Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/5c1822-6ff9-4847-86b0-76ffab9b10aa/1/wJmqJRdTr-JjT8rfaOroyi2h-4w.roa
File: wJmqJRdTr-JjT8rfaOroyi2h-4w.roa (raw, json)
Hash identifier: ic4i4GllZObBTIZnC5XYycZHMsEh+pJyIc+sKh7OeoE=
Subject key identifier: C0:99:AA:25:17:53:AF:E2:63:4F:CA:DF:68:EA:E8:CA:2D:A1:FB:8C
Certificate issuer: /CN=7b019c40386a69e290fac166371565fd8d92e0f6
Certificate serial: 018571D7AFEE2E9B6283AB568E2D756FCF34
Authority key identifier: 7B:01:9C:40:38:6A:69:E2:90:FA:C1:66:37:15:65:FD:8D:92:E0:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ewGcQDhqaeKQ-sFmNxVl_Y2S4PY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/5c1822-6ff9-4847-86b0-76ffab9b10aa/1/wJmqJRdTr-JjT8rfaOroyi2h-4w.roa
Signing time: Mon 02 Jan 2023 09:37:18 +0000
ROA not before: Mon 02 Jan 2023 09:37:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202326
IP address blocks: 194.180.9.0/24 maxlen: 24
194.180.11.0/24 maxlen: 24
194.180.8.0/24 maxlen: 24
194.180.10.0/23 maxlen: 23
194.180.8.0/22 maxlen: 22
194.180.10.0/24 maxlen: 24
2a07:eb80::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:af:ee:2e:9b:62:83:ab:56:8e:2d:75:6f:cf:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b019c40386a69e290fac166371565fd8d92e0f6
Validity
Not Before: Jan 2 09:37:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c099aa251753afe2634fcadf68eae8ca2da1fb8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1c:22:e6:db:4d:88:c0:d6:7b:5f:8d:63:a7:
56:81:28:38:30:b5:b9:2d:7f:de:f7:e5:b2:12:d2:
bd:c4:9c:91:2e:0a:e8:70:99:4b:f6:8c:3d:a7:ad:
3f:83:98:23:1f:b8:5c:33:8e:c3:6e:9d:2f:fb:07:
62:89:59:ad:d4:97:cc:98:77:40:62:80:9e:fe:cc:
ad:46:e7:e4:52:be:83:61:b6:92:42:43:e0:c6:e0:
33:0b:27:b6:cc:8a:7b:23:1c:15:bc:39:0c:83:0b:
31:3f:3a:e3:72:d2:3d:1c:cf:e1:76:76:07:8d:3e:
5b:e3:27:da:30:b8:30:69:a9:73:cc:8b:b2:9c:75:
f9:32:75:b2:2e:5d:5b:b6:f2:57:ed:6e:c2:54:8a:
85:6d:9f:b1:3a:bb:ae:cf:bb:20:20:29:9f:7b:a9:
20:1d:52:3b:b8:e1:76:49:07:ab:05:17:da:9b:81:
bf:8b:01:d8:cb:18:2c:94:95:22:bf:f2:59:60:9c:
87:8f:5a:01:e0:d4:ad:38:84:ff:ff:db:f5:f4:c5:
d9:d4:f2:03:a2:81:05:4e:1f:4e:1b:91:53:1b:65:
b6:21:44:a5:9d:ce:36:b1:b7:0e:fb:ef:17:53:98:
1c:f6:b3:1a:f9:80:b3:b0:73:5a:04:dc:7a:0d:c1:
83:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:99:AA:25:17:53:AF:E2:63:4F:CA:DF:68:EA:E8:CA:2D:A1:FB:8C
X509v3 Authority Key Identifier:
keyid:7B:01:9C:40:38:6A:69:E2:90:FA:C1:66:37:15:65:FD:8D:92:E0:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ewGcQDhqaeKQ-sFmNxVl_Y2S4PY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/5c1822-6ff9-4847-86b0-76ffab9b10aa/1/wJmqJRdTr-JjT8rfaOroyi2h-4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/5c1822-6ff9-4847-86b0-76ffab9b10aa/1/ewGcQDhqaeKQ-sFmNxVl_Y2S4PY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.8.0/22
IPv6:
2a07:eb80::/32
Signature Algorithm: sha256WithRSAEncryption
04:8f:fa:34:81:da:8d:14:a2:f9:30:1c:ba:c3:d2:56:5c:6a:
b6:cb:c9:20:9b:f9:f2:03:48:91:9d:d3:37:b0:56:49:91:5a:
25:14:dc:80:a1:ba:87:dd:6e:15:31:db:d4:e6:66:49:18:65:
91:30:2b:6c:57:97:99:ee:d3:55:5b:65:76:1f:21:0a:39:a0:
dd:67:64:6b:58:04:f3:37:b1:e7:25:c6:f9:67:be:0f:08:63:
67:1a:c7:7e:f7:b2:25:46:d6:95:36:4b:7c:e1:3f:de:92:8f:
48:4b:92:75:aa:64:72:34:f8:f8:6a:ac:10:90:9c:73:91:9b:
54:27:c4:3b:8f:13:78:69:bd:94:3d:3d:f7:e3:40:81:5a:de:
9e:78:4e:c2:bd:24:1f:25:a3:a3:6a:ab:97:58:a4:87:76:14:
74:0c:7c:26:9c:7c:f6:31:0a:cf:07:11:3d:b3:57:38:e5:d0:
9f:06:43:ac:2a:ba:3e:85:94:65:37:71:e0:9e:f9:78:9a:22:
0d:ae:c0:25:08:d4:34:6e:a2:71:6f:1e:de:56:23:08:82:9e:
68:bc:0e:cf:d4:20:bc:49:af:b6:c3:95:a8:7c:d8:df:89:9e:
54:d1:8b:a3:7b:36:cc:71:3f:49:eb:ef:3e:3d:9f:10:7d:06:
97:14:8c:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx16/uLptig6tWji11b880MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMDE5YzQwMzg2YTY5ZTI5MGZhYzE2NjM3MTU2NWZkOGQ5
MmUwZjYwHhcNMjMwMTAyMDkzNzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDk5YWEyNTE3NTNhZmUyNjM0ZmNhZGY2OGVhZThjYTJkYTFmYjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphwi5ttNiMDWe1+NY6dWgSg4MLW5
LX/e9+WyEtK9xJyRLgrocJlL9ow9p60/g5gjH7hcM47Dbp0v+wdiiVmt1JfMmHdA
YoCe/sytRufkUr6DYbaSQkPgxuAzCye2zIp7IxwVvDkMgwsxPzrjctI9HM/hdnYH
jT5b4yfaMLgwaalzzIuynHX5MnWyLl1btvJX7W7CVIqFbZ+xOruuz7sgICmfe6kg
HVI7uOF2SQerBRfam4G/iwHYyxgslJUiv/JZYJyHj1oB4NStOIT//9v19MXZ1PID
ooEFTh9OG5FTG2W2IUSlnc42sbcO++8XU5gc9rMa+YCzsHNaBNx6DcGDAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMCZqiUXU6/iY0/K32jq6MotofuMMB8GA1UdIwQY
MBaAFHsBnEA4amnikPrBZjcVZf2NkuD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXdHY1FEaHFhZUtRLXNGbU54VmxfWTJTNFBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81YzE4MjItNmZmOS00ODQ3LTg2YjAt
NzZmZmFiOWIxMGFhLzEvd0ptcUpSZFRyLUpqVDhyZmFPcm95aTJoLTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi81YzE4MjItNmZmOS00ODQ3LTg2YjAtNzZmZmFiOWIxMGFh
LzEvZXdHY1FEaHFhZUtRLXNGbU54VmxfWTJTNFBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwrQIMA0E
AgACMAcDBQAqB+uAMA0GCSqGSIb3DQEBCwUAA4IBAQAEj/o0gdqNFKL5MBy6w9JW
XGq2y8kgm/nyA0iRndM3sFZJkVolFNyAobqH3W4VMdvU5mZJGGWRMCtsV5eZ7tNV
W2V2HyEKOaDdZ2RrWATzN7HnJcb5Z74PCGNnGsd+97IlRtaVNkt84T/eko9IS5J1
qmRyNPj4aqwQkJxzkZtUJ8Q7jxN4ab2UPT3340CBWt6eeE7CvSQfJaOjaquXWKSH
dhR0DHwmnHz2MQrPBxE9s1c45dCfBkOsKro+hZRlN3Hgnvl4miINrsAlCNQ0bqJx
bx7eViMIgp5ovA7P1CC8Sa+2w5WofNjfiZ5U0YujezbMcT9J6+8+PZ8QfQaXFIwg
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:28 2024 by rpki-client on console.sobornost.net