Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/WBzkCrdKKU6qZD8LH2FOqbdvBWs.roa
File: WBzkCrdKKU6qZD8LH2FOqbdvBWs.roa (raw, json)
Hash identifier: /oXwDSrPCL+jMx4zMcOzTrwTqHdPG6BjJkQ886At4no=
Subject key identifier: 58:1C:E4:0A:B7:4A:29:4E:AA:64:3F:0B:1F:61:4E:A9:B7:6F:05:6B
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018B89E790DEEC970FA31459F84A2F8FED84
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/WBzkCrdKKU6qZD8LH2FOqbdvBWs.roa
Signing time: Wed 01 Nov 2023 08:02:16 +0000
ROA not before: Wed 01 Nov 2023 08:02:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 195.133.202.0/23 maxlen: 24
194.58.64.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:89:e7:90:de:ec:97:0f:a3:14:59:f8:4a:2f:8f:ed:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Nov 1 08:02:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=581ce40ab74a294eaa643f0b1f614ea9b76f056b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5f:12:cf:32:7a:75:c4:45:61:61:05:a6:8d:
1d:30:05:8b:cc:c0:ea:bb:52:cf:d1:15:70:c6:b9:
11:9d:a1:d3:f5:e5:27:5f:30:10:dc:fc:b6:f2:20:
94:c8:74:7f:fd:26:ba:6a:ff:2b:f0:4c:2a:c1:4e:
b3:7a:dd:8e:50:18:16:a3:87:2c:42:01:78:8d:1c:
bd:9c:85:b1:78:00:70:85:2e:d8:dd:ca:13:17:39:
20:71:10:13:9b:0e:6f:8e:02:ef:04:aa:0b:12:a6:
ea:a6:a2:a6:92:a1:7a:31:d4:45:a7:53:c5:39:b5:
db:38:51:d0:24:fa:30:38:93:41:cf:8a:41:fb:e4:
c8:ef:cc:de:2f:4d:5a:e9:19:cb:fd:00:7f:75:08:
d9:3a:38:0d:a8:88:9c:7a:d0:2c:8c:85:d5:ab:47:
37:11:12:bd:1a:30:d0:75:b7:ca:88:ad:ea:26:2a:
ed:0c:45:32:e3:2f:2b:96:c0:12:c7:0d:dd:a4:f0:
cd:5f:04:01:0b:14:36:a1:b6:5e:b1:18:fa:17:fe:
68:c1:88:3c:7d:40:a9:69:4f:31:9a:3a:a4:4b:f9:
6d:36:6a:cb:52:0c:75:7e:a3:f1:7a:6b:0e:3a:25:
bc:05:d5:14:3e:95:e0:1e:dc:67:4d:25:f9:09:e4:
ee:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:1C:E4:0A:B7:4A:29:4E:AA:64:3F:0B:1F:61:4E:A9:B7:6F:05:6B
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/WBzkCrdKKU6qZD8LH2FOqbdvBWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.64.0/23
195.133.202.0/23
Signature Algorithm: sha256WithRSAEncryption
19:1c:45:0f:71:78:4e:45:d5:c0:9c:50:a0:b0:f7:52:44:8f:
d4:2f:80:10:66:1a:fb:2b:54:e7:fc:bc:d6:b9:ae:13:45:0d:
64:91:c9:0f:6c:7d:6e:1f:5b:49:f1:48:9b:ce:1b:97:a0:a3:
82:00:e2:be:b6:73:81:e4:e1:e3:a0:0a:b9:70:c2:25:01:5f:
9b:04:eb:3c:2f:7a:f6:58:cc:64:d5:65:f8:ad:1f:6a:9d:b6:
3c:0c:bb:52:5f:c2:f9:71:31:06:4a:04:30:98:fa:34:36:45:
f8:1c:d2:40:8c:18:d4:7e:f6:2e:43:17:1a:a7:65:e3:27:a2:
13:47:4c:a0:f8:56:3f:72:45:b8:7c:fb:b9:63:f4:f7:1a:4b:
9a:19:08:03:72:da:10:a0:a7:8b:22:53:94:e6:07:c9:1e:f2:
2c:5c:3b:fb:4b:e8:25:b9:d5:a7:93:cc:c4:03:81:5f:f1:08:
ef:e2:b2:18:93:cb:03:bc:c6:2a:1a:15:95:f7:21:bd:29:89:
a3:98:a6:6e:81:63:56:0c:ca:d5:47:c8:d5:23:97:04:bb:48:
d0:bc:03:d7:53:d4:58:81:f2:2e:76:09:26:be:f6:c2:32:77:
e9:df:ca:91:69:4c:09:ad:07:c8:57:b7:78:4b:1a:42:6c:9b:
33:80:43:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuJ55De7JcPoxRZ+Eovj+2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMTAxMDgwMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODFjZTQwYWI3NGEyOTRlYWE2NDNmMGIxZjYxNGVhOWI3NmYwNTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtl8SzzJ6dcRFYWEFpo0dMAWLzMDq
u1LP0RVwxrkRnaHT9eUnXzAQ3Py28iCUyHR//Sa6av8r8EwqwU6zet2OUBgWo4cs
QgF4jRy9nIWxeABwhS7Y3coTFzkgcRATmw5vjgLvBKoLEqbqpqKmkqF6MdRFp1PF
ObXbOFHQJPowOJNBz4pB++TI78zeL01a6RnL/QB/dQjZOjgNqIicetAsjIXVq0c3
ERK9GjDQdbfKiK3qJirtDEUy4y8rlsASxw3dpPDNXwQBCxQ2obZesRj6F/5owYg8
fUCpaU8xmjqkS/ltNmrLUgx1fqPxemsOOiW8BdUUPpXgHtxnTSX5CeTuxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFgc5Aq3SilOqmQ/Cx9hTqm3bwVrMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvV0J6a0NyZEtLVTZxWkQ4TEgyRk9xYmR2QldzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwjpAAwQB
w4XKMA0GCSqGSIb3DQEBCwUAA4IBAQAZHEUPcXhORdXAnFCgsPdSRI/UL4AQZhr7
K1Tn/LzWua4TRQ1kkckPbH1uH1tJ8UibzhuXoKOCAOK+tnOB5OHjoAq5cMIlAV+b
BOs8L3r2WMxk1WX4rR9qnbY8DLtSX8L5cTEGSgQwmPo0NkX4HNJAjBjUfvYuQxca
p2XjJ6ITR0yg+FY/ckW4fPu5Y/T3GkuaGQgDctoQoKeLIlOU5gfJHvIsXDv7S+gl
udWnk8zEA4Ff8Qjv4rIYk8sDvMYqGhWV9yG9KYmjmKZugWNWDMrVR8jVI5cEu0jQ
vAPXU9RYgfIudgkmvvbCMnfp38qRaUwJrQfIV7d4SxpCbJszgEM/
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:15:04 2024 by rpki-client on console-ams.rpki-client.org