Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/W2NO-eTPGsqd1ugVncqQQnPTgCc.roa
File: W2NO-eTPGsqd1ugVncqQQnPTgCc.roa (raw, json)
Hash identifier: aX7XvAG99qetJ4X8r9eY0yrOB+k43BS1fLeM+diROsw=
Subject key identifier: 5B:63:4E:F9:E4:CF:1A:CA:9D:D6:E8:15:9D:CA:90:42:73:D3:80:27
Certificate issuer: /CN=a1b71eb8df171e642f1b2b90419001f1fc445e4d
Certificate serial: 018572B400BD32F901B1D2A3149762E97BF9
Authority key identifier: A1:B7:1E:B8:DF:17:1E:64:2F:1B:2B:90:41:90:01:F1:FC:44:5E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/obceuN8XHmQvGyuQQZAB8fxEXk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/W2NO-eTPGsqd1ugVncqQQnPTgCc.roa
Signing time: Mon 02 Jan 2023 13:37:57 +0000
ROA not before: Mon 02 Jan 2023 13:37:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44189
IP address blocks: 195.5.173.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:00:bd:32:f9:01:b1:d2:a3:14:97:62:e9:7b:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1b71eb8df171e642f1b2b90419001f1fc445e4d
Validity
Not Before: Jan 2 13:37:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b634ef9e4cf1aca9dd6e8159dca904273d38027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c0:c8:31:28:63:b8:d5:53:fd:58:95:f3:40:
4b:5a:af:c7:71:f5:fa:5e:7f:df:5d:ae:05:5d:14:
b9:33:f4:2e:df:95:f3:a6:98:2b:da:66:14:62:25:
32:95:cb:db:6c:41:95:21:44:e0:a5:46:14:47:25:
34:7d:7e:33:8e:08:77:c5:2c:66:05:0d:6b:ee:df:
26:60:f8:82:1e:79:67:80:d9:df:0c:dd:6d:32:71:
55:d7:27:e0:b2:15:bb:d4:4b:a1:65:ad:86:66:b8:
b0:b9:00:d8:04:c4:f3:78:67:1e:c7:8e:c7:c7:d7:
42:a6:9c:ea:23:75:c0:28:cc:06:dd:82:a9:11:11:
34:cb:d1:3a:24:2a:51:d1:72:b5:0e:2a:1b:8b:31:
39:ad:83:16:f8:83:e1:02:f8:ba:63:aa:22:63:b8:
cd:d2:23:3c:22:2c:cb:0e:f5:bc:00:92:51:72:2a:
ef:4f:3a:8d:f4:0e:d6:42:b9:8f:18:ec:cf:85:ec:
92:23:77:c7:c3:e3:47:94:fa:56:c9:5f:b0:79:84:
3c:b1:c4:53:e9:1d:ea:dc:f2:81:a6:8c:99:21:f5:
a1:af:78:6e:10:26:c7:ef:a4:4c:b3:28:e6:b8:99:
dd:29:76:6a:18:81:cf:c1:b5:23:26:61:32:9d:90:
18:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:63:4E:F9:E4:CF:1A:CA:9D:D6:E8:15:9D:CA:90:42:73:D3:80:27
X509v3 Authority Key Identifier:
keyid:A1:B7:1E:B8:DF:17:1E:64:2F:1B:2B:90:41:90:01:F1:FC:44:5E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obceuN8XHmQvGyuQQZAB8fxEXk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/W2NO-eTPGsqd1ugVncqQQnPTgCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.173.0/24
Signature Algorithm: sha256WithRSAEncryption
14:0c:b8:33:96:51:73:73:97:e6:84:28:f2:47:f8:d1:e9:b2:
53:b2:7b:9b:81:a6:7a:fe:67:77:83:9b:9f:d9:3b:d6:7e:aa:
c9:96:39:ba:19:fd:b3:18:7a:c8:ab:59:54:b7:62:14:51:8a:
37:6a:37:4c:e6:84:53:2d:d8:ff:45:64:3d:d1:89:57:c0:98:
33:c8:a9:3d:db:bf:e3:b2:2e:41:fc:cf:99:e3:31:51:3a:f4:
01:e6:e2:31:3b:87:83:c4:b8:b6:0e:2b:2d:2a:d9:2e:22:03:
ea:73:1c:99:0c:01:7a:2e:b3:a8:6a:fa:e2:45:9b:ec:a4:8c:
6a:9c:4a:a6:c6:bb:64:d9:46:52:9b:18:4c:9c:30:07:72:9a:
e1:53:c1:cc:9d:6e:bb:43:3a:ca:6b:27:02:3f:29:ae:76:82:
73:8f:ee:bb:7a:7d:0c:b2:ff:b3:c8:57:33:b3:00:d5:77:c3:
d1:2a:cb:97:d2:3e:43:e8:f0:4d:f4:6c:86:31:c3:f8:49:9f:
45:6e:3e:03:07:56:67:83:18:47:3d:5c:7b:d6:75:56:31:29:
2b:0c:df:89:e7:51:b0:29:7c:55:8a:a2:c5:f6:3e:7a:bc:4a:
c2:cb:e6:bf:9b:ac:5a:4e:a5:19:2a:b7:83:9f:13:36:94:6d:
e1:7a:a9:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytAC9MvkBsdKjFJdi6Xv5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjcxZWI4ZGYxNzFlNjQyZjFiMmI5MDQxOTAwMWYxZmM0
NDVlNGQwHhcNMjMwMTAyMTMzNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjYzNGVmOWU0Y2YxYWNhOWRkNmU4MTU5ZGNhOTA0MjczZDM4MDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cDIMShjuNVT/ViV80BLWq/HcfX6
Xn/fXa4FXRS5M/Qu35Xzppgr2mYUYiUylcvbbEGVIUTgpUYURyU0fX4zjgh3xSxm
BQ1r7t8mYPiCHnlngNnfDN1tMnFV1yfgshW71EuhZa2GZriwuQDYBMTzeGcex47H
x9dCppzqI3XAKMwG3YKpERE0y9E6JCpR0XK1DiobizE5rYMW+IPhAvi6Y6oiY7jN
0iM8IizLDvW8AJJRcirvTzqN9A7WQrmPGOzPheySI3fHw+NHlPpWyV+weYQ8scRT
6R3q3PKBpoyZIfWhr3huECbH76RMsyjmuJndKXZqGIHPwbUjJmEynZAYoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFtjTvnkzxrKndboFZ3KkEJz04AnMB8GA1UdIwQY
MBaAFKG3HrjfFx5kLxsrkEGQAfH8RF5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JjZXVOOFhIbVF2R3l1UVFaQUI4ZnhFWGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mMDg4YmQtNTAyOS00OTAzLTk2MTYt
MDY3MmVhMDQ0MGJiLzEvVzJOTy1lVFBHc3FkMXVnVm5jcVFRblBUZ0NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mMDg4YmQtNTAyOS00OTAzLTk2MTYtMDY3MmVhMDQ0MGJi
LzEvb2JjZXVOOFhIbVF2R3l1UVFaQUI4ZnhFWGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwWtMA0G
CSqGSIb3DQEBCwUAA4IBAQAUDLgzllFzc5fmhCjyR/jR6bJTsnubgaZ6/md3g5uf
2TvWfqrJljm6Gf2zGHrIq1lUt2IUUYo3ajdM5oRTLdj/RWQ90YlXwJgzyKk927/j
si5B/M+Z4zFROvQB5uIxO4eDxLi2DistKtkuIgPqcxyZDAF6LrOoavriRZvspIxq
nEqmxrtk2UZSmxhMnDAHcprhU8HMnW67QzrKaycCPymudoJzj+67en0Msv+zyFcz
swDVd8PRKsuX0j5D6PBN9GyGMcP4SZ9Fbj4DB1ZngxhHPVx71nVWMSkrDN+J51Gw
KXxViqLF9j56vErCy+a/m6xaTqUZKreDnxM2lG3heqkG
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:40:22 2024 by rpki-client on console-fra.rpki-client.org