Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/dd41f5-bc06-4c97-9ed8-fc460ff98e31/1/wZimgiIIb4Cq17fvmhQ4Kqi7e68.roa
File: wZimgiIIb4Cq17fvmhQ4Kqi7e68.roa (raw, json)
Hash identifier: fUkikERf2wpAb0ip3xigF2t8o/D9CBwl1OAItxDgMvc=
Subject key identifier: C1:98:A6:82:22:08:6F:80:AA:D7:B7:EF:9A:14:38:2A:A8:BB:7B:AF
Certificate issuer: /CN=abaedf2f8128f48eb8113bfaf4d67d901049093a
Certificate serial: 018A359D86DE02DCADB9CBAF247833B8AE87
Authority key identifier: AB:AE:DF:2F:81:28:F4:8E:B8:11:3B:FA:F4:D6:7D:90:10:49:09:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q67fL4Eo9I64ETv69NZ9kBBJCTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/dd41f5-bc06-4c97-9ed8-fc460ff98e31/1/wZimgiIIb4Cq17fvmhQ4Kqi7e68.roa
Signing time: Sun 27 Aug 2023 06:10:30 +0000
ROA not before: Sun 27 Aug 2023 06:10:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198183
IP address blocks: 130.255.89.0/24 maxlen: 24
130.255.88.0/24 maxlen: 24
130.255.91.0/24 maxlen: 24
130.255.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:35:9d:86:de:02:dc:ad:b9:cb:af:24:78:33:b8:ae:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abaedf2f8128f48eb8113bfaf4d67d901049093a
Validity
Not Before: Aug 27 06:10:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c198a68222086f80aad7b7ef9a14382aa8bb7baf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a4:8f:f7:35:e3:64:18:f4:c9:73:07:ef:17:
30:4c:ec:1e:19:37:cb:f3:66:f7:17:97:08:65:33:
1c:94:34:37:a6:79:b9:5d:b3:53:0e:1c:28:c5:b0:
76:80:a9:04:7c:1b:fa:83:4f:46:c2:09:52:ef:c3:
eb:a3:e3:ad:f5:9b:a8:d4:69:fc:1b:2e:fc:c1:8b:
53:3d:93:71:26:69:e3:c4:b0:34:0b:6d:d2:d2:8d:
33:88:ec:69:88:2e:ba:b3:84:55:9b:6b:83:81:e2:
68:02:33:5f:ee:c4:ae:4f:a9:b4:fa:23:3c:f4:9f:
2e:b6:e4:34:5e:3c:cf:e3:5c:3c:87:91:63:f5:80:
32:98:90:f3:3d:dc:d9:3d:d9:a2:ce:26:83:40:0b:
92:71:49:9e:31:4e:24:b1:fc:f2:52:36:9a:6a:0a:
f4:57:90:71:d6:ef:74:dd:4b:8c:cc:ea:fb:4c:3b:
bf:09:a5:79:94:9d:e4:b7:07:e5:4a:27:61:f0:55:
dd:76:9e:42:1a:5b:ed:05:ef:3e:66:a9:15:1c:78:
b9:7f:dd:8f:b8:bb:cc:8a:ed:bc:a0:84:d5:ae:ee:
71:26:ff:1f:4c:64:f0:59:50:62:25:c9:a6:3b:d5:
03:23:5b:fa:67:9e:4c:d2:63:9f:64:f3:d9:26:7e:
bd:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:98:A6:82:22:08:6F:80:AA:D7:B7:EF:9A:14:38:2A:A8:BB:7B:AF
X509v3 Authority Key Identifier:
keyid:AB:AE:DF:2F:81:28:F4:8E:B8:11:3B:FA:F4:D6:7D:90:10:49:09:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q67fL4Eo9I64ETv69NZ9kBBJCTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/dd41f5-bc06-4c97-9ed8-fc460ff98e31/1/wZimgiIIb4Cq17fvmhQ4Kqi7e68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/dd41f5-bc06-4c97-9ed8-fc460ff98e31/1/q67fL4Eo9I64ETv69NZ9kBBJCTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.88.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:a9:d0:a8:4a:1a:73:57:83:07:3a:f4:1d:6a:dc:66:99:94:
b8:e8:7a:c6:ed:28:21:13:a9:6e:50:a2:07:fe:1c:79:05:f7:
a6:0c:8f:da:b4:dd:83:f5:6c:0c:6b:76:20:a3:4c:0c:e6:41:
6b:9f:1f:3a:6f:eb:37:6d:84:bf:ae:9d:bd:d6:54:5c:2b:5d:
36:9a:49:69:d7:a5:df:5b:19:78:75:a4:99:f9:ab:9c:f6:78:
74:2a:b3:e5:2c:75:35:2c:08:23:0e:17:1f:53:03:0f:73:46:
f0:a0:c4:e8:8d:b4:ce:75:a8:57:fd:12:0a:f8:65:50:bd:1c:
8e:0f:45:8d:be:7c:fc:40:eb:79:34:12:a9:d0:17:91:78:99:
4c:d0:70:9d:d7:18:7d:af:b4:e6:42:e4:a9:49:6e:2b:0e:d4:
de:3c:c5:c9:78:cd:26:76:fc:24:6a:f5:ab:e2:5e:7d:7a:d8:
77:d8:17:ab:14:58:ce:77:be:ee:96:30:ed:38:f6:23:94:a1:
73:ef:3d:d3:69:4b:6a:1c:64:a2:c3:7c:95:9a:93:82:c2:6b:
eb:ea:f2:bf:4b:78:5f:10:34:86:bc:02:bf:d7:b4:ca:93:da:
35:8f:2a:ce:19:28:6a:29:01:46:47:0e:28:9f:e3:93:52:80:
a8:2f:c6:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo1nYbeAtytucuvJHgzuK6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYWVkZjJmODEyOGY0OGViODExM2JmYWY0ZDY3ZDkwMTA0
OTA5M2EwHhcNMjMwODI3MDYxMDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTk4YTY4MjIyMDg2ZjgwYWFkN2I3ZWY5YTE0MzgyYWE4YmI3YmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaSP9zXjZBj0yXMH7xcwTOweGTfL
82b3F5cIZTMclDQ3pnm5XbNTDhwoxbB2gKkEfBv6g09GwglS78Pro+Ot9Zuo1Gn8
Gy78wYtTPZNxJmnjxLA0C23S0o0ziOxpiC66s4RVm2uDgeJoAjNf7sSuT6m0+iM8
9J8utuQ0XjzP41w8h5Fj9YAymJDzPdzZPdmiziaDQAuScUmeMU4ksfzyUjaaagr0
V5Bx1u903UuMzOr7TDu/CaV5lJ3ktwflSidh8FXddp5CGlvtBe8+ZqkVHHi5f92P
uLvMiu28oITVru5xJv8fTGTwWVBiJcmmO9UDI1v6Z55M0mOfZPPZJn69sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMGYpoIiCG+Aqte375oUOCqou3uvMB8GA1UdIwQY
MBaAFKuu3y+BKPSOuBE7+vTWfZAQSQk6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTY3Zkw0RW85STY0RVR2NjlOWjlrQkJKQ1RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9kZDQxZjUtYmMwNi00Yzk3LTllZDgt
ZmM0NjBmZjk4ZTMxLzEvd1ppbWdpSUliNENxMTdmdm1oUTRLcWk3ZTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9kZDQxZjUtYmMwNi00Yzk3LTllZDgtZmM0NjBmZjk4ZTMx
LzEvcTY3Zkw0RW85STY0RVR2NjlOWjlrQkJKQ1RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCgv9YMA0G
CSqGSIb3DQEBCwUAA4IBAQA8qdCoShpzV4MHOvQdatxmmZS46HrG7SghE6luUKIH
/hx5BfemDI/atN2D9WwMa3Ygo0wM5kFrnx86b+s3bYS/rp291lRcK102mklp16Xf
Wxl4daSZ+auc9nh0KrPlLHU1LAgjDhcfUwMPc0bwoMTojbTOdahX/RIK+GVQvRyO
D0WNvnz8QOt5NBKp0BeReJlM0HCd1xh9r7TmQuSpSW4rDtTePMXJeM0mdvwkavWr
4l59eth32BerFFjOd77uljDtOPYjlKFz7z3TaUtqHGSiw3yVmpOCwmvr6vK/S3hf
EDSGvAK/17TKk9o1jyrOGShqKQFGRw4on+OTUoCoL8Ys
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:09 2024 by rpki-client on console-fra.rpki-client.org