Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/_WYKKfuWRXjEoGsagSgP5_8eS90.roa
File: _WYKKfuWRXjEoGsagSgP5_8eS90.roa (raw, json)
Hash identifier: MVwkvj4SJg9S73GAGVAH9p3Bqh8HXoo4jTxm9uuLrnQ=
Subject key identifier: FD:66:0A:29:FB:96:45:78:C4:A0:6B:1A:81:28:0F:E7:FF:1E:4B:DD
Certificate issuer: /CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Certificate serial: 018571D794B20FEEED27F242040715CD7F90
Authority key identifier: A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/_WYKKfuWRXjEoGsagSgP5_8eS90.roa
Signing time: Mon 02 Jan 2023 09:37:11 +0000
ROA not before: Mon 02 Jan 2023 09:37:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39686
IP address blocks: 144.178.192.0/19 maxlen: 24
144.178.224.0/20 maxlen: 24
185.184.204.0/22 maxlen: 24
144.178.96.0/21 maxlen: 24
45.11.164.0/22 maxlen: 24
144.178.112.0/22 maxlen: 24
144.178.120.0/21 maxlen: 24
93.95.248.0/21 maxlen: 24
144.178.240.0/21 maxlen: 24
89.20.160.0/19 maxlen: 24
144.178.64.0/19 maxlen: 24
2a01:9bc0::/29 maxlen: 48
2a02:fe8::/32 maxlen: 48
2a02:fe9::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 20 Feb 2023 14:36:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:94:b2:0f:ee:ed:27:f2:42:04:07:15:cd:7f:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Validity
Not Before: Jan 2 09:37:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd660a29fb964578c4a06b1a81280fe7ff1e4bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:27:93:6b:ef:43:d9:ca:fc:52:d5:b3:53:07:
27:39:8f:f0:6c:bd:cf:8e:4d:27:84:72:ba:5e:5c:
f8:a2:80:c5:a5:e7:65:d9:ac:89:e0:c7:a9:67:fc:
34:f7:ec:9c:07:bc:89:61:84:72:33:1c:71:2b:f0:
69:33:23:df:a0:18:f2:fd:16:8d:bf:49:06:cd:35:
a6:9f:90:52:83:92:c0:92:4e:d2:d3:76:7f:e0:02:
23:01:db:21:bd:84:ae:59:32:92:c8:58:9f:aa:b0:
38:18:e8:38:23:d5:55:17:7e:83:83:98:aa:34:07:
74:c4:d0:73:ac:3b:e3:3f:5d:fc:97:72:a3:8f:99:
09:fa:11:c9:95:69:90:b5:8b:67:23:69:5b:7e:eb:
e2:c9:18:99:ae:db:36:80:70:f5:e6:78:5b:49:48:
8b:14:93:6b:30:83:b4:23:fd:98:7a:cc:24:e1:9c:
15:f5:9c:9e:8a:de:e5:42:50:d0:27:b1:60:ea:29:
5c:f8:73:e0:6b:ac:a2:e4:46:a1:9e:c3:06:4e:ed:
c9:78:1c:2d:88:ce:81:d7:f9:2d:45:c4:42:ed:36:
9a:8c:61:35:10:7f:11:9b:55:23:09:09:c4:26:84:
7d:6f:ce:ef:37:a9:67:f2:e8:7b:e4:7b:77:69:25:
23:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:66:0A:29:FB:96:45:78:C4:A0:6B:1A:81:28:0F:E7:FF:1E:4B:DD
X509v3 Authority Key Identifier:
keyid:A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/_WYKKfuWRXjEoGsagSgP5_8eS90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/qGWA4YrW_43JQr6IPBbei3MflgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.164.0/22
89.20.160.0/19
93.95.248.0/21
144.178.64.0-144.178.103.255
144.178.112.0/22
144.178.120.0/21
144.178.192.0-144.178.247.255
185.184.204.0/22
IPv6:
2a01:9bc0::/29
2a02:fe8::/31
Signature Algorithm: sha256WithRSAEncryption
98:d8:42:a0:d6:a8:91:1d:ca:25:ae:d1:3c:3e:ad:f6:54:3c:
0f:59:0b:ea:e1:4a:97:f8:0d:2a:13:dc:1d:fd:e0:c7:8f:06:
36:f0:18:89:31:d4:76:7f:50:3c:1e:1d:17:9f:32:32:56:4f:
cd:16:05:a3:92:d0:b9:0b:32:da:81:ff:df:e6:14:35:76:07:
18:32:5c:4a:ad:9e:d9:0a:c8:34:18:1a:86:53:dd:8b:12:6c:
c7:96:0a:2d:ba:74:44:2c:75:d9:ed:80:88:f0:1c:8f:20:24:
11:b0:11:dd:a3:27:72:dc:30:5e:05:2f:c6:86:bc:39:2a:dc:
99:d7:ba:98:8c:4a:4d:ca:9e:fe:96:05:79:7a:d3:27:66:4f:
6a:a9:af:e9:d1:2a:7d:76:3d:bf:a2:78:80:7d:15:07:a7:df:
2a:3e:e2:a5:9c:57:8a:2e:f4:2f:e4:50:49:78:b1:87:f1:32:
65:46:43:ec:26:a3:52:ba:17:d3:40:f4:48:80:a8:03:e4:d9:
92:db:2e:07:d2:b2:b5:b8:d5:f1:06:91:e7:45:10:38:99:c2:
a2:f2:9c:67:2b:6f:ee:7a:22:c8:2f:e1:97:6d:2c:82:26:98:
99:b2:d0:d3:a7:72:e4:d2:c0:79:3e:5e:16:3b:8c:15:85:25:
e1:7b:aa:98
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYVx15SyD+7tJ/JCBAcVzX+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjU4MGUxOGFkNmZmOGRjOTQyYmU4ODNjMTZkZThiNzMx
Zjk2MDUwHhcNMjMwMTAyMDkzNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDY2MGEyOWZiOTY0NTc4YzRhMDZiMWE4MTI4MGZlN2ZmMWU0YmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyeTa+9D2cr8UtWzUwcnOY/wbL3P
jk0nhHK6Xlz4ooDFpedl2ayJ4MepZ/w09+ycB7yJYYRyMxxxK/BpMyPfoBjy/RaN
v0kGzTWmn5BSg5LAkk7S03Z/4AIjAdshvYSuWTKSyFifqrA4GOg4I9VVF36Dg5iq
NAd0xNBzrDvjP138l3Kjj5kJ+hHJlWmQtYtnI2lbfuviyRiZrts2gHD15nhbSUiL
FJNrMIO0I/2Yeswk4ZwV9Zyeit7lQlDQJ7Fg6ilc+HPga6yi5EahnsMGTu3JeBwt
iM6B1/ktRcRC7TaajGE1EH8Rm1UjCQnEJoR9b87vN6ln8uh75Ht3aSUjKQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFP1mCin7lkV4xKBrGoEoD+f/HkvdMB8GA1UdIwQY
MBaAFKhlgOGK1v+NyUK+iDwW3otzH5YFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEt
MjM2ZTkyZmM2YTU5LzEvX1dZS0tmdVdSWGpFb0dzYWdTZ1A1XzhlUzkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEtMjM2ZTkyZmM2YTU5
LzEvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBGBAIAATBAAwQCLQukAwQF
WRSgAwQDXV/4MAwDBAaQskADBAOQsmADBAKQsnADBAOQsngwDAMEBpCywAMEA5Cy
8AMEArm4zDAUBAIAAjAOAwUDKgGbwAMFASoCD+gwDQYJKoZIhvcNAQELBQADggEB
AJjYQqDWqJEdyiWu0Tw+rfZUPA9ZC+rhSpf4DSoT3B394MePBjbwGIkx1HZ/UDwe
HRefMjJWT80WBaOS0LkLMtqB/9/mFDV2BxgyXEqtntkKyDQYGoZT3YsSbMeWCi26
dEQsddntgIjwHI8gJBGwEd2jJ3LcMF4FL8aGvDkq3JnXupiMSk3Knv6WBXl60ydm
T2qpr+nRKn12Pb+ieIB9FQen3yo+4qWcV4ou9C/kUEl4sYfxMmVGQ+wmo1K6F9NA
9EiAqAPk2ZLbLgfSsrW41fEGkedFEDiZwqLynGcrb+56Isgv4ZdtLIImmJmy0NOn
cuTSwHk+XhY7jBWFJeF7qpg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:20 2024 by rpki-client on console-fra.rpki-client.org