Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/a3a5a4-d07d-4abd-b129-227f7497dc1e/1/WSVqR04mfs8U4tUfXH67R7A9KUM.roa
File: WSVqR04mfs8U4tUfXH67R7A9KUM.roa (raw, json)
Hash identifier: V6aPVVJD+CsOeDu6ISsVseGDP5AA4bQheA7+BbENAoY=
Subject key identifier: 59:25:6A:47:4E:26:7E:CF:14:E2:D5:1F:5C:7E:BB:47:B0:3D:29:43
Certificate issuer: /CN=8f31cc3605b3efc09b2688508063b6fd485561dd
Certificate serial: 01856E4AF686922D68E33B84B9C7E9DDEE34
Authority key identifier: 8F:31:CC:36:05:B3:EF:C0:9B:26:88:50:80:63:B6:FD:48:55:61:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzHMNgWz78CbJohQgGO2_UhVYd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/a3a5a4-d07d-4abd-b129-227f7497dc1e/1/WSVqR04mfs8U4tUfXH67R7A9KUM.roa
Signing time: Sun 01 Jan 2023 17:04:44 +0000
ROA not before: Sun 01 Jan 2023 17:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 702
IP address blocks: 192.109.254.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:4a:f6:86:92:2d:68:e3:3b:84:b9:c7:e9:dd:ee:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f31cc3605b3efc09b2688508063b6fd485561dd
Validity
Not Before: Jan 1 17:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59256a474e267ecf14e2d51f5c7ebb47b03d2943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2c:ed:a6:a1:18:57:d6:1f:a6:38:0a:b6:ac:
4a:73:a8:2d:d2:73:89:84:90:f7:97:b4:12:a8:ad:
4a:12:c1:2d:45:09:55:e7:41:47:84:ef:30:42:46:
b6:2f:9e:f7:27:27:d7:d2:44:1a:d5:de:11:06:d6:
58:2b:23:3c:05:62:47:d7:b8:2f:26:b4:2b:14:2a:
c1:fb:47:91:50:37:e0:8b:d7:d5:12:c4:1e:98:4f:
90:59:da:52:52:95:b1:3b:de:96:fa:8c:ba:d8:e2:
cf:9d:f5:df:0b:be:67:b9:4f:fa:d5:b4:e6:e8:47:
de:87:ac:38:e1:e9:bf:8c:42:90:0e:e8:5d:f3:d0:
f7:48:13:22:b6:96:da:3a:a7:f9:5e:99:2f:d2:a8:
68:9f:eb:75:2f:5e:91:b1:4c:e4:1e:da:52:08:5d:
8d:c4:e0:72:07:7d:25:45:0c:90:5f:f6:d5:b2:d7:
ff:49:43:73:3f:a2:60:50:b4:03:7c:eb:7a:60:b2:
91:cc:93:88:b2:ec:47:01:db:67:77:b9:8d:00:ce:
25:54:84:d0:52:d2:44:a5:03:94:9f:55:aa:14:e2:
64:8b:58:e8:09:11:d2:99:02:83:ee:fe:45:50:40:
56:36:b6:2a:cf:76:e8:1c:e1:e8:19:f7:a7:67:d7:
50:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:25:6A:47:4E:26:7E:CF:14:E2:D5:1F:5C:7E:BB:47:B0:3D:29:43
X509v3 Authority Key Identifier:
keyid:8F:31:CC:36:05:B3:EF:C0:9B:26:88:50:80:63:B6:FD:48:55:61:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzHMNgWz78CbJohQgGO2_UhVYd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a3a5a4-d07d-4abd-b129-227f7497dc1e/1/WSVqR04mfs8U4tUfXH67R7A9KUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a3a5a4-d07d-4abd-b129-227f7497dc1e/1/jzHMNgWz78CbJohQgGO2_UhVYd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.254.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:6e:b5:d9:f1:72:80:1d:11:2c:9c:7b:66:44:9b:63:cf:c8:
29:4c:41:90:cb:24:64:a0:d2:65:ee:40:f0:68:de:30:8b:00:
2d:6e:84:71:69:bb:83:ec:b6:b2:a8:ec:7b:38:f6:56:21:50:
df:6a:08:95:8b:c0:f7:db:dd:11:6c:1d:73:2e:9f:df:01:4b:
82:84:d8:f3:c9:b8:00:23:28:e7:f4:c1:9b:dc:7b:f2:53:16:
be:c5:e0:eb:71:14:4c:f8:a0:76:28:5c:ba:a4:bf:3b:45:80:
be:30:29:f1:f0:1f:22:9a:87:e5:98:82:8b:6a:b9:82:d9:dc:
81:03:e4:51:31:eb:bc:e5:17:71:91:00:79:5c:72:fe:0c:32:
d0:02:ab:b8:cb:48:22:65:eb:e1:76:02:32:89:14:04:e1:c9:
26:9f:1e:df:cf:8d:e9:30:ab:85:61:93:b4:d0:e5:ea:8e:c8:
eb:4f:fd:24:47:3c:7d:9c:a8:64:e0:3d:6e:1e:55:97:89:48:
4f:df:88:d4:85:68:a9:c2:07:38:24:ea:c9:dd:5c:8f:8d:38:
b1:a7:8d:9e:75:5b:2c:aa:24:69:2c:2c:88:4e:d3:4c:32:69:
f5:86:93:3c:ca:eb:3c:a4:69:56:ed:c7:0c:0b:b4:c6:b1:59:
17:29:63:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuSvaGki1o4zuEucfp3e40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzFjYzM2MDViM2VmYzA5YjI2ODg1MDgwNjNiNmZkNDg1
NTYxZGQwHhcNMjMwMTAxMTcwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTI1NmE0NzRlMjY3ZWNmMTRlMmQ1MWY1YzdlYmI0N2IwM2QyOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yztpqEYV9YfpjgKtqxKc6gt0nOJ
hJD3l7QSqK1KEsEtRQlV50FHhO8wQka2L573JyfX0kQa1d4RBtZYKyM8BWJH17gv
JrQrFCrB+0eRUDfgi9fVEsQemE+QWdpSUpWxO96W+oy62OLPnfXfC75nuU/61bTm
6Efeh6w44em/jEKQDuhd89D3SBMitpbaOqf5Xpkv0qhon+t1L16RsUzkHtpSCF2N
xOByB30lRQyQX/bVstf/SUNzP6JgULQDfOt6YLKRzJOIsuxHAdtnd7mNAM4lVITQ
UtJEpQOUn1WqFOJki1joCRHSmQKD7v5FUEBWNrYqz3boHOHoGfenZ9dQrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFklakdOJn7PFOLVH1x+u0ewPSlDMB8GA1UdIwQY
MBaAFI8xzDYFs+/AmyaIUIBjtv1IVWHdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpITU5nV3o3OENiSm9oUWdHTzJfVWhWWWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9hM2E1YTQtZDA3ZC00YWJkLWIxMjkt
MjI3Zjc0OTdkYzFlLzEvV1NWcVIwNG1mczhVNHRVZlhINjdSN0E5S1VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9hM2E1YTQtZDA3ZC00YWJkLWIxMjktMjI3Zjc0OTdkYzFl
LzEvanpITU5nV3o3OENiSm9oUWdHTzJfVWhWWWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwG3+MA0G
CSqGSIb3DQEBCwUAA4IBAQAdbrXZ8XKAHREsnHtmRJtjz8gpTEGQyyRkoNJl7kDw
aN4wiwAtboRxabuD7LayqOx7OPZWIVDfagiVi8D3290RbB1zLp/fAUuChNjzybgA
Iyjn9MGb3HvyUxa+xeDrcRRM+KB2KFy6pL87RYC+MCnx8B8imoflmIKLarmC2dyB
A+RRMeu85RdxkQB5XHL+DDLQAqu4y0giZevhdgIyiRQE4ckmnx7fz43pMKuFYZO0
0OXqjsjrT/0kRzx9nKhk4D1uHlWXiUhP34jUhWipwgc4JOrJ3VyPjTixp42edVss
qiRpLCyITtNMMmn1hpM8yus8pGlW7ccMC7TGsVkXKWNF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:03 2024 by rpki-client on console-ams.rpki-client.org