Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/716f47-10b8-4f39-859f-ece577e307ad/1/WB3fsDUEpw8XCCv9zkCtdmixYK0.roa
File: WB3fsDUEpw8XCCv9zkCtdmixYK0.roa (raw, json)
Hash identifier: nEoaHsOAGHJhqHm1LNCraz4zij1qa5nCcPwiG9PBudk=
Subject key identifier: 58:1D:DF:B0:35:04:A7:0F:17:08:2B:FD:CE:40:AD:76:68:B1:60:AD
Certificate issuer: /CN=e467dbe6ac755a9063c360b1525e844fd2a57b93
Certificate serial: 0185A50E6DE0979C422DFEBB67D8FCFA7BC5
Authority key identifier: E4:67:DB:E6:AC:75:5A:90:63:C3:60:B1:52:5E:84:4F:D2:A5:7B:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Gfb5qx1WpBjw2CxUl6ET9Kle5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/716f47-10b8-4f39-859f-ece577e307ad/1/WB3fsDUEpw8XCCv9zkCtdmixYK0.roa
Signing time: Thu 12 Jan 2023 08:17:44 +0000
ROA not before: Thu 12 Jan 2023 08:17:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207489
IP address blocks: 194.76.145.0/24 maxlen: 24
194.76.149.0/24 maxlen: 24
194.76.150.0/24 maxlen: 24
2a0f:ae40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:0e:6d:e0:97:9c:42:2d:fe:bb:67:d8:fc:fa:7b:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e467dbe6ac755a9063c360b1525e844fd2a57b93
Validity
Not Before: Jan 12 08:17:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=581ddfb03504a70f17082bfdce40ad7668b160ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:55:3c:ec:75:7d:6f:26:4c:f8:f0:ec:db:0c:
4f:fd:0f:40:3e:52:27:cb:d9:1a:6e:0b:c6:57:df:
d0:ff:34:31:5f:b1:24:c7:eb:60:66:29:36:ea:21:
e2:3c:fb:6c:60:d3:8c:00:ae:b6:69:ef:96:6f:71:
67:66:65:c9:27:24:78:01:dc:7f:3e:5f:d7:1b:34:
fe:a3:81:65:49:fe:71:70:5e:47:87:0f:12:a4:1b:
89:83:5f:05:93:40:3a:b7:57:77:1c:bc:78:83:d3:
32:50:be:f2:a3:3e:73:64:2b:20:dd:85:2b:84:24:
ee:e1:62:31:37:6d:9f:ed:6f:eb:c6:ff:19:17:b7:
0d:e0:5a:46:d7:85:63:60:ce:6d:b7:c6:f8:7e:fd:
73:9a:de:c5:9d:ac:4b:e5:d7:1c:62:52:89:47:fb:
95:5b:bc:7e:ab:a5:11:e2:c3:a2:6a:c8:e8:05:35:
8f:ad:d5:ca:bb:89:8f:df:cb:93:79:84:4e:fa:02:
d3:db:5a:82:42:49:2b:bd:90:c2:3e:fe:9d:0d:ac:
95:96:26:a5:74:d4:ec:3a:31:c9:8b:c1:d4:08:2a:
88:12:97:84:e8:49:4e:a9:05:f7:25:00:f9:d4:6a:
38:68:f6:3a:ce:78:3c:14:e8:d9:7e:ec:c3:87:1a:
9d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:1D:DF:B0:35:04:A7:0F:17:08:2B:FD:CE:40:AD:76:68:B1:60:AD
X509v3 Authority Key Identifier:
keyid:E4:67:DB:E6:AC:75:5A:90:63:C3:60:B1:52:5E:84:4F:D2:A5:7B:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Gfb5qx1WpBjw2CxUl6ET9Kle5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/716f47-10b8-4f39-859f-ece577e307ad/1/WB3fsDUEpw8XCCv9zkCtdmixYK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/716f47-10b8-4f39-859f-ece577e307ad/1/5Gfb5qx1WpBjw2CxUl6ET9Kle5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.145.0/24
194.76.149.0-194.76.150.255
IPv6:
2a0f:ae40::/32
Signature Algorithm: sha256WithRSAEncryption
1b:6d:bb:f9:80:61:04:60:24:c9:6f:5c:16:1f:39:04:27:64:
e8:26:14:32:18:a1:fb:77:8a:72:2c:08:55:f3:c4:37:1d:50:
b3:26:69:87:85:fb:f3:a2:02:01:d8:59:3a:3f:6b:0b:67:90:
57:bb:d4:2a:4a:25:c3:58:a0:aa:db:ba:f1:3c:41:cf:0c:6e:
95:d9:0a:5b:a6:88:f9:fa:3e:74:6b:f7:af:dd:d9:ce:27:23:
d0:51:0b:c8:d7:d4:f0:73:6f:cf:cf:76:54:74:5b:f5:f0:a7:
a2:b2:bd:d3:52:36:14:18:55:15:da:09:0e:2a:94:28:45:0d:
c2:d5:d3:06:fc:75:06:34:d8:66:9d:d7:08:e4:4f:ef:8a:25:
c4:e6:d5:50:c2:ba:4c:96:c6:2c:59:95:b9:9b:c0:17:f7:b9:
01:72:5c:5c:a3:cc:5f:75:94:0d:1d:70:f4:ef:b5:e6:a1:c3:
cb:b1:bd:12:37:1b:f4:3b:b8:19:51:cc:5b:2e:77:e9:48:3d:
80:cd:51:cf:e2:2d:73:0f:8e:31:64:2d:c7:a9:75:ef:25:bf:
13:f3:3c:da:14:12:7f:2b:f1:f9:d7:63:58:47:63:c8:dc:ca:
69:cd:a2:29:91:ef:60:5b:02:cb:a6:45:3e:26:6e:99:03:50:
63:89:9b:30
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYWlDm3gl5xCLf67Z9j8+nvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NjdkYmU2YWM3NTVhOTA2M2MzNjBiMTUyNWU4NDRmZDJh
NTdiOTMwHhcNMjMwMTEyMDgxNzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODFkZGZiMDM1MDRhNzBmMTcwODJiZmRjZTQwYWQ3NjY4YjE2MGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFU87HV9byZM+PDs2wxP/Q9APlIn
y9kabgvGV9/Q/zQxX7Ekx+tgZik26iHiPPtsYNOMAK62ae+Wb3FnZmXJJyR4Adx/
Pl/XGzT+o4FlSf5xcF5Hhw8SpBuJg18Fk0A6t1d3HLx4g9MyUL7yoz5zZCsg3YUr
hCTu4WIxN22f7W/rxv8ZF7cN4FpG14VjYM5tt8b4fv1zmt7FnaxL5dccYlKJR/uV
W7x+q6UR4sOiasjoBTWPrdXKu4mP38uTeYRO+gLT21qCQkkrvZDCPv6dDayVlial
dNTsOjHJi8HUCCqIEpeE6ElOqQX3JQD51Go4aPY6zng8FOjZfuzDhxqdPwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFgd37A1BKcPFwgr/c5ArXZosWCtMB8GA1UdIwQY
MBaAFORn2+asdVqQY8NgsVJehE/SpXuTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUdmYjVxeDFXcEJqdzJDeFVsNkVUOUtsZTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS83MTZmNDctMTBiOC00ZjM5LTg1OWYt
ZWNlNTc3ZTMwN2FkLzEvV0IzZnNEVUVwdzhYQ0N2OXprQ3RkbWl4WUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS83MTZmNDctMTBiOC00ZjM5LTg1OWYtZWNlNTc3ZTMwN2Fk
LzEvNUdmYjVxeDFXcEJqdzJDeFVsNkVUOUtsZTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQAwkyRMAwD
BADCTJUDBADCTJYwDQQCAAIwBwMFACoPrkAwDQYJKoZIhvcNAQELBQADggEBABtt
u/mAYQRgJMlvXBYfOQQnZOgmFDIYoft3inIsCFXzxDcdULMmaYeF+/OiAgHYWTo/
awtnkFe71CpKJcNYoKrbuvE8Qc8MbpXZClumiPn6PnRr96/d2c4nI9BRC8jX1PBz
b8/PdlR0W/Xwp6KyvdNSNhQYVRXaCQ4qlChFDcLV0wb8dQY02Gad1wjkT++KJcTm
1VDCukyWxixZlbmbwBf3uQFyXFyjzF91lA0dcPTvteahw8uxvRI3G/Q7uBlRzFsu
d+lIPYDNUc/iLXMPjjFkLcepde8lvxPzPNoUEn8r8fnXY1hHY8jcymnNoimR72Bb
AsumRT4mbpkDUGOJmzA=
Generated at Mon Nov 13 14:18:25 2023 by rpki-client on console-fra.rpki-client.org