Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/IedWSBgv6_QC8G7nHMD1_XKxim0.roa
File: IedWSBgv6_QC8G7nHMD1_XKxim0.roa (raw, json)
Hash identifier: TJ0vD1aKwfL4hrQygl+aJHLK30sWr9sykIspHCcS3+g=
Subject key identifier: 21:E7:56:48:18:2F:EB:F4:02:F0:6E:E7:1C:C0:F5:FD:72:B1:8A:6D
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0185710C364FE68A6D464D9897AEB51B86A6
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/IedWSBgv6_QC8G7nHMD1_XKxim0.roa
Signing time: Mon 02 Jan 2023 05:55:03 +0000
ROA not before: Mon 02 Jan 2023 05:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 262287
IP address blocks: 192.145.70.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:36:4f:e6:8a:6d:46:4d:98:97:ae:b5:1b:86:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 05:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21e75648182febf402f06ee71cc0f5fd72b18a6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7a:a8:b1:a8:1f:d8:71:65:77:ec:f3:32:1a:
bf:a4:85:3c:0c:a3:64:9d:06:fb:cf:c1:cd:82:07:
7a:29:45:2f:f4:36:e5:82:b8:00:a9:62:0b:74:ec:
79:01:ca:11:73:a2:b1:63:11:95:45:f5:35:bf:1f:
77:f9:2c:bb:07:39:d7:a2:81:ce:b5:ab:94:d6:7f:
0c:b9:b8:3b:3e:d5:c8:a2:7d:53:fe:85:7c:73:ef:
e0:f6:25:13:81:18:64:46:3d:bf:a4:97:c0:91:49:
04:52:16:b1:00:fc:7c:d1:b8:50:36:bb:1e:f3:46:
64:43:7f:fc:d4:d6:8e:29:a7:7b:14:19:af:fa:07:
19:08:d9:fe:2f:fe:60:f2:0b:b7:86:58:f2:2f:18:
ef:a9:56:95:c9:21:ee:11:39:e3:be:b2:3d:7a:7f:
22:10:8c:93:9f:02:a1:13:5f:a4:c0:9c:69:84:0c:
82:ed:81:86:75:43:47:67:bb:0e:fd:43:7e:74:05:
04:6a:e4:14:39:1c:63:f3:b8:5f:ca:75:35:c7:f1:
c7:11:20:83:91:1d:13:c1:65:43:ec:58:70:50:5f:
e0:56:5e:85:8b:4d:9a:97:4c:cc:50:de:b8:ec:85:
57:42:65:f3:92:29:02:c9:f5:2c:a0:9f:ee:b3:bb:
01:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E7:56:48:18:2F:EB:F4:02:F0:6E:E7:1C:C0:F5:FD:72:B1:8A:6D
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/IedWSBgv6_QC8G7nHMD1_XKxim0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.70.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:49:6d:db:17:c2:55:5f:fa:65:2c:3b:db:2b:37:58:e4:cb:
b3:d3:7e:88:58:6e:8d:c4:b0:93:e4:c2:d1:45:ed:56:21:16:
4a:8c:f5:7d:7d:ac:ef:60:f1:85:b5:c1:d3:25:40:9d:ec:0c:
38:e2:35:ef:0b:03:48:20:15:17:b9:72:87:ad:2f:94:36:41:
79:2c:ff:1c:43:b1:56:1b:dd:be:fc:10:ec:5b:be:aa:97:4d:
b9:d4:bd:2c:b3:81:f7:91:37:69:a5:8f:e9:ef:0c:84:ed:9b:
01:df:f0:ba:56:4b:46:49:25:4e:f6:07:2a:5d:a9:d7:4f:c3:
a4:00:a9:8d:4b:12:60:77:10:8d:58:7f:32:cc:94:37:2d:0a:
e5:2c:db:60:cc:17:9c:39:32:3c:3b:56:4b:cb:df:53:55:e8:
fc:42:01:5d:8b:07:db:c9:e7:7b:15:23:ad:7a:da:bd:c9:ba:
b5:0a:5c:97:1d:52:6d:08:59:48:f0:b2:6c:68:31:fb:5e:aa:
de:1d:e9:d5:09:88:ac:72:7e:3d:12:c5:d5:23:aa:ef:11:ea:
35:94:6d:b1:09:72:14:92:58:64:47:57:15:d5:e6:7f:6e:90:
73:56:41:79:bd:35:2b:83:65:c7:8c:58:33:49:56:df:e5:7f:
64:98:12:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDDZP5optRk2Yl661G4amMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwMTAyMDU1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWU3NTY0ODE4MmZlYmY0MDJmMDZlZTcxY2MwZjVmZDcyYjE4YTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXqosagf2HFld+zzMhq/pIU8DKNk
nQb7z8HNggd6KUUv9DblgrgAqWILdOx5AcoRc6KxYxGVRfU1vx93+Sy7BznXooHO
tauU1n8Mubg7PtXIon1T/oV8c+/g9iUTgRhkRj2/pJfAkUkEUhaxAPx80bhQNrse
80ZkQ3/81NaOKad7FBmv+gcZCNn+L/5g8gu3hljyLxjvqVaVySHuETnjvrI9en8i
EIyTnwKhE1+kwJxphAyC7YGGdUNHZ7sO/UN+dAUEauQUORxj87hfynU1x/HHESCD
kR0TwWVD7FhwUF/gVl6Fi02al0zMUN647IVXQmXzkikCyfUsoJ/us7sBdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCHnVkgYL+v0AvBu5xzA9f1ysYptMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvSWVkV1NCZ3Y2X1FDOEc3bkhNRDFfWEt4aW0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwJFGMA0G
CSqGSIb3DQEBCwUAA4IBAQB8SW3bF8JVX/plLDvbKzdY5Muz036IWG6NxLCT5MLR
Re1WIRZKjPV9fazvYPGFtcHTJUCd7Aw44jXvCwNIIBUXuXKHrS+UNkF5LP8cQ7FW
G92+/BDsW76ql0251L0ss4H3kTdppY/p7wyE7ZsB3/C6VktGSSVO9gcqXanXT8Ok
AKmNSxJgdxCNWH8yzJQ3LQrlLNtgzBecOTI8O1ZLy99TVej8QgFdiwfbyed7FSOt
etq9ybq1ClyXHVJtCFlI8LJsaDH7XqreHenVCYiscn49EsXVI6rvEeo1lG2xCXIU
klhkR1cV1eZ/bpBzVkF5vTUrg2XHjFgzSVbf5X9kmBJR
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:39 2024 by rpki-client on console-ams.rpki-client.org