Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/W8q_0lPCWbStB_7TG4qjs5oAD-Y.roa
File: W8q_0lPCWbStB_7TG4qjs5oAD-Y.roa (raw, json)
Hash identifier: /gS07NxD00g2IM72spyTZboOcJidK/0DQHqZ7q1n/a8=
Subject key identifier: 5B:CA:BF:D2:53:C2:59:B4:AD:07:FE:D3:1B:8A:A3:B3:9A:00:0F:E6
Certificate issuer: /CN=5e42c35612f45af41103520af2761cdaa51e3aa4
Certificate serial: 018B85A2918AA4ADC326F10F54FDB4CD94AC
Authority key identifier: 5E:42:C3:56:12:F4:5A:F4:11:03:52:0A:F2:76:1C:DA:A5:1E:3A:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/W8q_0lPCWbStB_7TG4qjs5oAD-Y.roa
Signing time: Tue 31 Oct 2023 12:08:25 +0000
ROA not before: Tue 31 Oct 2023 12:08:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209810
IP address blocks: 176.118.170.0/23 maxlen: 23
85.92.96.0/22 maxlen: 23
194.31.188.0/22 maxlen: 22
89.190.128.0/22 maxlen: 22
2a09:1980::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:85:a2:91:8a:a4:ad:c3:26:f1:0f:54:fd:b4:cd:94:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e42c35612f45af41103520af2761cdaa51e3aa4
Validity
Not Before: Oct 31 12:08:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bcabfd253c259b4ad07fed31b8aa3b39a000fe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0e:97:bc:92:b1:d8:20:9c:b3:42:a9:10:b7:
66:90:66:67:2e:ea:98:37:1c:71:6a:4d:9e:9b:1f:
e6:04:8b:b8:a1:7f:33:24:76:37:84:8c:b9:29:be:
0c:bd:92:06:87:de:d4:90:30:c2:d5:cb:ed:40:b8:
44:e8:33:72:88:16:e6:e1:df:04:a5:17:05:a2:10:
76:54:b5:fc:12:b7:86:b3:69:7a:c8:b4:89:60:8b:
ca:d4:ec:cb:c7:e4:03:00:2a:5f:32:23:8c:81:8d:
c7:fc:72:c2:55:97:67:a1:8c:8f:f2:ff:9d:66:21:
76:c9:05:2f:62:86:ce:4f:fd:4a:17:65:6e:28:6f:
f6:7c:dd:91:f5:81:13:70:70:09:3a:ee:4c:a0:01:
42:d5:19:d2:a4:e2:f1:6c:d6:d3:08:65:1b:b9:b2:
b7:57:93:1e:1a:ee:7e:ea:55:af:19:e1:6f:03:b1:
43:62:18:ca:a5:5f:43:20:75:71:c4:5b:de:32:ca:
5e:82:0d:e7:a4:89:9a:32:36:d7:84:fc:38:89:fc:
57:46:df:ea:07:2d:e5:98:cf:3e:f5:d5:49:e9:73:
e1:00:2f:77:7f:06:d8:15:07:67:cb:53:b4:93:ef:
da:fd:a3:4b:08:92:87:40:4f:35:3f:b8:57:a2:a6:
84:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:CA:BF:D2:53:C2:59:B4:AD:07:FE:D3:1B:8A:A3:B3:9A:00:0F:E6
X509v3 Authority Key Identifier:
keyid:5E:42:C3:56:12:F4:5A:F4:11:03:52:0A:F2:76:1C:DA:A5:1E:3A:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/W8q_0lPCWbStB_7TG4qjs5oAD-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.96.0/22
89.190.128.0/22
176.118.170.0/23
194.31.188.0/22
IPv6:
2a09:1980::/29
Signature Algorithm: sha256WithRSAEncryption
91:5f:cc:02:a1:17:7b:02:e9:a5:49:40:bf:13:07:14:78:53:
ff:ff:61:db:37:76:ec:c1:bc:5c:77:8f:37:40:77:81:ac:0c:
a8:41:26:c7:b5:12:28:d9:62:0d:f5:10:49:41:a6:61:8f:de:
14:bc:b3:8d:72:4d:fd:65:6b:74:a4:49:eb:e3:ac:b0:f6:77:
fa:18:e2:17:70:6f:12:50:ab:9d:71:17:a5:3c:29:21:c5:e2:
04:37:63:d2:e1:4d:11:fc:a6:7a:bf:6e:12:d2:aa:59:d1:44:
21:52:47:79:98:4d:93:d6:9b:97:04:b2:12:d9:ce:79:c6:ed:
b4:0b:6a:29:34:b6:0f:b5:63:73:16:89:b7:c8:b9:52:77:46:
24:5a:a0:ca:a8:e9:f0:41:20:f4:a7:26:19:79:e7:88:29:ae:
1e:b2:4b:41:b5:c1:61:f9:1f:ed:0b:d7:ad:d6:94:6d:23:be:
33:2a:e6:00:ba:96:18:dc:a4:17:ab:5a:fa:d8:fe:ad:64:05:
c6:97:56:2a:5e:32:4f:d7:e6:8c:99:be:25:92:51:ae:d5:c8:
96:c7:8f:0f:c2:94:e8:97:29:f3:07:e3:66:05:3e:a0:12:7a:
2c:31:32:8a:28:af:fe:10:cb:05:52:32:97:86:14:6e:e3:44:
b6:86:c9:6f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYuFopGKpK3DJvEPVP20zZSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDJjMzU2MTJmNDVhZjQxMTAzNTIwYWYyNzYxY2RhYTUx
ZTNhYTQwHhcNMjMxMDMxMTIwODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmNhYmZkMjUzYzI1OWI0YWQwN2ZlZDMxYjhhYTNiMzlhMDAwZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ6XvJKx2CCcs0KpELdmkGZnLuqY
Nxxxak2emx/mBIu4oX8zJHY3hIy5Kb4MvZIGh97UkDDC1cvtQLhE6DNyiBbm4d8E
pRcFohB2VLX8EreGs2l6yLSJYIvK1OzLx+QDACpfMiOMgY3H/HLCVZdnoYyP8v+d
ZiF2yQUvYobOT/1KF2VuKG/2fN2R9YETcHAJOu5MoAFC1RnSpOLxbNbTCGUbubK3
V5MeGu5+6lWvGeFvA7FDYhjKpV9DIHVxxFveMspegg3npImaMjbXhPw4ifxXRt/q
By3lmM8+9dVJ6XPhAC93fwbYFQdny1O0k+/a/aNLCJKHQE81P7hXoqaEaQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFvKv9JTwlm0rQf+0xuKo7OaAA/mMB8GA1UdIwQY
MBaAFF5Cw1YS9Fr0EQNSCvJ2HNqlHjqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtMRFZoTDBXdlFSQTFJSzhuWWMycVVlT3FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NzQ0OTYtOTdiZC00ZWIwLWE4ODYt
ODIxMTk5NzhkNmJiLzEvVzhxXzBsUENXYlN0Ql83VEc0cWpzNW9BRC1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NzQ0OTYtOTdiZC00ZWIwLWE4ODYtODIxMTk5NzhkNmJi
LzEvWGtMRFZoTDBXdlFSQTFJSzhuWWMycVVlT3FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCVVxgAwQC
Wb6AAwQBsHaqAwQCwh+8MA0EAgACMAcDBQMqCRmAMA0GCSqGSIb3DQEBCwUAA4IB
AQCRX8wCoRd7AumlSUC/EwcUeFP//2HbN3bswbxcd483QHeBrAyoQSbHtRIo2WIN
9RBJQaZhj94UvLONck39ZWt0pEnr46yw9nf6GOIXcG8SUKudcRelPCkhxeIEN2PS
4U0R/KZ6v24S0qpZ0UQhUkd5mE2T1puXBLIS2c55xu20C2opNLYPtWNzFom3yLlS
d0YkWqDKqOnwQSD0pyYZeeeIKa4esktBtcFh+R/tC9et1pRtI74zKuYAupYY3KQX
q1r62P6tZAXGl1YqXjJP1+aMmb4lklGu1ciWx48PwpTolynzB+NmBT6gEnosMTKK
KK/+EMsFUjKXhhRu40S2hslv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:14 2024 by rpki-client on console-fra.rpki-client.org