Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/WGsPsYvHHp5W8WeV-lIC0popw1Q.roa
File: WGsPsYvHHp5W8WeV-lIC0popw1Q.roa (raw, json)
Hash identifier: evcQsLv7s1QPd7Oyv4ED8qW/FW/HLQ2EoIYix5DvzqU=
Subject key identifier: 58:6B:0F:B1:8B:C7:1E:9E:56:F1:67:95:FA:52:02:D2:9A:29:C3:54
Certificate issuer: /CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Certificate serial: 0186EFC0FC13008823F9F1755C5BE4B403EA
Authority key identifier: 5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/WGsPsYvHHp5W8WeV-lIC0popw1Q.roa
Signing time: Fri 17 Mar 2023 13:27:27 +0000
ROA not before: Fri 17 Mar 2023 13:27:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20847
IP address blocks: 195.211.72.0/22 maxlen: 24
141.138.168.0/22 maxlen: 24
141.138.168.0/21 maxlen: 24
2a03:3c00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:c0:fc:13:00:88:23:f9:f1:75:5c:5b:e4:b4:03:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Validity
Not Before: Mar 17 13:27:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=586b0fb18bc71e9e56f16795fa5202d29a29c354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:51:74:47:a4:88:dd:d0:ad:cd:54:50:c7:0d:
f6:3e:7d:7b:fe:7e:c9:32:ea:af:08:b3:e3:c2:58:
6f:c7:41:ed:36:00:a2:08:dd:93:2a:83:8c:34:1d:
c1:f2:96:8c:e5:66:8b:32:4a:9a:60:e0:ea:8c:86:
05:3a:d2:47:7a:3b:d1:52:6a:32:e1:04:e9:fc:b7:
16:25:ae:9e:93:58:c1:8e:93:a1:ad:76:3b:9d:85:
2c:77:2e:03:ee:73:93:4b:17:89:f9:62:88:39:7a:
77:84:fc:e5:46:b3:56:95:15:98:64:18:99:f2:d0:
60:45:62:94:0d:af:08:64:73:e8:b0:39:ac:0c:83:
e0:d9:f2:5d:4c:c5:23:99:0a:6b:1a:b4:cb:e5:ea:
01:9a:3e:6c:96:ee:a2:37:d9:d2:25:23:6b:ef:d9:
f4:86:8f:dd:10:a3:d4:96:7b:69:08:df:c7:99:90:
09:14:d1:cb:bd:5c:1d:63:f1:e7:c9:8a:b6:15:dd:
74:48:39:f1:6c:9a:49:24:a9:97:33:d7:9b:3e:8a:
32:db:7f:dc:8a:d0:a2:2c:4a:4f:49:89:bd:e3:d3:
33:28:7a:b8:1d:75:8e:76:c6:00:b7:46:7f:99:0e:
e9:84:8a:34:3c:93:ea:5b:99:8e:fd:e2:55:dd:6c:
26:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:6B:0F:B1:8B:C7:1E:9E:56:F1:67:95:FA:52:02:D2:9A:29:C3:54
X509v3 Authority Key Identifier:
keyid:5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/WGsPsYvHHp5W8WeV-lIC0popw1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.168.0/21
195.211.72.0/22
IPv6:
2a03:3c00::/32
Signature Algorithm: sha256WithRSAEncryption
c7:ea:91:3d:35:b3:67:18:10:ae:92:8d:4d:50:07:ca:57:ab:
98:0c:20:50:fb:15:44:eb:ee:ff:2f:8f:f6:3e:91:22:5c:10:
df:5f:41:d0:e5:64:d2:fd:10:d2:89:0b:b6:06:4d:64:03:53:
c6:51:29:df:95:fc:c7:e7:5e:63:ce:3a:11:e6:5f:a5:92:ac:
4e:65:33:3f:5c:77:ed:14:48:9d:24:7c:f5:77:17:b2:e5:f4:
dc:ad:6e:33:7b:6b:14:63:2e:fa:a0:bb:39:18:70:82:e9:84:
55:71:2a:8c:8f:a6:8d:29:1a:3e:91:78:2f:23:6b:96:22:91:
10:84:e1:c2:c6:7a:eb:e1:8f:49:ae:33:4f:59:fb:85:17:f3:
96:be:4b:79:23:ea:c9:e5:dd:a4:98:2f:86:7a:22:79:63:da:
18:f9:ac:02:86:af:2f:0a:58:2c:5b:1f:bd:8d:55:0f:75:b6:
40:2e:b3:a3:16:70:31:9d:f9:c2:5e:56:16:c8:b0:c8:f3:8c:
e5:32:89:ee:bb:3e:2b:64:bd:ec:f8:bf:b6:ed:fc:41:a1:1a:
65:99:27:12:8f:a4:a6:0b:93:20:17:64:ff:c7:04:95:95:07:
d7:5a:b0:56:44:79:0d:d8:be:1c:7d:31:be:86:e2:74:a2:e6:
45:f8:1c:0c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbvwPwTAIgj+fF1XFvktAPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTk4MDEzMmQxOTNlMjcwZWQxZWZlMGFkMjg0OWZlOGFi
MGQ3NmMwHhcNMjMwMzE3MTMyNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODZiMGZiMThiYzcxZTllNTZmMTY3OTVmYTUyMDJkMjlhMjljMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lF0R6SI3dCtzVRQxw32Pn17/n7J
MuqvCLPjwlhvx0HtNgCiCN2TKoOMNB3B8paM5WaLMkqaYODqjIYFOtJHejvRUmoy
4QTp/LcWJa6ek1jBjpOhrXY7nYUsdy4D7nOTSxeJ+WKIOXp3hPzlRrNWlRWYZBiZ
8tBgRWKUDa8IZHPosDmsDIPg2fJdTMUjmQprGrTL5eoBmj5slu6iN9nSJSNr79n0
ho/dEKPUlntpCN/HmZAJFNHLvVwdY/HnyYq2Fd10SDnxbJpJJKmXM9ebPooy23/c
itCiLEpPSYm949MzKHq4HXWOdsYAt0Z/mQ7phIo0PJPqW5mO/eJV3WwmKQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFhrD7GLxx6eVvFnlfpSAtKaKcNUMB8GA1UdIwQY
MBaAFF9ZgBMtGT4nDtHv4K0oSf6KsNdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYt
MWUxZGU5MWE5ODdjLzEvV0dzUHNZdkhIcDVXOFdlVi1sSUMwcG9wdzFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYtMWUxZGU5MWE5ODdj
LzEvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDjYqoAwQC
w9NIMA0EAgACMAcDBQAqAzwAMA0GCSqGSIb3DQEBCwUAA4IBAQDH6pE9NbNnGBCu
ko1NUAfKV6uYDCBQ+xVE6+7/L4/2PpEiXBDfX0HQ5WTS/RDSiQu2Bk1kA1PGUSnf
lfzH515jzjoR5l+lkqxOZTM/XHftFEidJHz1dxey5fTcrW4ze2sUYy76oLs5GHCC
6YRVcSqMj6aNKRo+kXgvI2uWIpEQhOHCxnrr4Y9JrjNPWfuFF/OWvkt5I+rJ5d2k
mC+GeiJ5Y9oY+awChq8vClgsWx+9jVUPdbZALrOjFnAxnfnCXlYWyLDI84zlMonu
uz4rZL3s+L+27fxBoRplmScSj6SmC5MgF2T/xwSVlQfXWrBWRHkN2L4cfTG+huJ0
ouZF+BwM
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:57 2023 by rpki-client on console.sobornost.net