Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/wrfEQyANWe25hqMHT2sLM6dZuTQ.roa
File: wrfEQyANWe25hqMHT2sLM6dZuTQ.roa (raw, json)
Hash identifier: zUXMPu/X/U9I34/JuR+mtchcZDQ59xYkYoMIUvKzGws=
Subject key identifier: C2:B7:C4:43:20:0D:59:ED:B9:86:A3:07:4F:6B:0B:33:A7:59:B9:34
Certificate issuer: /CN=f347ced9a0ed7f944b9f4efc38577b38e6d1c673
Certificate serial: 018BF73229E558886BA9AD94E735EFBC43D2
Authority key identifier: F3:47:CE:D9:A0:ED:7F:94:4B:9F:4E:FC:38:57:7B:38:E6:D1:C6:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/80fO2aDtf5RLn078OFd7OObRxnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/wrfEQyANWe25hqMHT2sLM6dZuTQ.roa
Signing time: Wed 22 Nov 2023 13:22:21 +0000
ROA not before: Wed 22 Nov 2023 13:22:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21263
IP address blocks: 185.159.244.0/24 maxlen: 24
2a13:780::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:32:29:e5:58:88:6b:a9:ad:94:e7:35:ef:bc:43:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f347ced9a0ed7f944b9f4efc38577b38e6d1c673
Validity
Not Before: Nov 22 13:22:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2b7c443200d59edb986a3074f6b0b33a759b934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:20:3a:0b:f3:5c:0e:a1:ff:b9:8d:04:97:ee:
0e:7a:5c:c5:5b:2c:87:4d:c7:38:1c:2c:fe:b9:ae:
92:b6:9e:70:a2:70:bb:3f:02:ec:35:27:6c:86:0e:
f4:2f:9b:55:88:ad:d7:bf:8e:33:09:46:81:09:ff:
a0:91:39:00:cc:99:91:0c:57:8b:20:e3:f9:d5:df:
40:ba:ba:b2:23:33:b8:f2:39:b6:6e:69:f1:64:8c:
5d:23:5c:42:d2:0d:b2:64:41:1a:92:fd:8c:50:35:
81:80:fd:10:da:54:5e:99:4f:4a:36:90:18:04:5a:
b5:de:60:7d:34:64:b2:04:0c:fd:0b:2c:38:3d:4b:
44:ad:19:6f:5a:0d:07:13:34:68:66:b5:7d:5e:12:
99:1a:4e:17:c9:ee:2b:6a:8a:b0:0c:ae:47:db:e3:
14:81:1b:51:03:c8:f6:58:45:e8:eb:e8:ad:30:b6:
40:d5:4c:91:e7:72:84:00:6f:e9:6b:2c:4d:3e:f2:
29:d6:63:85:01:a8:90:a8:fa:b9:c5:ca:08:06:4d:
0e:ed:1f:a5:0a:f1:d8:cd:1e:8f:5e:fa:ef:00:44:
41:4b:59:f9:a5:b3:2c:c8:2e:68:c0:57:49:95:a2:
dc:dd:58:f6:42:8b:75:33:46:10:73:3f:f4:2c:c6:
37:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B7:C4:43:20:0D:59:ED:B9:86:A3:07:4F:6B:0B:33:A7:59:B9:34
X509v3 Authority Key Identifier:
keyid:F3:47:CE:D9:A0:ED:7F:94:4B:9F:4E:FC:38:57:7B:38:E6:D1:C6:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/80fO2aDtf5RLn078OFd7OObRxnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/wrfEQyANWe25hqMHT2sLM6dZuTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/80fO2aDtf5RLn078OFd7OObRxnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.244.0/24
IPv6:
2a13:780::/29
Signature Algorithm: sha256WithRSAEncryption
0e:3b:c6:51:3d:71:ef:fe:fc:ad:de:20:41:e6:8c:4d:cd:34:
81:03:d9:af:f2:7f:7a:21:fd:1c:c3:65:4e:a1:e9:92:9c:1a:
1d:9b:fe:69:73:8a:f1:29:ba:f9:31:b8:62:d3:2c:48:a3:78:
0c:94:9c:b7:d6:2f:2b:13:22:c4:5d:24:3d:f8:2d:da:a6:c6:
4c:43:a7:b0:9f:76:95:eb:ca:ff:67:47:f3:96:d8:f8:29:43:
94:2e:aa:a0:24:2f:83:b7:29:7a:c7:ce:f4:9e:56:3b:4a:b4:
a1:28:dc:98:de:af:35:aa:fa:f6:94:4b:b2:75:00:f7:44:1b:
5a:89:a5:8e:e3:09:4b:7c:7e:ae:6e:a8:60:15:98:2a:c5:f8:
b5:df:b3:3f:2e:48:b9:a5:1a:cd:56:b8:a2:e5:95:85:16:d7:
b9:06:c6:55:57:e6:f9:e9:ea:45:35:0f:04:2d:e4:15:66:b8:
ae:64:63:33:02:ac:fb:5e:f6:48:68:9c:62:f3:45:eb:ce:9c:
0e:32:af:b9:3a:85:3f:9a:7e:89:4c:3e:2a:1d:91:ea:97:dc:
c0:2e:64:a1:b0:df:4f:71:fb:4c:5c:d0:11:a4:6f:7b:79:c0:
d6:88:6c:8f:05:59:a7:b3:db:ea:c2:c7:c1:6b:39:4f:2f:77:
54:c0:c5:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYv3MinlWIhrqa2U5zXvvEPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNDdjZWQ5YTBlZDdmOTQ0YjlmNGVmYzM4NTc3YjM4ZTZk
MWM2NzMwHhcNMjMxMTIyMTMyMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmI3YzQ0MzIwMGQ1OWVkYjk4NmEzMDc0ZjZiMGIzM2E3NTliOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyA6C/NcDqH/uY0El+4OelzFWyyH
Tcc4HCz+ua6Stp5wonC7PwLsNSdshg70L5tViK3Xv44zCUaBCf+gkTkAzJmRDFeL
IOP51d9AurqyIzO48jm2bmnxZIxdI1xC0g2yZEEakv2MUDWBgP0Q2lRemU9KNpAY
BFq13mB9NGSyBAz9Cyw4PUtErRlvWg0HEzRoZrV9XhKZGk4Xye4raoqwDK5H2+MU
gRtRA8j2WEXo6+itMLZA1UyR53KEAG/payxNPvIp1mOFAaiQqPq5xcoIBk0O7R+l
CvHYzR6PXvrvAERBS1n5pbMsyC5owFdJlaLc3Vj2Qot1M0YQcz/0LMY3iwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMK3xEMgDVntuYajB09rCzOnWbk0MB8GA1UdIwQY
MBaAFPNHztmg7X+US59O/DhXezjm0cZzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODBmTzJhRHRmNVJMbjA3OE9GZDdPT2JSeG5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wODk2MDMtYjViZS00ZmZhLWEyYjIt
MjMyYjRiNDY1N2U5LzEvd3JmRVF5QU5XZTI1aHFNSFQyc0xNNmRadVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wODk2MDMtYjViZS00ZmZhLWEyYjItMjMyYjRiNDY1N2U5
LzEvODBmTzJhRHRmNVJMbjA3OE9GZDdPT2JSeG5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZ/0MA0E
AgACMAcDBQMqEweAMA0GCSqGSIb3DQEBCwUAA4IBAQAOO8ZRPXHv/vyt3iBB5oxN
zTSBA9mv8n96If0cw2VOoemSnBodm/5pc4rxKbr5Mbhi0yxIo3gMlJy31i8rEyLE
XSQ9+C3apsZMQ6ewn3aV68r/Z0fzltj4KUOULqqgJC+Dtyl6x870nlY7SrShKNyY
3q81qvr2lEuydQD3RBtaiaWO4wlLfH6ubqhgFZgqxfi137M/Lki5pRrNVrii5ZWF
Fte5BsZVV+b56epFNQ8ELeQVZriuZGMzAqz7XvZIaJxi80XrzpwOMq+5OoU/mn6J
TD4qHZHql9zALmShsN9PcftMXNARpG97ecDWiGyPBVmns9vqwsfBazlPL3dUwMXS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:37 2024 by rpki-client on console-fra.rpki-client.org