Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/eacd48-76ea-4ec7-a141-f5201658fa14/1/w9xGeDK0CfjWP7GBY4feYL25UW0.roa
File: w9xGeDK0CfjWP7GBY4feYL25UW0.roa (raw, json)
Hash identifier: QIgQiSp5vc++jau2LNoqaBdjzNx0I47+8Ouow5xCaUo=
Subject key identifier: C3:DC:46:78:32:B4:09:F8:D6:3F:B1:81:63:87:DE:60:BD:B9:51:6D
Certificate issuer: /CN=43acc2f2be1a36b089216544d23c95ace232e143
Certificate serial: 0186A80E15186DAAE1830BB136885696821F
Authority key identifier: 43:AC:C2:F2:BE:1A:36:B0:89:21:65:44:D2:3C:95:AC:E2:32:E1:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q6zC8r4aNrCJIWVE0jyVrOIy4UM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/eacd48-76ea-4ec7-a141-f5201658fa14/1/w9xGeDK0CfjWP7GBY4feYL25UW0.roa
Signing time: Fri 03 Mar 2023 15:19:00 +0000
ROA not before: Fri 03 Mar 2023 15:19:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57154
IP address blocks: 185.80.168.0/22 maxlen: 24
5.10.8.0/21 maxlen: 24
185.36.44.0/22 maxlen: 24
213.152.96.0/19 maxlen: 24
88.133.248.0/21 maxlen: 24
31.47.80.0/21 maxlen: 24
2a03:80::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a8:0e:15:18:6d:aa:e1:83:0b:b1:36:88:56:96:82:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43acc2f2be1a36b089216544d23c95ace232e143
Validity
Not Before: Mar 3 15:19:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3dc467832b409f8d63fb1816387de60bdb9516d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:5b:51:ef:2c:1d:43:41:d1:0c:a4:a1:d4:15:
af:d2:29:93:c6:11:c2:f2:13:83:b9:79:01:d1:c0:
07:68:59:05:80:28:0e:6e:7f:5c:cb:7e:c1:24:12:
0c:b7:ec:1a:f0:dd:37:a2:57:e9:ad:d9:5a:af:c3:
31:c9:3c:ed:5d:61:31:a2:f0:8d:0e:cc:10:91:9f:
02:b4:e6:6a:bc:26:00:40:d9:e4:bc:57:57:34:97:
61:67:73:82:90:9b:0a:48:91:d8:4f:9b:97:7a:71:
02:ad:d6:62:64:fc:88:b6:07:1d:bc:07:f6:5c:09:
40:66:1a:d3:6e:63:37:ab:fa:c8:e8:de:87:b2:f5:
2e:9a:82:15:f0:2f:37:9f:70:dc:41:6c:d4:c9:e4:
5b:de:b5:96:23:da:9a:f1:38:c9:07:4f:1c:56:54:
4a:f8:0e:2f:30:d0:f1:ef:86:fc:72:c9:57:82:be:
5a:f2:f0:8f:b7:1e:2e:3f:09:5b:04:83:8e:65:87:
fa:9f:5a:71:6d:0e:96:9f:52:00:1a:61:7e:60:ef:
5a:c6:d2:be:56:d3:ee:32:82:29:c2:0c:95:2d:03:
4b:d9:a5:49:81:f8:1a:3b:0c:2a:f6:64:01:49:ef:
9c:6c:16:f3:89:35:25:64:fd:ca:1b:8e:ab:35:42:
d3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:DC:46:78:32:B4:09:F8:D6:3F:B1:81:63:87:DE:60:BD:B9:51:6D
X509v3 Authority Key Identifier:
keyid:43:AC:C2:F2:BE:1A:36:B0:89:21:65:44:D2:3C:95:AC:E2:32:E1:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q6zC8r4aNrCJIWVE0jyVrOIy4UM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/eacd48-76ea-4ec7-a141-f5201658fa14/1/w9xGeDK0CfjWP7GBY4feYL25UW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/eacd48-76ea-4ec7-a141-f5201658fa14/1/Q6zC8r4aNrCJIWVE0jyVrOIy4UM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.8.0/21
31.47.80.0/21
88.133.248.0/21
185.36.44.0/22
185.80.168.0/22
213.152.96.0/19
IPv6:
2a03:80::/32
Signature Algorithm: sha256WithRSAEncryption
c7:96:45:6b:99:38:7d:c4:91:76:04:11:3c:39:bc:96:49:10:
e7:02:50:e9:4b:2f:fd:64:c7:37:5c:7a:a9:b4:7e:db:80:4b:
d4:8c:bb:9b:77:4e:a8:50:95:e0:a9:f0:31:26:51:99:22:2b:
d5:64:da:22:be:fa:ce:68:b6:61:22:4e:81:28:ed:f6:50:ee:
6c:5b:93:99:99:25:d8:4f:1e:8a:8e:95:77:0b:c4:55:12:83:
9a:04:b8:89:c2:22:dc:44:55:46:66:50:2c:4f:4c:64:c2:13:
2f:f4:ba:65:4b:bc:45:e9:28:7d:20:23:e3:91:15:7b:47:37:
24:da:7c:9f:f9:03:98:d6:9e:e4:55:05:19:dc:76:af:77:17:
2b:a2:9c:78:1a:5c:21:86:97:0b:b0:bf:ae:15:1b:eb:5d:f5:
d7:d3:fd:a9:15:82:a7:14:a3:fd:7a:71:d3:af:5b:cd:a7:a2:
41:53:97:6f:1b:3f:e3:05:c8:78:24:6a:f6:1c:33:86:36:88:
9d:12:55:6c:b4:9f:d7:99:2b:03:b3:b8:9a:e0:22:04:ab:63:
ad:55:46:d3:01:26:65:15:d5:5a:97:08:3e:9a:cc:bd:67:77:
2f:ac:ac:e8:41:48:30:de:75:fc:8b:01:91:ec:60:d0:bb:82:
73:a5:08:ba
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYaoDhUYbarhgwuxNohWloIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYWNjMmYyYmUxYTM2YjA4OTIxNjU0NGQyM2M5NWFjZTIz
MmUxNDMwHhcNMjMwMzAzMTUxOTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2RjNDY3ODMyYjQwOWY4ZDYzZmIxODE2Mzg3ZGU2MGJkYjk1MTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVtR7ywdQ0HRDKSh1BWv0imTxhHC
8hODuXkB0cAHaFkFgCgObn9cy37BJBIMt+wa8N03olfprdlar8MxyTztXWExovCN
DswQkZ8CtOZqvCYAQNnkvFdXNJdhZ3OCkJsKSJHYT5uXenECrdZiZPyItgcdvAf2
XAlAZhrTbmM3q/rI6N6HsvUumoIV8C83n3DcQWzUyeRb3rWWI9qa8TjJB08cVlRK
+A4vMNDx74b8cslXgr5a8vCPtx4uPwlbBIOOZYf6n1pxbQ6Wn1IAGmF+YO9axtK+
VtPuMoIpwgyVLQNL2aVJgfgaOwwq9mQBSe+cbBbziTUlZP3KG46rNULT4wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMPcRngytAn41j+xgWOH3mC9uVFtMB8GA1UdIwQY
MBaAFEOswvK+GjawiSFlRNI8laziMuFDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTZ6QzhyNGFOckNKSVdWRTBqeVZyT0l5NFVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9lYWNkNDgtNzZlYS00ZWM3LWExNDEt
ZjUyMDE2NThmYTE0LzEvdzl4R2VESzBDZmpXUDdHQlk0ZmVZTDI1VVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9lYWNkNDgtNzZlYS00ZWM3LWExNDEtZjUyMDE2NThmYTE0
LzEvUTZ6QzhyNGFOckNKSVdWRTBqeVZyT0l5NFVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBQoIAwQD
Hy9QAwQDWIX4AwQCuSQsAwQCuVCoAwQF1ZhgMA0EAgACMAcDBQAqAwCAMA0GCSqG
SIb3DQEBCwUAA4IBAQDHlkVrmTh9xJF2BBE8ObyWSRDnAlDpSy/9ZMc3XHqptH7b
gEvUjLubd06oUJXgqfAxJlGZIivVZNoivvrOaLZhIk6BKO32UO5sW5OZmSXYTx6K
jpV3C8RVEoOaBLiJwiLcRFVGZlAsT0xkwhMv9LplS7xF6Sh9ICPjkRV7Rzck2nyf
+QOY1p7kVQUZ3Havdxcropx4GlwhhpcLsL+uFRvrXfXX0/2pFYKnFKP9enHTr1vN
p6JBU5dvGz/jBch4JGr2HDOGNoidElVstJ/XmSsDs7ia4CIEq2OtVUbTASZlFdVa
lwg+msy9Z3cvrKzoQUgw3nX8iwGR7GDQu4JzpQi6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:42 2024 by rpki-client on console-ams.rpki-client.org