Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/W5ZeeJoeJd1wzVfL9Cwr8hGL990.roa
File: W5ZeeJoeJd1wzVfL9Cwr8hGL990.roa (raw, json)
Hash identifier: 6zk4cxK/Urvzk0hnZzBgy3ZpER1u20Vt1cZSSzYdSxg=
Subject key identifier: 5B:96:5E:78:9A:1E:25:DD:70:CD:57:CB:F4:2C:2B:F2:11:8B:F7:DD
Certificate issuer: /CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Certificate serial: 01856BCA4278E88F5D9B20BB81542D29A90E
Authority key identifier: 38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/W5ZeeJoeJd1wzVfL9Cwr8hGL990.roa
Signing time: Sun 01 Jan 2023 05:24:55 +0000
ROA not before: Sun 01 Jan 2023 05:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44277
IP address blocks: 86.107.180.0/24 maxlen: 24
188.213.51.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:42:78:e8:8f:5d:9b:20:bb:81:54:2d:29:a9:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Validity
Not Before: Jan 1 05:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b965e789a1e25dd70cd57cbf42c2bf2118bf7dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:51:9e:7a:10:af:09:a7:1d:6b:e6:e8:e0:78:
7f:5f:06:de:9c:32:65:e6:5c:72:3c:09:d8:d3:8e:
be:1b:cc:14:b3:88:a9:69:21:b2:83:56:9d:e5:b4:
a7:74:f6:a4:d6:f6:d0:10:fb:e6:e5:d9:33:61:ed:
a8:7c:18:51:0f:f5:3d:97:53:ee:c1:e1:a1:ed:33:
ff:5b:fb:00:43:36:e7:20:a4:63:0f:55:36:5f:79:
f2:11:cc:8c:ac:d6:79:1e:52:f4:d4:76:37:6b:35:
d5:62:c6:c6:4d:bd:19:ad:d9:42:32:83:63:fd:7b:
44:9d:a0:35:9a:07:de:42:ad:f7:57:70:af:2c:8b:
e6:5a:bc:67:ea:b9:44:92:c6:1d:e0:d7:b9:4e:38:
9c:0d:7e:78:74:66:17:33:9e:aa:3f:f2:7b:9f:ed:
5e:86:2f:f1:a4:05:b9:36:fc:cf:43:3b:b1:7b:71:
1a:c7:b1:0d:08:c2:75:6a:2b:10:e5:89:57:3e:ec:
1b:e4:99:d1:25:6b:93:5c:11:68:54:70:d3:13:7e:
9d:b8:43:d5:20:2a:4e:3d:a4:5e:67:f7:54:29:87:
e7:e8:4c:cf:f1:ea:4b:fb:70:ed:c6:6c:ce:10:32:
1e:4f:87:0c:28:9a:0f:07:e5:06:36:0c:c5:db:11:
3a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:96:5E:78:9A:1E:25:DD:70:CD:57:CB:F4:2C:2B:F2:11:8B:F7:DD
X509v3 Authority Key Identifier:
keyid:38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/W5ZeeJoeJd1wzVfL9Cwr8hGL990.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.180.0/24
188.213.51.0/24
Signature Algorithm: sha256WithRSAEncryption
58:ce:40:1c:6e:13:3f:db:b8:32:57:3f:4e:fa:a3:78:14:15:
42:60:5c:63:d0:fa:a7:32:c9:18:bd:42:3a:32:14:56:b1:41:
f4:1b:4d:c4:a9:99:a9:14:c7:db:d9:cf:86:aa:0c:a3:90:8e:
3a:07:60:bf:65:0b:4d:1d:0d:9a:74:c3:2c:d8:ac:78:db:79:
50:d4:9e:0c:8c:2f:21:6b:db:87:4e:90:59:49:89:ee:1b:72:
02:05:d0:fd:b3:54:c5:90:fa:14:09:e5:82:bb:f2:51:39:ce:
3c:92:1d:98:34:92:b0:09:4f:00:88:c6:0b:45:f6:ef:e7:3d:
7c:53:98:ca:21:5d:06:55:b3:80:52:1c:7f:29:0f:0a:bb:63:
bf:d3:59:91:14:ad:0b:ef:a1:83:f7:2e:50:45:46:72:c7:d5:
6a:3d:f0:d8:55:e5:72:cf:47:ea:ae:11:b7:1b:51:62:6d:cf:
36:34:7f:14:20:d3:34:85:a6:43:e4:f0:96:f4:b1:a2:71:23:
2e:ca:eb:50:48:70:72:79:54:05:96:d5:60:0d:34:25:ef:02:
db:d8:a1:4e:aa:34:04:3a:7e:12:b0:50:25:a9:1c:86:aa:eb:
49:64:b6:d7:e8:ac:1a:fe:f0:8e:df:a3:b5:34:37:1c:41:c0:
fc:a1:df:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrykJ46I9dmyC7gVQtKakOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTg1NTA2NTliYjY4ZTc3MGQ4YjAxMjZiNzI2MWZiODdk
ODI0MGIwHhcNMjMwMTAxMDUyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yjk2NWU3ODlhMWUyNWRkNzBjZDU3Y2JmNDJjMmJmMjExOGJmN2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FGeehCvCacda+bo4Hh/XwbenDJl
5lxyPAnY046+G8wUs4ipaSGyg1ad5bSndPak1vbQEPvm5dkzYe2ofBhRD/U9l1Pu
weGh7TP/W/sAQzbnIKRjD1U2X3nyEcyMrNZ5HlL01HY3azXVYsbGTb0ZrdlCMoNj
/XtEnaA1mgfeQq33V3CvLIvmWrxn6rlEksYd4Ne5TjicDX54dGYXM56qP/J7n+1e
hi/xpAW5NvzPQzuxe3Eax7ENCMJ1aisQ5YlXPuwb5JnRJWuTXBFoVHDTE36duEPV
ICpOPaReZ/dUKYfn6EzP8epL+3DtxmzOEDIeT4cMKJoPB+UGNgzF2xE6IQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFuWXniaHiXdcM1Xy/QsK/IRi/fdMB8GA1UdIwQY
MBaAFDioVQZZu2jncNiwEmtyYfuH2CQLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEt
MWQ3MDNiNDk2NjM0LzEvVzVaZWVKb2VKZDF3elZmTDlDd3I4aEdMOTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEtMWQ3MDNiNDk2NjM0
LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVmu0AwQA
vNUzMA0GCSqGSIb3DQEBCwUAA4IBAQBYzkAcbhM/27gyVz9O+qN4FBVCYFxj0Pqn
MskYvUI6MhRWsUH0G03EqZmpFMfb2c+GqgyjkI46B2C/ZQtNHQ2adMMs2Kx423lQ
1J4MjC8ha9uHTpBZSYnuG3ICBdD9s1TFkPoUCeWCu/JROc48kh2YNJKwCU8AiMYL
Rfbv5z18U5jKIV0GVbOAUhx/KQ8Ku2O/01mRFK0L76GD9y5QRUZyx9VqPfDYVeVy
z0fqrhG3G1Fibc82NH8UINM0haZD5PCW9LGicSMuyutQSHByeVQFltVgDTQl7wLb
2KFOqjQEOn4SsFAlqRyGqutJZLbX6Kwa/vCO36O1NDccQcD8od9u
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:34:51 2024 by rpki-client on console.sobornost.net