Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/662070-3677-4712-a4cf-a2b7b0396bd6/1/wFYSBwOLuE8T9h1ErPGIVso9VU4.roa
File: wFYSBwOLuE8T9h1ErPGIVso9VU4.roa (raw, json)
Hash identifier: zPEP+PcNV0ICg8xh6jQVSzzX1mRueuICgjxPFlR136Q=
Subject key identifier: C0:56:12:07:03:8B:B8:4F:13:F6:1D:44:AC:F1:88:56:CA:3D:55:4E
Certificate issuer: /CN=147341d30575144be32cd7c8e3ebd4c6329a3141
Certificate serial: 018570705F9C84C12A1D3CCDC253D04D8825
Authority key identifier: 14:73:41:D3:05:75:14:4B:E3:2C:D7:C8:E3:EB:D4:C6:32:9A:31:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FHNB0wV1FEvjLNfI4-vUxjKaMUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/662070-3677-4712-a4cf-a2b7b0396bd6/1/wFYSBwOLuE8T9h1ErPGIVso9VU4.roa
Signing time: Mon 02 Jan 2023 03:04:50 +0000
ROA not before: Mon 02 Jan 2023 03:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203434
IP address blocks: 185.134.164.0/22 maxlen: 24
45.66.232.0/22 maxlen: 24
2a00:b0a0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:5f:9c:84:c1:2a:1d:3c:cd:c2:53:d0:4d:88:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=147341d30575144be32cd7c8e3ebd4c6329a3141
Validity
Not Before: Jan 2 03:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0561207038bb84f13f61d44acf18856ca3d554e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b3:f7:f7:88:99:96:63:d9:0d:58:65:3f:6c:
e4:02:23:c1:99:ea:29:c6:22:16:21:18:95:9f:64:
c6:ed:64:e4:d0:62:c9:71:ce:f5:e8:6e:e3:29:e4:
3d:cb:e3:69:e2:d8:21:20:9a:0e:b1:92:34:9d:9f:
ba:0a:ea:eb:bc:75:06:f4:02:2f:65:dd:64:27:a9:
58:b6:b8:85:3c:78:25:a3:7d:53:17:b4:c5:38:3d:
26:c7:73:2b:0e:19:d7:27:00:23:de:5c:84:a7:a6:
21:b9:c0:6d:1a:db:64:7d:ab:31:36:7a:36:d5:a5:
7d:26:09:ee:9f:ce:93:f7:3d:d3:e4:7e:00:25:fa:
fe:eb:5e:c4:9a:70:db:e0:05:41:54:db:20:c8:ad:
c4:e0:fd:d8:9a:ec:67:d2:0f:f9:fd:c4:91:77:23:
45:94:4f:13:96:f5:dc:75:8f:ca:56:b4:09:3c:c4:
2f:75:5b:04:02:c2:4d:f1:47:95:5b:97:27:28:45:
cf:23:b0:ef:f6:86:96:5c:9f:45:05:88:81:ee:d5:
a3:47:ac:f7:dc:c1:7d:9c:65:61:b4:99:e8:72:59:
a1:5e:76:fb:40:3f:3e:7a:12:75:8c:25:30:3b:07:
6a:89:38:7c:8c:72:38:c9:1d:ff:b4:e6:54:41:58:
1e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:56:12:07:03:8B:B8:4F:13:F6:1D:44:AC:F1:88:56:CA:3D:55:4E
X509v3 Authority Key Identifier:
keyid:14:73:41:D3:05:75:14:4B:E3:2C:D7:C8:E3:EB:D4:C6:32:9A:31:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FHNB0wV1FEvjLNfI4-vUxjKaMUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/662070-3677-4712-a4cf-a2b7b0396bd6/1/wFYSBwOLuE8T9h1ErPGIVso9VU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/662070-3677-4712-a4cf-a2b7b0396bd6/1/FHNB0wV1FEvjLNfI4-vUxjKaMUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.232.0/22
185.134.164.0/22
IPv6:
2a00:b0a0::/29
Signature Algorithm: sha256WithRSAEncryption
3d:16:1c:be:9b:07:d4:3f:67:f4:aa:86:29:c9:a5:e7:77:23:
88:e7:76:76:9f:5e:a8:7e:9a:1c:f9:9b:9b:f8:f7:70:2c:68:
13:3c:0f:f9:b0:04:22:54:27:51:81:78:6a:af:f8:64:5c:da:
28:cd:4d:1b:6f:0e:49:86:73:0e:72:91:f4:25:8b:4c:99:e3:
b3:fd:36:c5:dc:ef:ef:88:5d:25:ee:7d:f6:32:a6:ba:5d:ab:
60:24:31:e2:a8:0b:47:39:d7:2d:15:a8:9f:d1:9c:40:52:7c:
d3:01:21:f6:68:16:f4:76:1d:8a:c1:82:76:e2:3a:a1:ad:b3:
9b:50:60:07:8b:38:7d:99:9c:ba:2e:d4:2c:04:29:bf:3b:de:
46:40:08:5d:d1:96:cd:0d:3f:a8:70:19:16:02:53:88:8c:0f:
52:ee:77:f5:3b:0c:69:48:4a:57:e7:ca:dc:b9:37:11:a4:a1:
82:e7:d5:7a:d4:cf:9b:b2:f2:76:9f:d9:da:e5:b3:e4:5a:d7:
91:86:09:54:b0:18:ca:53:ad:a1:cf:5c:19:40:e5:be:96:10:
0d:11:cd:47:eb:62:cb:a2:cd:31:be:a1:6b:23:7f:6c:b9:a9:
5d:b2:67:6d:e4:e6:35:52:d8:86:1d:99:fe:09:7b:f3:76:96:
90:c6:26:01
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwcF+chMEqHTzNwlPQTYglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NzM0MWQzMDU3NTE0NGJlMzJjZDdjOGUzZWJkNGM2MzI5
YTMxNDEwHhcNMjMwMTAyMDMwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDU2MTIwNzAzOGJiODRmMTNmNjFkNDRhY2YxODg1NmNhM2Q1NTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLP394iZlmPZDVhlP2zkAiPBmeop
xiIWIRiVn2TG7WTk0GLJcc716G7jKeQ9y+Np4tghIJoOsZI0nZ+6CurrvHUG9AIv
Zd1kJ6lYtriFPHglo31TF7TFOD0mx3MrDhnXJwAj3lyEp6YhucBtGttkfasxNno2
1aV9Jgnun86T9z3T5H4AJfr+617EmnDb4AVBVNsgyK3E4P3Ymuxn0g/5/cSRdyNF
lE8TlvXcdY/KVrQJPMQvdVsEAsJN8UeVW5cnKEXPI7Dv9oaWXJ9FBYiB7tWjR6z3
3MF9nGVhtJnoclmhXnb7QD8+ehJ1jCUwOwdqiTh8jHI4yR3/tOZUQVgeSQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMBWEgcDi7hPE/YdRKzxiFbKPVVOMB8GA1UdIwQY
MBaAFBRzQdMFdRRL4yzXyOPr1MYymjFBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkhOQjB3VjFGRXZqTE5mSTQtdlV4akthTVVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi82NjIwNzAtMzY3Ny00NzEyLWE0Y2Yt
YTJiN2IwMzk2YmQ2LzEvd0ZZU0J3T0x1RThUOWgxRXJQR0lWc285VlU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi82NjIwNzAtMzY3Ny00NzEyLWE0Y2YtYTJiN2IwMzk2YmQ2
LzEvRkhOQjB3VjFGRXZqTE5mSTQtdlV4akthTVVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLULoAwQC
uYakMA0EAgACMAcDBQMqALCgMA0GCSqGSIb3DQEBCwUAA4IBAQA9Fhy+mwfUP2f0
qoYpyaXndyOI53Z2n16ofpoc+Zub+PdwLGgTPA/5sAQiVCdRgXhqr/hkXNoozU0b
bw5JhnMOcpH0JYtMmeOz/TbF3O/viF0l7n32Mqa6XatgJDHiqAtHOdctFaif0ZxA
UnzTASH2aBb0dh2KwYJ24jqhrbObUGAHizh9mZy6LtQsBCm/O95GQAhd0ZbNDT+o
cBkWAlOIjA9S7nf1OwxpSEpX58rcuTcRpKGC59V61M+bsvJ2n9na5bPkWteRhglU
sBjKU62hz1wZQOW+lhANEc1H62LLos0xvqFrI39sualdsmdt5OY1UtiGHZn+CXvz
dpaQxiYB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:20 2024 by rpki-client on console-ams.rpki-client.org