Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/d81aa2-8a55-40db-96dc-8fbb5128a2c9/1/W0bhGr19oSvMyhWu5GMnxVLyvnU.roa
File: W0bhGr19oSvMyhWu5GMnxVLyvnU.roa (raw, json)
Hash identifier: eodWYgjOGUmdHEjAEMNKOKQ9nOivMdjbuAl+T1812ts=
Subject key identifier: 5B:46:E1:1A:BD:7D:A1:2B:CC:CA:15:AE:E4:63:27:C5:52:F2:BE:75
Certificate issuer: /CN=ae3adb58c108b8bb13e43c15eea3c7899b64a3aa
Certificate serial: 0185711E5165DCD91A82E7F1F35269C06403
Authority key identifier: AE:3A:DB:58:C1:08:B8:BB:13:E4:3C:15:EE:A3:C7:89:9B:64:A3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rjrbWMEIuLsT5DwV7qPHiZtko6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/d81aa2-8a55-40db-96dc-8fbb5128a2c9/1/W0bhGr19oSvMyhWu5GMnxVLyvnU.roa
Signing time: Mon 02 Jan 2023 06:14:50 +0000
ROA not before: Mon 02 Jan 2023 06:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21137
IP address blocks: 194.4.141.0/24 maxlen: 24
194.4.142.0/24 maxlen: 24
194.4.143.0/24 maxlen: 24
194.4.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:51:65:dc:d9:1a:82:e7:f1:f3:52:69:c0:64:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae3adb58c108b8bb13e43c15eea3c7899b64a3aa
Validity
Not Before: Jan 2 06:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b46e11abd7da12bccca15aee46327c552f2be75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:36:8f:c9:61:2a:2f:35:8c:64:ed:89:be:3c:
38:9b:c7:57:df:94:3e:9b:eb:23:a2:dd:c8:7b:a7:
0d:0f:16:01:aa:2e:a8:06:f0:9a:21:bb:ae:ea:a4:
e2:d6:8f:80:59:a8:54:f6:d1:06:bc:37:c5:45:b3:
23:c5:df:9b:5f:3a:93:a4:c9:03:4a:1a:67:d3:be:
4a:50:ba:30:15:a5:da:b0:da:17:0a:2c:7b:7f:7c:
85:e6:8f:d4:dc:94:04:45:69:76:b6:35:0b:e7:a6:
96:3b:12:ed:7b:8a:fb:ae:e9:9e:3f:a1:5d:ea:ce:
a2:ac:71:ab:43:74:21:ba:83:1b:88:eb:e3:a9:24:
13:d7:45:a2:89:a7:4e:9b:5d:4f:3a:62:23:4c:3f:
c5:6e:11:49:f5:a7:fd:40:04:86:b7:59:7a:bb:f2:
e7:1d:87:7e:d9:89:95:29:ab:40:09:7a:64:77:e6:
96:a2:f6:75:44:54:7c:54:99:ad:bc:1a:a3:2f:b4:
a6:72:96:45:2e:3f:61:a0:0a:15:cc:ea:34:8c:33:
bd:c1:13:a9:08:a8:f6:b2:84:3e:82:b7:99:c5:71:
98:e3:93:ba:f9:db:18:ac:ba:aa:dd:fe:77:a1:77:
79:fe:03:4e:50:e2:d4:1a:9a:86:66:18:ba:a1:aa:
82:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:46:E1:1A:BD:7D:A1:2B:CC:CA:15:AE:E4:63:27:C5:52:F2:BE:75
X509v3 Authority Key Identifier:
keyid:AE:3A:DB:58:C1:08:B8:BB:13:E4:3C:15:EE:A3:C7:89:9B:64:A3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rjrbWMEIuLsT5DwV7qPHiZtko6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/d81aa2-8a55-40db-96dc-8fbb5128a2c9/1/W0bhGr19oSvMyhWu5GMnxVLyvnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/d81aa2-8a55-40db-96dc-8fbb5128a2c9/1/rjrbWMEIuLsT5DwV7qPHiZtko6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.4.140.0/22
Signature Algorithm: sha256WithRSAEncryption
77:64:9a:c4:d2:60:b5:49:7a:38:4d:53:d4:85:d6:b2:9a:95:
c4:d6:24:1c:f8:57:8a:eb:af:18:2e:08:57:29:2f:b0:96:e1:
1e:b2:09:dd:6f:30:a3:ac:17:89:0c:34:05:3f:3e:81:1a:30:
a6:40:38:6e:11:49:ff:61:3f:aa:eb:44:09:7b:6c:df:2b:69:
ef:ae:1c:0a:c5:78:9e:2d:db:04:19:b2:15:2e:db:38:4d:b3:
62:fb:fc:4b:49:d5:f5:7f:5b:98:ac:4c:77:54:4d:c6:1b:a8:
68:a3:a2:09:9b:43:8c:f5:a6:fb:02:43:ab:b7:a7:0d:60:f6:
71:08:05:43:b9:5d:64:15:70:65:d6:49:45:78:4c:52:bc:7f:
ad:c4:d3:5d:fe:b9:3e:92:6e:04:a1:e8:71:e9:68:07:01:17:
6c:f0:3f:7f:b2:ea:b6:69:3f:a6:29:33:27:91:22:dd:da:25:
8f:5d:42:7e:c9:b9:8c:5c:3b:e2:65:d8:78:92:a0:82:ba:98:
20:a4:e5:9c:bf:62:58:35:cf:ec:4a:c7:a4:43:e2:af:e1:95:
c9:68:1f:ac:43:17:64:84:8b:b8:82:c7:c1:bb:8e:e7:8b:27:
f3:cf:34:bd:9b:4b:34:aa:fa:32:9d:e3:1f:0d:cc:b2:a5:49:
60:2f:88:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxHlFl3Nkagufx81JpwGQDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlM2FkYjU4YzEwOGI4YmIxM2U0M2MxNWVlYTNjNzg5OWI2
NGEzYWEwHhcNMjMwMTAyMDYxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjQ2ZTExYWJkN2RhMTJiY2NjYTE1YWVlNDYzMjdjNTUyZjJiZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDaPyWEqLzWMZO2Jvjw4m8dX35Q+
m+sjot3Ie6cNDxYBqi6oBvCaIbuu6qTi1o+AWahU9tEGvDfFRbMjxd+bXzqTpMkD
Shpn075KULowFaXasNoXCix7f3yF5o/U3JQERWl2tjUL56aWOxLte4r7rumeP6Fd
6s6irHGrQ3QhuoMbiOvjqSQT10WiiadOm11POmIjTD/FbhFJ9af9QASGt1l6u/Ln
HYd+2YmVKatACXpkd+aWovZ1RFR8VJmtvBqjL7SmcpZFLj9hoAoVzOo0jDO9wROp
CKj2soQ+greZxXGY45O6+dsYrLqq3f53oXd5/gNOUOLUGpqGZhi6oaqCLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFtG4Rq9faErzMoVruRjJ8VS8r51MB8GA1UdIwQY
MBaAFK4621jBCLi7E+Q8Fe6jx4mbZKOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmpyYldNRUl1THNUNUR3VjdxUEhpWnRrbzZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9kODFhYTItOGE1NS00MGRiLTk2ZGMt
OGZiYjUxMjhhMmM5LzEvVzBiaEdyMTlvU3ZNeWhXdTVHTW54Vkx5dm5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9kODFhYTItOGE1NS00MGRiLTk2ZGMtOGZiYjUxMjhhMmM5
LzEvcmpyYldNRUl1THNUNUR3VjdxUEhpWnRrbzZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwgSMMA0G
CSqGSIb3DQEBCwUAA4IBAQB3ZJrE0mC1SXo4TVPUhdaympXE1iQc+FeK668YLghX
KS+wluEesgndbzCjrBeJDDQFPz6BGjCmQDhuEUn/YT+q60QJe2zfK2nvrhwKxXie
LdsEGbIVLts4TbNi+/xLSdX1f1uYrEx3VE3GG6hoo6IJm0OM9ab7AkOrt6cNYPZx
CAVDuV1kFXBl1klFeExSvH+txNNd/rk+km4Eoehx6WgHARds8D9/suq2aT+mKTMn
kSLd2iWPXUJ+ybmMXDviZdh4kqCCupggpOWcv2JYNc/sSsekQ+Kv4ZXJaB+sQxdk
hIu4gsfBu47niyfzzzS9m0s0qvoyneMfDcyypUlgL4gB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:49 2024 by rpki-client on console-fra.rpki-client.org