09:BC:D7:F9:AC
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/WxCw8X5zQKx4i-19lfG5CbzX-aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.148.0/23
93.115.254.0/23
185.241.210.0/23
185.255.170.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:74:9e:4b:35:4f:c8:02:e0:4b:da:bf:f0:c5:d8:d0:97:43:
ec:39:8b:5d:4f:68:e3:0b:06:e6:dc:69:4d:9f:ba:53:98:88:
d4:58:81:88:18:71:a4:72:ad:6c:84:56:af:c2:d0:c4:eb:a1:
6f:4d:4c:bd:c3:df:94:1e:9f:c0:89:dc:b7:a3:61:b1:7f:82:
29:32:d7:bf:6d:e8:ff:6e:84:bf:a3:5e:b2:ec:0c:92:ed:88:
55:16:1c:55:2d:e0:8b:3b:3c:68:8d:89:50:4d:ee:66:28:21:
c7:38:63:e6:70:32:37:ad:33:ab:fd:29:af:7a:09:85:e7:99:
30:1f:e3:0e:b7:55:83:4e:b1:84:7e:68:a7:c3:95:04:96:14:
d6:84:33:92:f0:88:8d:92:fa:df:c3:c9:6b:89:b2:50:53:6e:
e4:12:3b:69:f4:1b:c3:ae:c8:11:78:1c:7c:e1:6d:d8:92:f6:
af:43:18:3a:0d:ca:33:03:7d:90:14:82:65:77:3b:aa:dc:7b:
ab:94:38:a4:69:3b:35:a4:7e:84:e5:3f:24:2a:d1:1c:54:dd:
b5:d6:b2:2c:e8:cb:3f:9f:d1:8a:85:f1:b5:92:c4:36:26:97:
6c:22:8a:16:fb:74:bc:bd:26:f0:1b:e7:c0:e0:6e:01:1a:c6:
17:ab:6c:e0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZPwix/96zyMr6cuaI90iNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjE0MTE0OTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjEwYjBmMTdlNzM0MGFjNzg4YmVkN2Q5NWYxYjkwOWJjZDdmOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuEetraAqztZkdsbSEV+H9bxIavU
iX0NnZPNEQXwun1vWGF+ZZjz8h9M/0RrdILavlLUaRvjZKWaRRyGi+5xN0mcPfjB
oVgwayh7W9YN83RaaKCzSwCYi5KhSxs0vX0Z2Tz9an59TJ/Ma0YBRoi9oHxs37d2
W78hK2/Lk9CHVWBwMReO4P0vAtJu1oReSZ9Rte3I1DItnLIR8aQnjPjf8I/a2Xpd
DHHbfeLgJDkA5rkKIMxnh3s/qUigusSVODBkx7hWHILbg9Awy0myGY0OOJc6EGHK
s/2OvAuKQUI9MKL0OY5NFFHpWHn7LoJaXqyuD0/J5j04mcAbYP/4+ra0PQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFsQsPF+c0CseIvtfZXxuQm81/msMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvV3hDdzhYNXpRS3g0aS0xOWxmRzVDYnpYLWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBV/eUAwQB
XXP+AwQBufHSAwQBuf+qMA0GCSqGSIb3DQEBCwUAA4IBAQA+dJ5LNU/IAuBL2r/w
xdjQl0PsOYtdT2jjCwbm3GlNn7pTmIjUWIGIGHGkcq1shFavwtDE66FvTUy9w9+U
Hp/Aidy3o2Gxf4IpMte/bej/boS/o16y7AyS7YhVFhxVLeCLOzxojYlQTe5mKCHH
OGPmcDI3rTOr/SmvegmF55kwH+MOt1WDTrGEfminw5UElhTWhDOS8IiNkvrfw8lr
ibJQU27kEjtp9BvDrsgReBx84W3YkvavQxg6DcozA32QFIJldzuq3HurlDikaTs1
pH6E5T8kKtEcVN211rIs6Ms/n9GKhfG1ksQ2JpdsIooW+3S8vSbwG+fA4G4BGsYX
q2zg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org