Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/WCHCt3lrszKTSQwg_hCqT1sheqs.roa
File: WCHCt3lrszKTSQwg_hCqT1sheqs.roa (raw, json)
Hash identifier: 33PjsSEN1z2EmN2b25Lvc2G4TX0JkM5SksZdSq8dVEc=
Subject key identifier: 58:21:C2:B7:79:6B:B3:32:93:49:0C:20:FE:10:AA:4F:5B:21:7A:AB
Certificate issuer: /CN=e1584910124af776e30e5acf055d6bae1761a536
Certificate serial: 01856F9DCEADC78F1FD7ED5EDB66AA8F7F51
Authority key identifier: E1:58:49:10:12:4A:F7:76:E3:0E:5A:CF:05:5D:6B:AE:17:61:A5:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/WCHCt3lrszKTSQwg_hCqT1sheqs.roa
Signing time: Sun 01 Jan 2023 23:14:50 +0000
ROA not before: Sun 01 Jan 2023 23:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a13:3c0:3::/48 maxlen: 48
2a13:3c0:6::/48 maxlen: 48
2a13:3c0:1::/48 maxlen: 48
2a13:3c0:9::/48 maxlen: 48
2a13:3c0:11::/48 maxlen: 48
2a13:3c0:4::/48 maxlen: 48
2a13:3c0:7::/48 maxlen: 48
2a13:3c0:2::/48 maxlen: 48
2a13:3c0:5::/48 maxlen: 48
2a13:3c0:8::/48 maxlen: 48
2a13:3c0:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:31:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:ce:ad:c7:8f:1f:d7:ed:5e:db:66:aa:8f:7f:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1584910124af776e30e5acf055d6bae1761a536
Validity
Not Before: Jan 1 23:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5821c2b7796bb33293490c20fe10aa4f5b217aab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:90:3d:34:3d:08:c9:b7:8b:b8:da:c1:70:06:
18:96:0e:a2:30:42:ad:82:13:87:04:8d:a7:3b:37:
95:28:de:c9:8d:81:7b:b3:d8:70:3b:7a:a0:f5:e8:
1d:63:7a:64:b9:42:f9:f3:ee:fc:61:78:e7:40:64:
6e:3e:8e:e0:bc:f7:3d:25:c9:07:8d:73:fb:c8:b2:
1e:cd:25:0f:c5:33:ec:ed:d0:fe:d0:ca:92:30:c9:
64:33:b6:45:7d:6d:25:31:b6:46:ef:ac:cf:80:74:
6b:31:e8:b5:c6:d3:d8:df:7e:50:7e:f2:96:d5:98:
fd:d3:67:7f:fb:4a:af:24:8f:15:dc:54:9a:61:6d:
ef:09:eb:18:bc:9e:27:0d:7c:52:31:cd:2d:25:18:
21:73:cf:bd:14:b8:88:c3:c3:06:3a:3e:79:2c:bf:
3e:08:36:90:cf:d9:97:e0:06:da:d1:09:85:19:82:
7e:45:69:8e:da:11:ca:a5:b8:d5:3d:48:62:dc:c5:
18:95:59:00:b2:f3:a6:e3:28:4e:db:f5:69:0d:a2:
f0:91:d2:16:4d:0e:8d:23:da:fb:a2:1e:b7:58:1f:
68:86:1a:e5:9a:c4:d2:17:27:be:03:22:00:aa:76:
2c:e3:9b:fa:74:e2:cf:9d:f8:34:23:ae:e5:65:6e:
07:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:21:C2:B7:79:6B:B3:32:93:49:0C:20:FE:10:AA:4F:5B:21:7A:AB
X509v3 Authority Key Identifier:
keyid:E1:58:49:10:12:4A:F7:76:E3:0E:5A:CF:05:5D:6B:AE:17:61:A5:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/WCHCt3lrszKTSQwg_hCqT1sheqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/4VhJEBJK93bjDlrPBV1rrhdhpTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3c0:1::-2a13:3c0:9:ffff:ffff:ffff:ffff:ffff
2a13:3c0:10::/47
Signature Algorithm: sha256WithRSAEncryption
82:b0:84:c8:70:d1:1c:dd:56:21:6a:84:7c:00:82:59:a8:3f:
8f:c3:85:ed:4c:15:9a:b3:26:77:e1:b5:84:81:aa:2f:7b:54:
9d:65:5d:99:0b:78:af:51:a9:c0:9d:75:c4:4c:29:aa:ff:a0:
a6:97:64:5e:b4:05:e0:ad:65:b6:29:eb:05:4e:fc:52:8c:62:
0f:c1:e2:ba:3f:98:5d:81:20:2b:9c:dc:cf:04:8f:5d:ce:1a:
56:d8:1f:0c:4a:cd:e3:d4:5a:77:88:f3:72:2b:c9:85:53:e2:
0d:c3:db:5d:d5:13:3a:56:ae:e2:19:43:a6:95:3a:cd:33:f9:
f5:77:e8:b2:57:1e:4c:ef:d5:d5:a9:02:84:e0:44:23:5d:2b:
8d:96:9b:93:fa:c8:ed:70:02:37:1f:0b:6a:60:8b:ec:c1:f2:
c8:e4:4e:ae:0c:a7:3f:bd:73:5a:a2:a9:25:ee:5a:61:36:33:
3c:68:5e:e7:47:83:ed:07:07:cd:95:0e:5a:f7:cd:4b:b8:ee:
16:de:7e:af:2c:3c:f5:b5:10:80:f7:62:c8:1b:60:8a:f0:e7:
75:b4:9a:d7:26:62:fb:cc:bc:52:72:ab:25:82:c1:66:94:86:
bb:2d:a3:44:1b:c2:12:0f:f3:4c:da:66:8c:19:5b:ff:ef:c6:
8b:23:98:84
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvnc6tx48f1+1e22aqj39RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTg0OTEwMTI0YWY3NzZlMzBlNWFjZjA1NWQ2YmFlMTc2
MWE1MzYwHhcNMjMwMTAxMjMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODIxYzJiNzc5NmJiMzMyOTM0OTBjMjBmZTEwYWE0ZjViMjE3YWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpA9ND0IybeLuNrBcAYYlg6iMEKt
ghOHBI2nOzeVKN7JjYF7s9hwO3qg9egdY3pkuUL58+78YXjnQGRuPo7gvPc9JckH
jXP7yLIezSUPxTPs7dD+0MqSMMlkM7ZFfW0lMbZG76zPgHRrMei1xtPY335QfvKW
1Zj902d/+0qvJI8V3FSaYW3vCesYvJ4nDXxSMc0tJRghc8+9FLiIw8MGOj55LL8+
CDaQz9mX4Aba0QmFGYJ+RWmO2hHKpbjVPUhi3MUYlVkAsvOm4yhO2/VpDaLwkdIW
TQ6NI9r7oh63WB9ohhrlmsTSFye+AyIAqnYs45v6dOLPnfg0I67lZW4HUQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFghwrd5a7Myk0kMIP4Qqk9bIXqrMB8GA1UdIwQY
MBaAFOFYSRASSvd24w5azwVda64XYaU2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZoSkVCSks5M2JqRGxyUEJWMXJyaGRocFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83MjE1ZTAtOWFiOC00YTEzLWE2MDUt
MzFhYjMyZmY3YzY4LzEvV0NIQ3QzbHJzektUU1F3Z19oQ3FUMXNoZXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83MjE1ZTAtOWFiOC00YTEzLWE2MDUtMzFhYjMyZmY3YzY4
LzEvNFZoSkVCSks5M2JqRGxyUEJWMXJyaGRocFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwAqEwPA
AAEDBwEqEwPAAAgDBwEqEwPAABAwDQYJKoZIhvcNAQELBQADggEBAIKwhMhw0Rzd
ViFqhHwAglmoP4/Dhe1MFZqzJnfhtYSBqi97VJ1lXZkLeK9RqcCddcRMKar/oKaX
ZF60BeCtZbYp6wVO/FKMYg/B4ro/mF2BICuc3M8Ej13OGlbYHwxKzePUWneI83Ir
yYVT4g3D213VEzpWruIZQ6aVOs0z+fV36LJXHkzv1dWpAoTgRCNdK42Wm5P6yO1w
AjcfC2pgi+zB8sjkTq4Mpz+9c1qiqSXuWmE2MzxoXudHg+0HB82VDlr3zUu47hbe
fq8sPPW1EID3YsgbYIrw53W0mtcmYvvMvFJyqyWCwWaUhrsto0QbwhIP80zaZowZ
W//vxosjmIQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:58 2024 by rpki-client on console-ams.rpki-client.org