Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/WAfwidaj-rByBRcKKx8OQK-SCxE.roa
File: WAfwidaj-rByBRcKKx8OQK-SCxE.roa (raw, json)
Hash identifier: 3TZ4HYlZdZGfG8q0OTALz/w/v7FfYmVZJd2GbI8yjNs=
Subject key identifier: 58:07:F0:89:D6:A3:FA:B0:72:05:17:0A:2B:1F:0E:40:AF:92:0B:11
Certificate issuer: /CN=a61a8f667a3dddbd4a352318d8f0606c46e9f063
Certificate serial: 01856BC1147BF7964539A64582434EA4F21D
Authority key identifier: A6:1A:8F:66:7A:3D:DD:BD:4A:35:23:18:D8:F0:60:6C:46:E9:F0:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/phqPZno93b1KNSMY2PBgbEbp8GM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/WAfwidaj-rByBRcKKx8OQK-SCxE.roa
Signing time: Sun 01 Jan 2023 05:14:53 +0000
ROA not before: Sun 01 Jan 2023 05:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35055
IP address blocks: 185.190.64.0/22 maxlen: 24
185.64.120.0/22 maxlen: 24
45.14.240.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:14:7b:f7:96:45:39:a6:45:82:43:4e:a4:f2:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a61a8f667a3dddbd4a352318d8f0606c46e9f063
Validity
Not Before: Jan 1 05:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5807f089d6a3fab07205170a2b1f0e40af920b11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d8:62:08:87:86:6f:b0:be:1d:d4:b7:73:76:
87:7e:a3:31:df:ca:83:30:ec:1b:b1:21:cc:79:63:
51:18:16:f4:66:26:b6:d1:eb:5d:e0:c7:96:03:e7:
bb:0c:00:a4:52:b7:fc:3f:9d:5c:d7:38:89:37:b1:
ff:9c:e7:c4:a3:56:2c:a4:4a:9d:e9:7e:fb:b2:91:
62:88:b6:9e:6e:09:b8:b9:51:79:4a:42:e1:3f:c2:
c3:14:f7:47:01:10:b2:b3:9a:47:d7:6e:04:8c:c6:
9c:23:de:0c:cc:a1:79:b1:0d:60:3f:4c:69:f2:e2:
1d:b4:48:9b:0e:66:4c:5a:ac:b2:ad:33:3e:3b:c8:
74:44:d7:27:92:49:7f:2d:f8:09:92:1b:cc:b7:3b:
72:1f:89:4b:07:a3:24:72:00:41:29:3e:6a:84:b5:
67:55:fb:c5:d6:d3:07:aa:50:0f:82:8b:9f:bb:da:
23:c6:0e:db:d3:2a:97:0d:a5:00:89:4f:88:28:20:
15:b5:ed:02:9e:ef:ab:d5:81:d3:44:e6:86:0c:7c:
ce:cb:5c:d7:51:fa:ea:03:bd:c9:4a:13:fb:54:da:
ce:38:c3:e5:6e:a2:de:e6:88:dd:3d:4f:c8:81:57:
7a:d6:76:c7:5f:d4:25:cd:ef:f2:92:88:04:39:3f:
0b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:07:F0:89:D6:A3:FA:B0:72:05:17:0A:2B:1F:0E:40:AF:92:0B:11
X509v3 Authority Key Identifier:
keyid:A6:1A:8F:66:7A:3D:DD:BD:4A:35:23:18:D8:F0:60:6C:46:E9:F0:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/phqPZno93b1KNSMY2PBgbEbp8GM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/WAfwidaj-rByBRcKKx8OQK-SCxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/phqPZno93b1KNSMY2PBgbEbp8GM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.240.0/22
185.64.120.0/22
185.190.64.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:e1:5b:48:c0:b2:c3:76:0c:7e:59:5f:1e:12:12:19:3a:6d:
4d:06:01:f4:ff:03:e4:fd:8b:bc:50:30:63:77:73:2d:5c:bd:
83:69:25:19:7c:75:7b:36:18:05:8e:47:48:ca:51:cf:54:4d:
0c:ab:37:e9:0a:00:a2:22:76:7c:6a:92:04:f1:4f:5e:bf:cb:
1b:0c:4c:56:f8:50:5c:9a:7b:7e:3b:aa:8a:4d:9e:16:91:c2:
ee:14:ca:39:49:7d:21:e6:d5:04:a0:87:0b:c0:29:78:17:69:
39:0c:f6:3d:7d:08:5f:af:46:12:c0:c9:fa:5d:86:cd:3b:05:
7e:d8:06:ff:5e:86:98:e8:40:65:c8:6f:a2:9c:20:e1:87:f7:
0a:42:55:2c:01:66:25:6e:e4:92:99:8d:15:44:94:d2:1e:4e:
5b:d3:eb:ca:44:e5:d3:ff:e9:55:45:07:a6:10:0f:02:96:be:
e6:f7:4a:56:35:8e:4b:a8:fd:2b:8e:9d:40:5a:2d:db:cb:26:
22:83:b6:ff:e3:ea:95:d7:45:25:20:75:cd:d1:fb:04:e7:7e:
0d:6f:bb:6a:ee:4a:8d:a4:e0:d6:b3:bd:38:77:ca:7f:38:39:
fd:a8:e3:bc:f2:92:49:81:ec:0a:5a:01:64:38:e6:57:11:de:
b8:2f:4b:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVrwRR795ZFOaZFgkNOpPIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MWE4ZjY2N2EzZGRkYmQ0YTM1MjMxOGQ4ZjA2MDZjNDZl
OWYwNjMwHhcNMjMwMTAxMDUxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODA3ZjA4OWQ2YTNmYWIwNzIwNTE3MGEyYjFmMGU0MGFmOTIwYjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9hiCIeGb7C+HdS3c3aHfqMx38qD
MOwbsSHMeWNRGBb0Zia20etd4MeWA+e7DACkUrf8P51c1ziJN7H/nOfEo1YspEqd
6X77spFiiLaebgm4uVF5SkLhP8LDFPdHARCys5pH124EjMacI94MzKF5sQ1gP0xp
8uIdtEibDmZMWqyyrTM+O8h0RNcnkkl/LfgJkhvMtztyH4lLB6MkcgBBKT5qhLVn
VfvF1tMHqlAPgoufu9ojxg7b0yqXDaUAiU+IKCAVte0Cnu+r1YHTROaGDHzOy1zX
UfrqA73JShP7VNrOOMPlbqLe5ojdPU/IgVd61nbHX9Qlze/ykogEOT8LcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFgH8InWo/qwcgUXCisfDkCvkgsRMB8GA1UdIwQY
MBaAFKYaj2Z6Pd29SjUjGNjwYGxG6fBjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGhxUFpubzkzYjFLTlNNWTJQQmdiRWJwOEdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jZTg4YTItZWI4Ny00MmE1LTkxNmQt
YjU2YmIwNjQ3ODY4LzEvV0Fmd2lkYWotckJ5QlJjS0t4OE9RSy1TQ3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jZTg4YTItZWI4Ny00MmE1LTkxNmQtYjU2YmIwNjQ3ODY4
LzEvcGhxUFpubzkzYjFLTlNNWTJQQmdiRWJwOEdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLQ7wAwQC
uUB4AwQCub5AMA0GCSqGSIb3DQEBCwUAA4IBAQCn4VtIwLLDdgx+WV8eEhIZOm1N
BgH0/wPk/Yu8UDBjd3MtXL2DaSUZfHV7NhgFjkdIylHPVE0MqzfpCgCiInZ8apIE
8U9ev8sbDExW+FBcmnt+O6qKTZ4WkcLuFMo5SX0h5tUEoIcLwCl4F2k5DPY9fQhf
r0YSwMn6XYbNOwV+2Ab/XoaY6EBlyG+inCDhh/cKQlUsAWYlbuSSmY0VRJTSHk5b
0+vKROXT/+lVRQemEA8Clr7m90pWNY5LqP0rjp1AWi3byyYig7b/4+qV10UlIHXN
0fsE534Nb7tq7kqNpODWs704d8p/ODn9qOO88pJJgewKWgFkOOZXEd64L0sC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:07 2024 by rpki-client on console-fra.rpki-client.org