Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/WXBB4xdzTnSk62Bz-AWAX99LQKM.roa
File: WXBB4xdzTnSk62Bz-AWAX99LQKM.roa (raw, json)
Hash identifier: 7ehIToI82/KGXEBKSikIKME+lOFDyvYdGrHeaeH+3nE=
Subject key identifier: 59:70:41:E3:17:73:4E:74:A4:EB:60:73:F8:05:80:5F:DF:4B:40:A3
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018BD8F1B75DAEAFC681C2BC59C7778866E1
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/WXBB4xdzTnSk62Bz-AWAX99LQKM.roa
Signing time: Thu 16 Nov 2023 16:23:21 +0000
ROA not before: Thu 16 Nov 2023 16:23:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3329
IP address blocks: 2a01:830::/32 maxlen: 32
2a01:8c8::/32 maxlen: 32
2a01:830:8000::/48 maxlen: 48
2a01:830:8001::/48 maxlen: 48
2a01:831::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:f1:b7:5d:ae:af:c6:81:c2:bc:59:c7:77:88:66:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 16 16:23:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=597041e317734e74a4eb6073f805805fdf4b40a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c9:f0:f9:80:20:70:1b:ce:1e:8d:ea:42:68:
fd:4e:93:a7:0c:7f:9a:b6:97:be:3a:f3:11:f2:b7:
d8:c9:47:aa:91:62:e9:56:45:d6:1d:35:20:84:a3:
c0:b7:9f:87:b6:66:c3:77:b2:36:7e:0a:00:87:77:
95:85:c0:68:3e:89:0a:39:ee:07:7c:7b:9a:ae:58:
98:d3:f3:ac:f8:4f:87:cd:6b:86:bc:07:7f:fa:59:
2e:4c:4a:04:65:ff:dd:58:dd:f5:1d:c5:45:e3:45:
64:be:92:20:e7:34:7b:f8:45:3d:67:7b:43:50:bd:
bf:8f:af:3c:50:f2:0d:2a:8a:08:3f:81:6c:f0:13:
1a:90:2c:2c:6a:b2:2f:2e:df:66:5e:be:b9:29:21:
bb:03:e0:7c:69:43:bc:42:5b:6f:74:62:f9:40:d9:
74:d9:fc:50:35:91:5a:52:59:02:fb:06:b4:d4:80:
32:65:92:6c:7b:4a:95:40:e5:1b:7f:88:ca:0f:95:
63:a9:2a:e1:89:86:29:b4:e7:f7:00:c0:6f:d3:34:
e7:0c:f1:f7:44:82:b5:48:40:f5:45:a3:d4:3d:d5:
5b:09:72:53:6e:a0:27:88:a6:ae:a7:ef:a2:e8:a9:
9f:8e:82:ab:1c:54:9c:17:36:2a:dc:4e:e1:94:23:
fc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:70:41:E3:17:73:4E:74:A4:EB:60:73:F8:05:80:5F:DF:4B:40:A3
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/WXBB4xdzTnSk62Bz-AWAX99LQKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:830::/31
2a01:8c8::/32
Signature Algorithm: sha256WithRSAEncryption
1b:68:d6:5c:0c:53:27:84:64:25:0d:12:91:8d:f5:a4:a0:13:
4d:a6:0d:7b:24:c4:da:75:a4:c4:71:c3:e9:bf:63:eb:39:9a:
af:92:a2:f0:63:3c:0b:3b:4f:89:2e:b3:ac:f7:6d:6b:50:b5:
f2:f5:43:d0:26:b7:7c:7a:29:14:3f:1f:88:ae:d9:6e:2a:d5:
b6:9e:4d:a9:be:59:a1:ac:37:cc:65:9e:07:39:5c:9a:b7:af:
83:3d:1d:cf:fd:e6:6e:6d:41:ca:0e:fc:b1:d1:fb:5f:39:9e:
dd:cd:e8:81:d0:cd:28:8f:34:a6:ef:f3:a3:2c:bb:70:ba:1d:
82:23:4a:17:c3:66:4f:b6:a0:ca:2c:c4:f4:38:76:3f:9d:d0:
65:77:8a:14:0e:dc:99:b7:b9:c8:92:50:bd:ea:88:b0:4c:a4:
4b:db:36:75:75:3f:05:33:93:ba:df:e1:57:aa:8f:84:b8:f3:
a8:75:2a:14:c7:4f:48:29:4f:2b:58:43:98:e3:39:b1:34:76:
0d:92:f8:59:67:c8:87:bf:00:bf:72:3a:a3:5b:ec:3a:89:9d:
b6:24:fd:88:d2:48:74:4a:dd:d9:d8:a9:ea:61:f0:c1:60:e3:
2e:ba:20:2b:b9:e1:1e:89:a8:32:74:28:50:c9:dd:81:ca:0e:
17:e4:42:3a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYvY8bddrq/GgcK8Wcd3iGbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTE2MTYyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTcwNDFlMzE3NzM0ZTc0YTRlYjYwNzNmODA1ODA1ZmRmNGI0MGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3snw+YAgcBvOHo3qQmj9TpOnDH+a
tpe+OvMR8rfYyUeqkWLpVkXWHTUghKPAt5+HtmbDd7I2fgoAh3eVhcBoPokKOe4H
fHuarliY0/Os+E+HzWuGvAd/+lkuTEoEZf/dWN31HcVF40VkvpIg5zR7+EU9Z3tD
UL2/j688UPINKooIP4Fs8BMakCwsarIvLt9mXr65KSG7A+B8aUO8QltvdGL5QNl0
2fxQNZFaUlkC+wa01IAyZZJse0qVQOUbf4jKD5VjqSrhiYYptOf3AMBv0zTnDPH3
RIK1SED1RaPUPdVbCXJTbqAniKaup++i6KmfjoKrHFScFzYq3E7hlCP8dQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFlwQeMXc050pOtgc/gFgF/fS0CjMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvV1hCQjR4ZHpUblNrNjJCei1BV0FYOTlMUUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUBKgEIMAMF
ACoBCMgwDQYJKoZIhvcNAQELBQADggEBABto1lwMUyeEZCUNEpGN9aSgE02mDXsk
xNp1pMRxw+m/Y+s5mq+SovBjPAs7T4kus6z3bWtQtfL1Q9Amt3x6KRQ/H4iu2W4q
1baeTam+WaGsN8xlngc5XJq3r4M9Hc/95m5tQcoO/LHR+185nt3N6IHQzSiPNKbv
86Msu3C6HYIjShfDZk+2oMosxPQ4dj+d0GV3ihQO3Jm3uciSUL3qiLBMpEvbNnV1
PwUzk7rf4Veqj4S486h1KhTHT0gpTytYQ5jjObE0dg2S+FlnyIe/AL9yOqNb7DqJ
nbYk/YjSSHRK3dnYqeph8MFg4y66ICu54R6JqDJ0KFDJ3YHKDhfkQjo=
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:35:25 2024 by rpki-client on console.sobornost.net