Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Wf5SJfU5hs0pLYGRRHPCb221-Kw.roa
File: Wf5SJfU5hs0pLYGRRHPCb221-Kw.roa (raw, json)
Hash identifier: oKvqvz09yfODmq1zHyH+WH8zMLJslzjWh1ogxHWpHLM=
Subject key identifier: 59:FE:52:25:F5:39:86:CD:29:2D:81:91:44:73:C2:6F:6D:B5:F8:AC
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018F9BCE60B90FC8613B9512F4B894EE8A4E
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Wf5SJfU5hs0pLYGRRHPCb221-Kw.roa
Signing time: Tue 21 May 2024 15:39:04 +0000
ROA not before: Tue 21 May 2024 15:39:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60808
IP address blocks: 5.34.208.0/21 maxlen: 21
91.246.49.0/24 maxlen: 24
91.247.177.0/24 maxlen: 24
185.215.246.0/24 maxlen: 24
188.253.12.0/22 maxlen: 22
188.253.96.0/19 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate revoked on Sat 01 Jun 2024 01:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:ce:60:b9:0f:c8:61:3b:95:12:f4:b8:94:ee:8a:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 21 15:39:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59fe5225f53986cd292d81914473c26f6db5f8ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:fb:ad:e3:ae:d9:e9:58:62:44:51:7c:30:da:
43:ae:60:03:71:49:78:15:41:e9:75:2a:c8:aa:d2:
0e:b1:00:cf:f9:48:93:8e:a8:2f:95:ff:eb:2a:da:
c8:03:9d:7d:b4:69:b7:fb:64:53:ca:65:2e:66:95:
c8:a1:ab:18:c1:6c:aa:92:3d:b3:df:37:df:a5:5c:
ee:aa:8c:a5:d9:38:df:04:e2:44:d3:ea:6f:14:68:
2a:2f:53:31:8a:59:01:dd:10:be:7e:2d:dd:b8:3d:
ff:58:d2:d2:4f:52:7d:bb:ab:75:1e:6c:98:bc:88:
79:dd:ac:fe:5c:30:b4:a9:7a:4d:e0:a4:e8:38:0b:
8c:7b:27:04:a8:2d:c5:35:26:67:f9:ea:9f:ea:e6:
1d:66:3a:17:3c:45:2b:4b:17:0b:59:16:14:8e:ae:
bc:60:4c:97:d8:12:5c:9b:f0:b5:04:37:63:3d:c4:
34:79:1f:5c:c3:ff:d8:3d:82:fb:71:78:9f:1c:72:
c5:af:aa:60:42:b4:b8:98:ac:83:a5:fc:ec:8c:e5:
dd:08:6d:6d:b2:bc:06:ac:13:95:fe:af:2d:2e:39:
f1:01:3a:58:38:38:81:63:73:c4:da:aa:0b:ce:e2:
40:e6:bb:2c:db:23:cb:14:1a:5f:8e:03:f2:10:43:
33:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:FE:52:25:F5:39:86:CD:29:2D:81:91:44:73:C2:6F:6D:B5:F8:AC
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Wf5SJfU5hs0pLYGRRHPCb221-Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/21
91.246.49.0/24
91.247.177.0/24
185.215.246.0/24
188.253.12.0/22
188.253.96.0/19
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
0d:6f:c6:7e:aa:33:3a:69:36:7b:bc:de:eb:ec:aa:77:98:6b:
fa:81:4b:ff:c9:d2:8e:04:f6:6d:51:36:e6:a8:38:cb:4a:10:
91:25:02:c9:bd:25:59:3f:d5:c7:f4:c6:81:58:eb:81:c3:73:
d9:c4:44:fd:95:7c:e3:56:f1:c8:b4:f1:fe:e4:f7:0f:d2:b2:
88:73:89:00:fc:30:88:83:32:19:e6:b7:6a:98:24:41:7e:88:
de:31:d4:d3:99:ea:4d:8f:6a:e0:bb:5e:4a:ad:a8:9d:15:11:
36:af:78:fa:7e:b9:a0:e0:ff:ad:aa:f7:c6:32:aa:a6:df:67:
6e:4c:73:c5:2f:27:85:37:e7:9a:d9:b0:a0:58:ec:43:32:f6:
eb:bf:ee:db:d2:cc:eb:0c:4b:a7:9d:ca:c0:a3:ec:da:51:8b:
27:d7:b4:3a:35:95:5a:f6:09:0f:9b:83:47:ad:a8:09:ea:12:
75:a2:53:29:bf:18:c6:d1:45:4c:29:5f:7c:44:ae:e5:49:e6:
00:24:d5:22:41:c0:f2:3c:06:37:0c:75:a1:ec:8b:13:2c:dc:
42:96:c9:2d:7d:22:45:aa:34:0d:d4:7a:b7:fa:a2:60:0d:d4:
f9:fd:8a:8f:03:42:08:dd:18:0d:1e:82:2f:4a:91:81:3b:e9:
d3:64:49:2b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY+bzmC5D8hhO5US9LiU7opOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNTIxMTUzOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWZlNTIyNWY1Mzk4NmNkMjkyZDgxOTE0NDczYzI2ZjZkYjVmOGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9fut467Z6VhiRFF8MNpDrmADcUl4
FUHpdSrIqtIOsQDP+UiTjqgvlf/rKtrIA519tGm3+2RTymUuZpXIoasYwWyqkj2z
3zffpVzuqoyl2TjfBOJE0+pvFGgqL1MxilkB3RC+fi3duD3/WNLST1J9u6t1HmyY
vIh53az+XDC0qXpN4KToOAuMeycEqC3FNSZn+eqf6uYdZjoXPEUrSxcLWRYUjq68
YEyX2BJcm/C1BDdjPcQ0eR9cw//YPYL7cXifHHLFr6pgQrS4mKyDpfzsjOXdCG1t
srwGrBOV/q8tLjnxATpYODiBY3PE2qoLzuJA5rss2yPLFBpfjgPyEEMz0QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFn+UiX1OYbNKS2BkURzwm9ttfisMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvV2Y1U0pmVTVoczBwTFlHUlJIUENiMjIxLUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBSLQAwQA
W/YxAwQAW/exAwQAudf2AwQCvP0MAwQFvP1gMA0EAgACMAcDBQMqBeyAMA0GCSqG
SIb3DQEBCwUAA4IBAQANb8Z+qjM6aTZ7vN7r7Kp3mGv6gUv/ydKOBPZtUTbmqDjL
ShCRJQLJvSVZP9XH9MaBWOuBw3PZxET9lXzjVvHItPH+5PcP0rKIc4kA/DCIgzIZ
5rdqmCRBfojeMdTTmepNj2rgu15KraidFRE2r3j6frmg4P+tqvfGMqqm32duTHPF
LyeFN+ea2bCgWOxDMvbrv+7b0szrDEunncrAo+zaUYsn17Q6NZVa9gkPm4NHragJ
6hJ1olMpvxjG0UVMKV98RK7lSeYAJNUiQcDyPAY3DHWh7IsTLNxClsktfSJFqjQN
1Hq3+qJgDdT5/YqPA0II3RgNHoIvSpGBO+nTZEkr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org