Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/wr3pTmMbRVOHrTlukbvGxxe7WTk.roa
File: wr3pTmMbRVOHrTlukbvGxxe7WTk.roa (raw, json)
Hash identifier: p2FaD46bNf+wmgbC1WKSKP1pi9zyYGFZIf1uv9HYB1A=
Subject key identifier: C2:BD:E9:4E:63:1B:45:53:87:AD:39:6E:91:BB:C6:C7:17:BB:59:39
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018B8A1F687C792704AAC9DF2AA0015158E7
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/wr3pTmMbRVOHrTlukbvGxxe7WTk.roa
Signing time: Wed 01 Nov 2023 09:03:16 +0000
ROA not before: Wed 01 Nov 2023 09:03:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216202
IP address blocks: 213.109.98.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8a:1f:68:7c:79:27:04:aa:c9:df:2a:a0:01:51:58:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Nov 1 09:03:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2bde94e631b455387ad396e91bbc6c717bb5939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:98:aa:fb:9b:ce:85:83:ea:98:ca:c7:0d:9d:
44:f3:b9:4c:8c:ec:9c:fc:92:f5:18:b1:a7:2f:f4:
f1:dc:0c:8c:0b:bf:82:3e:c0:2e:b8:9b:82:6f:b5:
8c:75:98:82:7f:29:7c:7c:81:4d:77:d2:ec:c0:9b:
24:79:9b:69:ba:b8:1a:97:53:5a:72:ed:8e:0d:97:
22:64:97:d0:33:e3:76:27:a7:8e:66:d8:b6:93:1a:
52:2e:9e:c4:b7:08:a1:03:b7:a9:38:33:89:53:64:
24:8b:99:f5:27:07:99:bb:17:d9:66:6a:cc:7d:b8:
ec:f7:a3:09:50:53:f4:a2:83:fb:92:5f:e2:c9:21:
f1:8d:d6:18:86:29:f0:6a:86:25:13:44:67:db:15:
e3:d9:9e:e1:6f:a0:52:76:af:f8:04:de:ce:f4:0e:
f0:18:c0:f7:4e:b5:02:a6:54:35:5c:3f:83:22:6a:
9b:2a:7d:8f:d2:ce:69:19:e6:07:16:45:97:d8:14:
9f:a4:6b:31:dd:0e:53:e0:2a:ad:88:37:43:2e:52:
9f:c0:b0:ff:8b:f3:37:da:e3:d0:d7:01:e1:6e:58:
46:85:47:a0:20:43:ec:bf:07:45:0e:df:83:5d:d6:
db:1a:33:d4:52:6a:8f:11:16:16:e6:10:c9:1b:64:
ce:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:BD:E9:4E:63:1B:45:53:87:AD:39:6E:91:BB:C6:C7:17:BB:59:39
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/wr3pTmMbRVOHrTlukbvGxxe7WTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.98.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:a7:aa:28:65:4b:31:3e:83:9a:0e:70:7d:d1:cd:3e:dc:24:
4d:99:87:d8:ad:ee:51:c2:04:ba:44:bd:e5:d7:9a:f5:09:66:
ca:47:a2:de:dc:d1:72:6e:fe:39:ca:6e:61:52:af:fd:65:7a:
f4:3a:be:d2:68:dd:3a:33:bc:23:15:74:fe:03:e9:8e:33:d9:
b7:45:bc:fe:64:c3:4e:7d:fd:47:eb:ce:9f:b1:f1:4f:c0:92:
f4:69:c3:44:6d:c5:dd:ef:6e:76:54:ed:1e:fc:76:06:be:54:
78:3e:39:61:e4:09:d6:f5:54:b1:9f:64:db:33:88:dc:3c:0c:
cf:03:2c:82:e8:a9:1e:dd:8e:6a:b7:ce:b4:43:2d:be:c7:f3:
74:08:99:fe:64:12:66:c2:10:43:57:c0:5a:a1:7f:12:fd:b0:
2d:a9:be:c4:b3:d2:5a:db:d3:81:b3:77:5f:33:71:5b:00:e7:
b0:37:ac:0b:0b:33:a4:66:16:7b:e1:1d:6f:58:52:13:31:f8:
aa:2c:10:fd:63:88:65:fb:ca:6e:f3:10:a0:bc:a1:9a:1d:5a:
15:ec:64:79:e0:a1:5a:bf:c0:6b:ee:fe:38:9f:ca:db:7e:83:
b7:28:2e:bb:90:07:25:7c:3f:de:b4:15:21:7a:d7:fc:18:3c:
30:c6:f3:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuKH2h8eScEqsnfKqABUVjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjMxMTAxMDkwMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmJkZTk0ZTYzMWI0NTUzODdhZDM5NmU5MWJiYzZjNzE3YmI1OTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25iq+5vOhYPqmMrHDZ1E87lMjOyc
/JL1GLGnL/Tx3AyMC7+CPsAuuJuCb7WMdZiCfyl8fIFNd9LswJskeZtpurgal1Na
cu2ODZciZJfQM+N2J6eOZti2kxpSLp7EtwihA7epODOJU2Qki5n1JweZuxfZZmrM
fbjs96MJUFP0ooP7kl/iySHxjdYYhinwaoYlE0Rn2xXj2Z7hb6BSdq/4BN7O9A7w
GMD3TrUCplQ1XD+DImqbKn2P0s5pGeYHFkWX2BSfpGsx3Q5T4CqtiDdDLlKfwLD/
i/M32uPQ1wHhblhGhUegIEPsvwdFDt+DXdbbGjPUUmqPERYW5hDJG2TOdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMK96U5jG0VTh605bpG7xscXu1k5MB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvd3IzcFRtTWJSVk9IclRsdWtidkd4eGU3V1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1W1iMA0G
CSqGSIb3DQEBCwUAA4IBAQAtp6ooZUsxPoOaDnB90c0+3CRNmYfYre5RwgS6RL3l
15r1CWbKR6Le3NFybv45ym5hUq/9ZXr0Or7SaN06M7wjFXT+A+mOM9m3Rbz+ZMNO
ff1H686fsfFPwJL0acNEbcXd7252VO0e/HYGvlR4Pjlh5AnW9VSxn2TbM4jcPAzP
AyyC6Kke3Y5qt860Qy2+x/N0CJn+ZBJmwhBDV8BaoX8S/bAtqb7Es9Ja29OBs3df
M3FbAOewN6wLCzOkZhZ74R1vWFITMfiqLBD9Y4hl+8pu8xCgvKGaHVoV7GR54KFa
v8Br7v44n8rbfoO3KC67kAclfD/etBUhetf8GDwwxvOw
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:41 2024 by rpki-client on console-ams.rpki-client.org