Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/W_J2FqjZcG6p-8BhHbBe3cPhOHM.roa
File: W_J2FqjZcG6p-8BhHbBe3cPhOHM.roa (raw, json)
Hash identifier: /ia/uB3APcDnT3dFZvcVKfS8RqN4OTAdZQFGEupfaPo=
Subject key identifier: 5B:F2:76:16:A8:D9:70:6E:A9:FB:C0:61:1D:B0:5E:DD:C3:E1:38:73
Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa
Certificate serial: 01856C6EE960C29E57C7DCD91D4B6D013EAA
Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/W_J2FqjZcG6p-8BhHbBe3cPhOHM.roa
Signing time: Sun 01 Jan 2023 08:24:46 +0000
ROA not before: Sun 01 Jan 2023 08:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207249
IP address blocks: 185.161.232.0/22 maxlen: 24
185.68.44.0/22 maxlen: 22
185.68.44.0/24 maxlen: 24
185.68.46.0/24 maxlen: 24
185.68.47.0/24 maxlen: 24
91.206.20.0/24 maxlen: 24
91.206.20.0/23 maxlen: 23
2a05:1600::/32 maxlen: 32
2a07:c880::/29 maxlen: 32
2a07:c883::/32 maxlen: 32
2a05:1600::/29 maxlen: 29
2a07:c881::/32 maxlen: 32
2a07:c884::/32 maxlen: 32
2a07:c880::/32 maxlen: 32
2a05:1602::/32 maxlen: 32
2a05:1601::/32 maxlen: 32
2a07:c882::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:e9:60:c2:9e:57:c7:dc:d9:1d:4b:6d:01:3e:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa
Validity
Not Before: Jan 1 08:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bf27616a8d9706ea9fbc0611db05eddc3e13873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:39:80:60:15:9b:d9:1e:fd:97:1c:91:be:01:
db:28:cf:bb:33:4f:13:51:63:7b:37:28:35:82:09:
63:7a:e5:db:8b:c1:11:c1:82:69:c6:e8:96:c4:ca:
b7:cb:e7:f8:2f:4e:30:e3:22:be:7d:b4:2c:01:2f:
f0:95:46:87:3e:9d:d3:14:75:8a:cd:fa:e1:05:28:
2f:16:af:07:45:89:2d:39:f8:a7:b6:c9:8d:ae:bc:
59:ca:6f:34:ac:83:52:f6:8d:28:44:1c:f2:68:46:
8b:ba:04:f3:98:c7:72:62:d3:69:32:a8:a5:73:49:
2e:44:30:d3:37:94:93:8d:7d:11:c3:07:42:40:9f:
8a:69:ef:9a:65:83:f1:eb:c5:81:1e:f2:ad:7e:5e:
79:f6:ea:0d:96:3b:e9:c2:d8:83:8a:97:55:89:c6:
e2:40:ab:e9:75:20:0e:78:0f:c3:bd:ce:73:50:db:
75:10:83:8a:a6:27:e3:bc:7a:a4:42:93:4c:0c:aa:
c2:bc:ad:a2:d2:e2:63:32:e7:ed:35:95:3d:8e:57:
0f:32:5f:fc:f3:18:d5:ea:b5:ee:59:70:fa:13:d4:
1f:5e:1c:94:ae:7f:94:f3:1d:25:3c:03:d5:60:6c:
1e:d5:65:d8:79:15:85:8e:00:69:bc:71:df:1d:2e:
a5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:F2:76:16:A8:D9:70:6E:A9:FB:C0:61:1D:B0:5E:DD:C3:E1:38:73
X509v3 Authority Key Identifier:
keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/W_J2FqjZcG6p-8BhHbBe3cPhOHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.20.0/23
185.68.44.0/22
185.161.232.0/22
IPv6:
2a05:1600::/29
2a07:c880::/29
Signature Algorithm: sha256WithRSAEncryption
5c:e4:1c:c1:e1:82:8e:99:fb:e7:a3:e7:aa:b3:e5:83:8e:42:
11:7d:2c:1f:e9:71:07:1f:a3:96:7e:90:c0:03:71:82:20:d4:
d7:16:ce:9d:c2:e7:21:9a:a9:1a:00:3e:a1:9b:ab:78:35:23:
fc:b6:26:d0:84:7d:5d:b1:31:c4:5d:9d:59:5f:02:d6:b9:24:
4d:e4:62:87:06:ad:48:b7:85:37:27:55:a6:d5:df:36:b1:0a:
10:23:16:a0:d7:b2:29:c7:e3:93:3e:57:fe:c4:5a:cc:7d:61:
87:8b:2a:0a:52:25:6e:46:6f:55:5b:11:2a:98:b1:a9:bb:b2:
e6:8c:05:d2:5d:84:02:e7:0d:6d:d7:76:6b:78:5d:75:9d:26:
92:a1:ea:38:a2:d4:61:2e:7f:e3:01:12:fa:c9:b8:96:3a:f6:
91:b4:b9:f0:62:29:d8:11:32:7f:c0:2b:2c:69:1c:23:d9:bf:
58:3d:68:2d:a3:cc:3f:da:d6:3c:05:de:da:af:ae:e2:e7:bf:
f7:4a:9c:cd:08:5f:29:47:52:c0:04:2c:5f:1e:ac:d8:61:c3:
78:06:09:25:32:0b:9c:dc:db:35:e2:86:37:69:3c:45:f3:da:
cd:24:6a:f3:ff:b0:4c:0a:45:2c:77:20:5e:62:97:28:5d:4f:
2c:dd:94:53
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVsbulgwp5Xx9zZHUttAT6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzQyMTBjMjg0MTNlMjYyODQ4MjJhYmU4M2FkNmQ3YzBm
NzY0ZmEwHhcNMjMwMTAxMDgyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmYyNzYxNmE4ZDk3MDZlYTlmYmMwNjExZGIwNWVkZGMzZTEzODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojmAYBWb2R79lxyRvgHbKM+7M08T
UWN7Nyg1ggljeuXbi8ERwYJpxuiWxMq3y+f4L04w4yK+fbQsAS/wlUaHPp3TFHWK
zfrhBSgvFq8HRYktOfintsmNrrxZym80rINS9o0oRBzyaEaLugTzmMdyYtNpMqil
c0kuRDDTN5STjX0RwwdCQJ+Kae+aZYPx68WBHvKtfl559uoNljvpwtiDipdVicbi
QKvpdSAOeA/Dvc5zUNt1EIOKpifjvHqkQpNMDKrCvK2i0uJjMuftNZU9jlcPMl/8
8xjV6rXuWXD6E9QfXhyUrn+U8x0lPAPVYGwe1WXYeRWFjgBpvHHfHS6lJwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFvydhao2XBuqfvAYR2wXt3D4ThzMB8GA1UdIwQY
MBaAFDR0IQwoQT4mKEgiq+g61tfA92T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5Yzkt
YjBjNzRiNzZlMTgyLzEvV19KMkZxalpjRzZwLThCaEhiQmUzY1BoT0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5YzktYjBjNzRiNzZlMTgy
LzEvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQBW84UAwQC
uUQsAwQCuaHoMBQEAgACMA4DBQMqBRYAAwUDKgfIgDANBgkqhkiG9w0BAQsFAAOC
AQEAXOQcweGCjpn756PnqrPlg45CEX0sH+lxBx+jln6QwANxgiDU1xbOncLnIZqp
GgA+oZureDUj/LYm0IR9XbExxF2dWV8C1rkkTeRihwatSLeFNydVptXfNrEKECMW
oNeyKcfjkz5X/sRazH1hh4sqClIlbkZvVVsRKpixqbuy5owF0l2EAucNbdd2a3hd
dZ0mkqHqOKLUYS5/4wES+sm4ljr2kbS58GIp2BEyf8ArLGkcI9m/WD1oLaPMP9rW
PAXe2q+u4ue/90qczQhfKUdSwAQsXx6s2GHDeAYJJTILnNzbNeKGN2k8RfPazSRq
8/+wTApFLHcgXmKXKF1PLN2UUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:36 2024 by rpki-client on console-ams.rpki-client.org