Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WIGSfassf2vJEpwx1ipEolgvg30.roa
File: WIGSfassf2vJEpwx1ipEolgvg30.roa (raw, json)
Hash identifier: Qdu4fdYmFe6mamx5ArANv6j7g8UbquXIg+wrmbecpzU=
Subject key identifier: 58:81:92:7D:AB:2C:7F:6B:C9:12:9C:31:D6:2A:44:A2:58:2F:83:7D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188816E09558A60BE673ABA3435CDCF97EA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WIGSfassf2vJEpwx1ipEolgvg30.roa
Signing time: Sat 03 Jun 2023 13:24:12 +0000
ROA not before: Sat 03 Jun 2023 13:24:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198652
IP address blocks: 194.87.108.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jul 2023 10:27:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:81:6e:09:55:8a:60:be:67:3a:ba:34:35:cd:cf:97:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 3 13:24:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5881927dab2c7f6bc9129c31d62a44a2582f837d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8f:af:ea:53:7e:ad:4d:62:27:f8:0d:69:36:
79:35:ee:76:fc:7b:f5:73:8d:3a:54:f1:1d:4d:9a:
c7:e4:fd:4a:89:0f:0a:8f:fd:5d:a1:59:7a:d6:a4:
72:7e:00:23:62:1f:a5:a9:19:1b:4b:34:d4:c2:bf:
d1:25:d9:ec:7e:80:56:e0:ce:dd:7e:e8:31:4a:f3:
b5:86:e6:0c:70:f6:33:29:df:84:51:6c:48:f6:76:
51:45:bd:04:5a:5a:9f:aa:c9:7e:a8:fd:7c:4c:4d:
72:37:65:b2:77:ee:ae:23:ba:4a:87:8d:e1:4d:5b:
20:85:02:58:f0:f3:71:81:15:fb:cf:2d:14:e0:5d:
7d:24:8a:d7:2e:29:45:5a:f3:ec:c9:18:92:9f:57:
77:15:29:0c:40:9c:10:2e:80:90:4b:c5:1e:88:cd:
dd:32:10:36:44:f1:30:ec:7a:48:c8:97:30:20:e9:
35:92:f4:4d:2e:16:91:3a:4b:20:46:c1:dd:49:4e:
19:60:ca:bc:44:8f:04:47:e0:ff:37:53:f0:34:e3:
7b:06:c7:b2:35:f5:00:0c:a7:4f:09:19:a8:c5:fa:
2e:c1:ea:1a:16:67:71:b8:e2:85:26:09:0f:e1:0a:
72:9c:22:48:26:a9:c6:37:04:6f:d0:d6:a2:40:49:
bf:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:81:92:7D:AB:2C:7F:6B:C9:12:9C:31:D6:2A:44:A2:58:2F:83:7D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WIGSfassf2vJEpwx1ipEolgvg30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.108.0/24
194.87.117.0/24
212.193.5.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:5f:da:c9:b0:a7:9a:91:b9:fc:4f:e0:61:60:4b:97:21:03:
71:bd:3a:66:c5:3b:66:d2:10:0b:71:12:12:ec:08:53:9d:fb:
98:23:05:7a:4a:e9:a3:41:28:2a:9c:2e:85:a3:b3:75:fb:96:
b6:bd:e0:31:5b:64:b4:a0:f8:fc:c1:1e:00:5c:de:67:5e:e2:
65:c8:4b:71:b8:cf:c0:09:49:f5:76:04:95:6f:bc:d5:86:56:
56:cf:c9:06:8b:20:d7:dc:a8:3d:60:42:24:00:3b:d9:df:67:
9d:d2:7b:74:9a:5a:a8:75:16:9b:21:55:18:dd:12:c4:b8:c3:
6f:b8:a9:e5:98:6a:23:7e:93:d1:e4:50:85:26:a5:83:af:47:
59:26:db:01:40:01:d9:79:e3:72:fb:67:51:f6:36:cc:a3:df:
92:a0:e5:b6:9d:a1:a9:04:8f:e5:47:5a:2c:48:06:e2:4c:a0:
3f:97:ce:ab:a5:35:95:ca:9d:ad:19:07:e4:8b:8c:cf:34:6c:
e5:20:37:a4:91:64:06:f9:f0:2d:04:c4:cc:32:c2:42:e4:aa:
a5:aa:bc:f5:ab:20:37:b5:d1:55:f2:e1:82:2a:66:3c:27:01:
73:94:33:97:2f:8a:82:82:ed:a1:2a:74:34:e7:ce:74:59:c6:
c5:f9:a0:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiBbglVimC+Zzq6NDXNz5fqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjAzMTMyNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODgxOTI3ZGFiMmM3ZjZiYzkxMjljMzFkNjJhNDRhMjU4MmY4MzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0o+v6lN+rU1iJ/gNaTZ5Ne52/Hv1
c406VPEdTZrH5P1KiQ8Kj/1doVl61qRyfgAjYh+lqRkbSzTUwr/RJdnsfoBW4M7d
fugxSvO1huYMcPYzKd+EUWxI9nZRRb0EWlqfqsl+qP18TE1yN2Wyd+6uI7pKh43h
TVsghQJY8PNxgRX7zy0U4F19JIrXLilFWvPsyRiSn1d3FSkMQJwQLoCQS8UeiM3d
MhA2RPEw7HpIyJcwIOk1kvRNLhaROksgRsHdSU4ZYMq8RI8ER+D/N1PwNON7Bsey
NfUADKdPCRmoxfouweoaFmdxuOKFJgkP4QpynCJIJqnGNwRv0NaiQEm/eQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFiBkn2rLH9ryRKcMdYqRKJYL4N9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvV0lHU2Zhc3NmMnZKRXB3eDFpcEVvbGd2ZzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwldsAwQA
wld1AwQA1MEFMA0GCSqGSIb3DQEBCwUAA4IBAQAcX9rJsKeakbn8T+BhYEuXIQNx
vTpmxTtm0hALcRIS7AhTnfuYIwV6SumjQSgqnC6Fo7N1+5a2veAxW2S0oPj8wR4A
XN5nXuJlyEtxuM/ACUn1dgSVb7zVhlZWz8kGiyDX3Kg9YEIkADvZ32ed0nt0mlqo
dRabIVUY3RLEuMNvuKnlmGojfpPR5FCFJqWDr0dZJtsBQAHZeeNy+2dR9jbMo9+S
oOW2naGpBI/lR1osSAbiTKA/l86rpTWVyp2tGQfki4zPNGzlIDekkWQG+fAtBMTM
MsJC5Kqlqrz1qyA3tdFV8uGCKmY8JwFzlDOXL4qCgu2hKnQ05850WcbF+aAc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:18 2024 by rpki-client on console-fra.rpki-client.org