Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/WDrmkD9zXO_6578FywhLwn0tA44.roa
File: WDrmkD9zXO_6578FywhLwn0tA44.roa (raw, json)
Hash identifier: zIOgmpCxBAHTwlgaabGlmMuJM48nhZP2QXetRa8En2o=
Subject key identifier: 58:3A:E6:90:3F:73:5C:EF:FA:E7:BF:05:CB:08:4B:C2:7D:2D:03:8E
Certificate issuer: /CN=617252ebbb33484adcec7405adea4de08a0afb04
Certificate serial: 018734215CCA200F7107732C0ED332D692E5
Authority key identifier: 61:72:52:EB:BB:33:48:4A:DC:EC:74:05:AD:EA:4D:E0:8A:0A:FB:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/WDrmkD9zXO_6578FywhLwn0tA44.roa
Signing time: Thu 30 Mar 2023 20:06:54 +0000
ROA not before: Thu 30 Mar 2023 20:06:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41608
IP address blocks: 185.213.175.0/24 maxlen: 24
185.213.174.0/24 maxlen: 24
88.151.32.0/22 maxlen: 24
195.170.165.0/24 maxlen: 24
195.170.172.0/24 maxlen: 24
185.213.172.0/24 maxlen: 24
185.213.172.0/23 maxlen: 23
2a0b:8bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:34:21:5c:ca:20:0f:71:07:73:2c:0e:d3:32:d6:92:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=617252ebbb33484adcec7405adea4de08a0afb04
Validity
Not Before: Mar 30 20:06:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=583ae6903f735ceffae7bf05cb084bc27d2d038e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:03:bb:06:97:0a:5a:62:96:1b:a8:b5:b9:9f:
64:5a:de:7b:a3:cd:9f:cd:d8:62:8c:77:62:75:1d:
ff:28:5b:3c:ab:f0:64:57:1d:33:9e:f8:4f:28:ed:
37:02:d3:84:01:f7:cc:e7:df:24:f3:b3:b8:3d:c7:
8c:95:55:5e:63:8e:29:40:6a:b8:8d:e5:75:13:ed:
ee:c6:bc:a9:ae:eb:2d:f5:10:d0:42:25:a9:72:fc:
f7:61:6b:0b:ce:d3:09:cc:5e:d1:80:e3:91:53:47:
1d:06:40:bf:66:20:f3:88:fd:75:3c:3f:15:70:39:
b2:cb:a4:50:51:13:9e:d2:af:5a:4a:a3:83:4e:a9:
0b:98:57:cf:c5:7d:87:1d:71:62:86:3e:bc:49:e2:
43:fa:49:dc:84:60:7f:8b:46:19:40:2b:59:cd:82:
67:5c:7b:b4:ab:24:31:11:61:2f:8a:51:06:d8:5b:
52:92:d9:32:b3:69:c6:7b:9e:5f:8e:52:86:90:52:
b5:73:c4:4e:79:c0:13:c0:d8:9d:4d:f8:05:ce:e5:
86:b8:2c:b1:fc:99:d9:9a:b6:67:fe:a8:b8:c3:83:
96:20:70:b3:1f:e8:81:ac:27:72:df:78:61:e3:d4:
34:7d:2d:da:73:7d:a7:fc:7b:9d:43:70:14:89:21:
e0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:3A:E6:90:3F:73:5C:EF:FA:E7:BF:05:CB:08:4B:C2:7D:2D:03:8E
X509v3 Authority Key Identifier:
keyid:61:72:52:EB:BB:33:48:4A:DC:EC:74:05:AD:EA:4D:E0:8A:0A:FB:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/WDrmkD9zXO_6578FywhLwn0tA44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/YXJS67szSErc7HQFrepN4IoK-wQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.32.0/22
185.213.172.0/22
195.170.165.0/24
195.170.172.0/24
IPv6:
2a0b:8bc0::/29
Signature Algorithm: sha256WithRSAEncryption
11:50:63:50:cf:f1:de:e6:8f:e4:cf:17:cc:e3:c6:86:ca:42:
18:03:d0:a9:bc:6f:c9:4e:fa:1a:b9:70:cd:7a:c7:5b:22:65:
2b:dc:63:ff:29:d0:3f:bb:4d:48:9a:5a:d1:28:8e:04:a9:fe:
43:f2:2e:25:8b:a2:c1:d5:8a:15:af:89:97:b0:35:8e:45:a9:
5a:d6:a7:61:3c:ef:81:39:87:2b:e6:10:82:e4:88:d3:31:bc:
da:71:a4:27:80:04:2a:0b:69:fe:00:54:03:dc:47:01:0d:ef:
ab:18:90:23:b0:1a:12:6c:ff:8e:f0:1f:24:72:4a:76:41:eb:
e6:48:7d:8c:3f:c3:ce:a2:aa:b4:1c:ba:34:b0:ea:73:3b:90:
c0:9b:09:f8:0f:e4:02:6b:e8:02:1e:21:7c:f6:b2:a6:d1:98:
e6:90:79:d9:4e:4f:5c:06:e9:0d:f4:af:45:90:76:1e:cc:5d:
ae:e2:fc:7d:3c:21:ec:b2:c5:e4:1c:aa:dd:39:41:85:5a:77:
b0:56:79:ac:29:58:29:1e:e6:61:77:aa:a0:ac:2b:93:0b:04:
1c:2b:5a:0b:49:8a:10:ac:5b:87:bd:0b:2f:79:22:00:05:87:
81:89:7d:3c:45:59:07:fa:b5:bc:a7:5c:19:74:6b:92:9f:b1:
c5:59:cb:4a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYc0IVzKIA9xB3MsDtMy1pLlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNzI1MmViYmIzMzQ4NGFkY2VjNzQwNWFkZWE0ZGUwOGEw
YWZiMDQwHhcNMjMwMzMwMjAwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODNhZTY5MDNmNzM1Y2VmZmFlN2JmMDVjYjA4NGJjMjdkMmQwMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgO7BpcKWmKWG6i1uZ9kWt57o82f
zdhijHdidR3/KFs8q/BkVx0znvhPKO03AtOEAffM598k87O4PceMlVVeY44pQGq4
jeV1E+3uxryprust9RDQQiWpcvz3YWsLztMJzF7RgOORU0cdBkC/ZiDziP11PD8V
cDmyy6RQUROe0q9aSqODTqkLmFfPxX2HHXFihj68SeJD+knchGB/i0YZQCtZzYJn
XHu0qyQxEWEvilEG2FtSktkys2nGe55fjlKGkFK1c8ROecATwNidTfgFzuWGuCyx
/JnZmrZn/qi4w4OWIHCzH+iBrCdy33hh49Q0fS3ac32n/HudQ3AUiSHgPwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFg65pA/c1zv+ue/BcsIS8J9LQOOMB8GA1UdIwQY
MBaAFGFyUuu7M0hK3Ox0Ba3qTeCKCvsEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVhKUzY3c3pTRXJjN0hRRnJlcE40SW9LLXdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8zN2E5M2ItODdiNS00OTk1LTllOGMt
NjYzNWRlYmMzOTVjLzEvV0RybWtEOXpYT182NTc4Rnl3aEx3bjB0QTQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8zN2E5M2ItODdiNS00OTk1LTllOGMtNjYzNWRlYmMzOTVj
LzEvWVhKUzY3c3pTRXJjN0hRRnJlcE40SW9LLXdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCWJcgAwQC
udWsAwQAw6qlAwQAw6qsMA0EAgACMAcDBQMqC4vAMA0GCSqGSIb3DQEBCwUAA4IB
AQARUGNQz/He5o/kzxfM48aGykIYA9CpvG/JTvoauXDNesdbImUr3GP/KdA/u01I
mlrRKI4Eqf5D8i4li6LB1YoVr4mXsDWORala1qdhPO+BOYcr5hCC5IjTMbzacaQn
gAQqC2n+AFQD3EcBDe+rGJAjsBoSbP+O8B8kckp2QevmSH2MP8POoqq0HLo0sOpz
O5DAmwn4D+QCa+gCHiF89rKm0ZjmkHnZTk9cBukN9K9FkHYezF2u4vx9PCHsssXk
HKrdOUGFWnewVnmsKVgpHuZhd6qgrCuTCwQcK1oLSYoQrFuHvQsveSIABYeBiX08
RVkH+rW8p1wZdGuSn7HFWctK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:48 2024 by rpki-client on console-fra.rpki-client.org