Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/wvnO8ipksaInOuDOXj5eoyFYC38.roa
File: wvnO8ipksaInOuDOXj5eoyFYC38.roa (raw, json)
Hash identifier: LV9e27+DcMj6l19RcsZPkclcJJvqCRKmYG/xnbmI6+4=
Subject key identifier: C2:F9:CE:F2:2A:64:B1:A2:27:3A:E0:CE:5E:3E:5E:A3:21:58:0B:7F
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 018570D548D89CB271476233D4B376072E2F
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/wvnO8ipksaInOuDOXj5eoyFYC38.roa
Signing time: Mon 02 Jan 2023 04:55:04 +0000
ROA not before: Mon 02 Jan 2023 04:55:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212157
IP address blocks: 144.43.240.0/21 maxlen: 24
144.43.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:48:d8:9c:b2:71:47:62:33:d4:b3:76:07:2e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Jan 2 04:55:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2f9cef22a64b1a2273ae0ce5e3e5ea321580b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bc:f3:40:ed:82:7e:41:6e:86:9b:81:3c:ca:
3d:10:e4:9d:07:ed:81:9a:c1:47:42:cf:b2:3d:d6:
9d:c4:fd:fd:a6:7d:d4:d0:c3:46:df:d4:77:34:a3:
45:56:7e:1c:4e:97:cb:4e:f8:d2:39:c5:9c:2b:85:
8a:02:b8:01:3b:bb:83:39:b5:54:d4:a3:aa:f9:45:
52:7c:d6:29:b1:0a:9b:23:62:8a:ec:24:70:f1:5e:
6c:c3:b3:c1:92:3d:b3:00:dc:01:23:a9:79:0c:53:
95:97:0a:66:d5:6c:ed:1d:7a:bd:12:0b:99:9f:91:
b5:a8:36:1e:9f:ec:ab:3d:09:2f:e6:71:74:33:4c:
35:73:18:ed:6b:fb:8a:fe:6e:62:67:8d:35:ce:16:
fb:48:5d:a8:94:3d:3a:d0:b7:fd:38:66:d2:b8:dd:
4f:fe:cc:e0:de:fe:71:d4:2c:24:c6:61:5a:4e:8d:
a6:df:82:f0:96:6b:1a:fb:c1:f8:02:6a:e1:3e:28:
e0:3e:2e:f6:e9:54:02:9b:d5:08:79:32:a5:ea:a4:
ab:26:dd:10:c9:0c:8c:25:cf:c1:7a:8d:37:02:20:
1c:1a:b2:24:90:2d:d0:51:08:71:7a:07:9a:69:e1:
9f:7c:35:51:67:95:b7:60:e6:06:b8:fa:29:0b:7e:
d2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:F9:CE:F2:2A:64:B1:A2:27:3A:E0:CE:5E:3E:5E:A3:21:58:0B:7F
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/wvnO8ipksaInOuDOXj5eoyFYC38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.43.240.0/21
144.43.252.0/22
Signature Algorithm: sha256WithRSAEncryption
99:61:27:b7:5b:81:89:86:b7:6c:ba:cd:17:57:a4:73:a9:5e:
55:1f:e8:a5:96:ee:3d:7e:80:2b:58:ed:56:42:e6:da:97:2e:
3f:a6:3c:f4:69:5f:45:5d:78:6d:dc:36:9b:7f:64:ab:90:4f:
38:eb:47:e4:0f:0a:b7:8a:45:88:19:7f:b7:97:cd:4d:82:01:
c5:7e:c8:1a:c2:dd:29:ee:8e:d2:31:6e:e7:d9:a5:af:b4:19:
6b:f7:aa:2d:0e:03:37:28:37:52:c3:54:6c:30:98:6f:dd:f6:
a0:26:fd:8f:e6:4d:76:b6:f8:12:ff:ec:a8:3d:cd:51:68:1a:
ad:e8:2f:79:34:81:3c:22:db:43:66:0b:4c:cb:59:43:45:5f:
2c:db:71:ca:c9:6f:fd:b3:55:64:7f:d4:ae:e7:b0:22:a1:d7:
42:fe:da:4f:5e:9b:03:58:70:af:1f:11:23:c2:c6:4e:7a:a7:
a6:94:0b:69:66:85:9e:d6:0a:f4:cc:05:28:4a:21:11:e3:39:
e1:47:3d:d6:e2:e3:12:ac:18:b1:6f:ee:0c:78:3e:67:33:1f:
29:76:d6:22:6b:81:d1:ea:e4:db:59:66:cc:43:c5:e5:e7:97:
b9:1b:a5:1a:46:de:e2:3b:36:55:50:76:41:2e:9d:95:86:e3:
3a:0e:bd:1f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw1UjYnLJxR2Iz1LN2By4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjMwMTAyMDQ1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmY5Y2VmMjJhNjRiMWEyMjczYWUwY2U1ZTNlNWVhMzIxNTgwYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7zzQO2CfkFuhpuBPMo9EOSdB+2B
msFHQs+yPdadxP39pn3U0MNG39R3NKNFVn4cTpfLTvjSOcWcK4WKArgBO7uDObVU
1KOq+UVSfNYpsQqbI2KK7CRw8V5sw7PBkj2zANwBI6l5DFOVlwpm1WztHXq9EguZ
n5G1qDYen+yrPQkv5nF0M0w1cxjta/uK/m5iZ401zhb7SF2olD060Lf9OGbSuN1P
/szg3v5x1CwkxmFaTo2m34Lwlmsa+8H4AmrhPijgPi726VQCm9UIeTKl6qSrJt0Q
yQyMJc/Beo03AiAcGrIkkC3QUQhxegeaaeGffDVRZ5W3YOYGuPopC37SrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFML5zvIqZLGiJzrgzl4+XqMhWAt/MB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvd3ZuTzhpcGtzYUluT3VET1hqNWVveUZZQzM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDkCvwAwQC
kCv8MA0GCSqGSIb3DQEBCwUAA4IBAQCZYSe3W4GJhrdsus0XV6RzqV5VH+illu49
foArWO1WQubaly4/pjz0aV9FXXht3Dabf2SrkE8460fkDwq3ikWIGX+3l81NggHF
fsgawt0p7o7SMW7n2aWvtBlr96otDgM3KDdSw1RsMJhv3fagJv2P5k12tvgS/+yo
Pc1RaBqt6C95NIE8IttDZgtMy1lDRV8s23HKyW/9s1Vkf9Su57AioddC/tpPXpsD
WHCvHxEjwsZOeqemlAtpZoWe1gr0zAUoSiER4znhRz3W4uMSrBixb+4MeD5nMx8p
dtYia4HR6uTbWWbMQ8Xl55e5G6UaRt7iOzZVUHZBLp2VhuM6Dr0f
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:53:10 2024 by rpki-client on console-fra.rpki-client.org