Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/WNA0h5r_kqijlY0CAhuMDTPmL0I.roa
File: WNA0h5r_kqijlY0CAhuMDTPmL0I.roa (raw, json)
Hash identifier: 38d1/gDukfab278HZ1geUm9kC2R3mEbwRbh7fZh8/80=
Subject key identifier: 58:D0:34:87:9A:FF:92:A8:A3:95:8D:02:02:1B:8C:0D:33:E6:2F:42
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 018B6532965614F2A2DCA43241988AFEF143
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/WNA0h5r_kqijlY0CAhuMDTPmL0I.roa
Signing time: Wed 25 Oct 2023 04:58:15 +0000
ROA not before: Wed 25 Oct 2023 04:58:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 171.33.240.0/24 maxlen: 24
195.8.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Nov 2023 21:53:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:65:32:96:56:14:f2:a2:dc:a4:32:41:98:8a:fe:f1:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Oct 25 04:58:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58d034879aff92a8a3958d02021b8c0d33e62f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fa:1c:a2:0a:03:fe:92:01:cb:be:7d:86:30:
dc:6d:7b:b1:ad:0a:97:d1:69:46:5c:6c:d8:f1:8a:
8d:ba:10:b2:ac:89:d1:30:8b:18:19:5f:63:77:7f:
57:61:ea:c2:6d:fa:8f:e6:47:c9:40:43:d2:21:e8:
9b:02:7d:e9:f6:d1:98:0e:3d:54:42:6a:60:fa:f1:
bb:da:be:08:1c:0b:dd:02:46:5f:0f:d3:21:a7:a2:
3e:07:d7:66:3a:79:34:b6:00:88:13:3b:12:1d:ce:
30:e8:2f:b4:12:69:68:08:69:af:fe:36:db:d9:72:
a9:01:58:69:59:69:e0:76:f6:34:10:95:0a:d6:95:
24:f5:39:4a:dc:cb:b7:ac:3f:8a:45:d9:ca:9e:64:
21:40:39:dc:e6:83:0b:a9:92:32:bf:ff:45:af:2d:
a8:8d:2f:c8:b5:78:02:37:0c:78:a8:33:6e:70:0c:
34:8c:dd:b4:48:93:a8:df:bf:10:85:44:f2:50:d3:
c8:b9:a3:c3:e9:8b:8d:02:a8:76:4c:ff:21:09:2f:
00:b0:e6:3f:fb:50:22:27:87:d7:03:e6:d4:57:10:
23:5e:86:55:9f:f0:80:3a:7e:5a:50:ce:85:cc:4a:
d9:c2:f5:ee:a1:d4:6d:4c:1f:50:4d:fe:23:23:b3:
4a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:D0:34:87:9A:FF:92:A8:A3:95:8D:02:02:1B:8C:0D:33:E6:2F:42
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/WNA0h5r_kqijlY0CAhuMDTPmL0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.33.240.0/24
195.8.200.0/24
Signature Algorithm: sha256WithRSAEncryption
52:ca:d7:96:f6:46:ae:17:3e:bd:7e:9f:c8:ab:3f:3a:f1:b3:
10:ee:fc:78:ed:18:5d:d4:0a:ae:1a:a2:29:e7:7e:20:d0:1a:
23:e1:6d:88:2a:12:65:7b:2c:e1:da:71:78:16:9e:47:72:46:
54:19:43:7f:08:bb:1c:6b:aa:ad:ca:27:7d:73:e7:70:ff:06:
8f:47:a5:2f:6b:97:69:05:84:05:16:82:0f:c7:be:ec:77:a3:
e2:d4:42:13:6a:26:3e:fd:81:8b:f9:66:9c:83:4d:df:17:79:
72:a1:c3:fe:07:08:2e:f9:80:b2:78:14:25:10:30:ca:53:c9:
b1:d2:68:0c:a9:91:0c:ba:83:7d:18:24:ef:2a:89:49:ad:99:
05:db:eb:da:f1:96:d5:67:21:29:c9:d1:da:2e:81:2b:1e:b1:
01:8a:f2:eb:89:c4:be:b5:cd:5e:0f:ad:df:72:fc:37:9e:58:
ae:56:99:b1:c1:ef:f3:1a:29:09:bf:47:af:f9:45:54:df:33:
43:0c:bb:29:80:3f:a8:c9:28:c5:66:2c:a5:1e:04:20:f4:75:
1e:c4:f2:9a:b8:d9:1f:0d:93:34:45:ca:7b:2e:53:4b:67:ab:
6f:71:10:02:38:4f:0a:0f:3e:3c:97:44:27:3d:7b:f2:5b:7a:
05:a5:81:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtlMpZWFPKi3KQyQZiK/vFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjMxMDI1MDQ1ODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGQwMzQ4NzlhZmY5MmE4YTM5NThkMDIwMjFiOGMwZDMzZTYyZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivocogoD/pIBy759hjDcbXuxrQqX
0WlGXGzY8YqNuhCyrInRMIsYGV9jd39XYerCbfqP5kfJQEPSIeibAn3p9tGYDj1U
Qmpg+vG72r4IHAvdAkZfD9Mhp6I+B9dmOnk0tgCIEzsSHc4w6C+0EmloCGmv/jbb
2XKpAVhpWWngdvY0EJUK1pUk9TlK3Mu3rD+KRdnKnmQhQDnc5oMLqZIyv/9Fry2o
jS/ItXgCNwx4qDNucAw0jN20SJOo378QhUTyUNPIuaPD6YuNAqh2TP8hCS8AsOY/
+1AiJ4fXA+bUVxAjXoZVn/CAOn5aUM6FzErZwvXuodRtTB9QTf4jI7NKNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFjQNIea/5Koo5WNAgIbjA0z5i9CMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvV05BMGg1cl9rcWlqbFkwQ0FodU1EVFBtTDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAqyHwAwQA
wwjIMA0GCSqGSIb3DQEBCwUAA4IBAQBSyteW9kauFz69fp/Iqz868bMQ7vx47Rhd
1AquGqIp534g0Boj4W2IKhJleyzh2nF4Fp5HckZUGUN/CLsca6qtyid9c+dw/waP
R6Uva5dpBYQFFoIPx77sd6Pi1EITaiY+/YGL+Wacg03fF3lyocP+Bwgu+YCyeBQl
EDDKU8mx0mgMqZEMuoN9GCTvKolJrZkF2+va8ZbVZyEpydHaLoErHrEBivLricS+
tc1eD63fcvw3nliuVpmxwe/zGikJv0ev+UVU3zNDDLspgD+oySjFZiylHgQg9HUe
xPKauNkfDZM0Rcp7LlNLZ6tvcRACOE8KDz48l0QnPXvyW3oFpYFF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:30 2024 by rpki-client on console-fra.rpki-client.org