Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wj-jC2rzikKdltLzexcrMlcRyiY.roa
File: wj-jC2rzikKdltLzexcrMlcRyiY.roa (raw, json)
Hash identifier: bahWRf8f4sBaCxVWXl0AeHw/UF5Wx9vcLzrGhuRxTd8=
Subject key identifier: C2:3F:A3:0B:6A:F3:8A:42:9D:96:D2:F3:7B:17:2B:32:57:11:CA:26
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018ADC400E17320A791B2C81EF28A3BB9987
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wj-jC2rzikKdltLzexcrMlcRyiY.roa
Signing time: Thu 28 Sep 2023 14:45:00 +0000
ROA not before: Thu 28 Sep 2023 14:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 193.124.5.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
212.192.212.0/24 maxlen: 24
194.87.143.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.252.0/24 maxlen: 24
212.192.253.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Oct 2023 05:07:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dc:40:0e:17:32:0a:79:1b:2c:81:ef:28:a3:bb:99:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 28 14:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c23fa30b6af38a429d96d2f37b172b325711ca26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f5:98:b0:a4:93:b5:63:83:d7:b6:a1:c7:09:
c7:b4:4b:04:9a:b3:30:d8:9c:08:3f:28:cf:31:9a:
59:1e:38:1b:be:b1:8b:5c:d7:67:f5:73:40:68:39:
b7:a1:27:a6:c8:0a:dd:d0:87:73:39:17:e0:12:11:
de:1c:a4:aa:6d:75:a6:ae:82:16:5b:0d:84:ee:62:
fd:51:48:11:47:f6:fb:63:6c:36:9d:06:f8:c4:06:
17:da:da:12:82:96:29:5e:24:53:72:50:d2:3c:c6:
2e:e6:fc:8d:c2:af:59:cd:81:ba:85:35:95:98:00:
9d:4e:71:c0:16:35:56:45:4c:db:27:e8:db:18:83:
f0:ce:f5:2c:d4:8c:fd:84:b9:ef:93:3e:8c:38:ed:
8e:44:2a:0c:08:e7:ef:91:c4:c2:7f:3f:77:f6:ce:
69:27:51:0d:71:b3:4c:6f:ee:dd:28:02:4d:b1:00:
77:9d:6d:53:e7:d4:a8:7e:5d:eb:a4:d7:83:df:bb:
d6:ec:78:30:26:6a:33:ad:36:83:48:38:29:74:00:
2d:60:6b:9f:8b:77:41:ac:0b:9b:f6:30:7b:45:0e:
bc:33:b2:72:6f:b0:bf:b5:4c:42:60:5e:32:aa:5d:
66:8f:69:a2:e9:88:5b:32:32:7e:74:0b:95:45:ec:
db:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:3F:A3:0B:6A:F3:8A:42:9D:96:D2:F3:7B:17:2B:32:57:11:CA:26
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wj-jC2rzikKdltLzexcrMlcRyiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.5.0/24
194.87.30.0/24
194.87.143.0/24
194.87.221.0/24
195.133.94.0/24
212.192.212.0/24
212.192.215.0/24
212.192.252.0-212.192.254.255
Signature Algorithm: sha256WithRSAEncryption
8c:fc:c9:49:81:be:fc:55:84:c6:4a:a1:5a:9b:34:8e:c1:da:
41:3c:43:1d:e6:f3:33:7f:51:5f:15:d2:ac:90:ae:8b:a6:47:
64:91:a1:5a:37:99:ec:cf:36:b5:d6:e3:b7:0c:c5:15:d0:82:
9e:0b:0a:38:9a:54:d8:7d:df:79:2e:ce:97:32:1b:de:aa:ba:
16:95:12:05:d4:5a:c0:76:a1:53:23:0a:3a:f0:32:c3:9a:ff:
47:9a:99:18:14:ee:1b:64:27:f9:01:5b:90:39:00:21:66:43:
7e:8a:03:22:0a:34:02:8b:16:6a:43:c1:29:76:3e:95:9e:4d:
83:6f:b5:5c:f9:d8:bb:72:38:b5:c2:9c:a0:d6:9e:44:fd:d9:
d7:64:7b:1e:f2:a4:ab:f9:9b:15:65:52:bd:f1:7e:09:6d:ea:
5f:93:5d:5e:18:46:85:02:5b:e0:8b:36:ef:21:e4:4b:fc:2d:
eb:da:4c:d2:a6:66:8c:87:ee:02:f6:bc:06:c0:d3:3c:ad:3d:
a6:e2:f0:8d:8c:3a:fe:17:85:4c:ce:94:11:69:f8:50:83:e5:
9d:fa:6f:49:ea:9e:e5:a0:84:82:4a:f9:c3:6d:38:5a:0d:c5:
c7:b2:6d:cd:eb:4a:b8:93:d8:4a:a5:51:bd:33:fd:1d:c4:89:
9e:3d:23:b0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYrcQA4XMgp5GyyB7yiju5mHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTI4MTQ0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjNmYTMwYjZhZjM4YTQyOWQ5NmQyZjM3YjE3MmIzMjU3MTFjYTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PWYsKSTtWOD17ahxwnHtEsEmrMw
2JwIPyjPMZpZHjgbvrGLXNdn9XNAaDm3oSemyArd0IdzORfgEhHeHKSqbXWmroIW
Ww2E7mL9UUgRR/b7Y2w2nQb4xAYX2toSgpYpXiRTclDSPMYu5vyNwq9ZzYG6hTWV
mACdTnHAFjVWRUzbJ+jbGIPwzvUs1Iz9hLnvkz6MOO2ORCoMCOfvkcTCfz939s5p
J1ENcbNMb+7dKAJNsQB3nW1T59Sofl3rpNeD37vW7HgwJmozrTaDSDgpdAAtYGuf
i3dBrAub9jB7RQ68M7Jyb7C/tUxCYF4yql1mj2mi6YhbMjJ+dAuVRezbzwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMI/owtq84pCnZbS83sXKzJXEcomMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd2otakMycnppa0tkbHRMemV4Y3JNbGNSeWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAwXwFAwQA
wlceAwQAwlePAwQAwlfdAwQAw4VeAwQA1MDUAwQA1MDXMAwDBALUwPwDBADUwP4w
DQYJKoZIhvcNAQELBQADggEBAIz8yUmBvvxVhMZKoVqbNI7B2kE8Qx3m8zN/UV8V
0qyQroumR2SRoVo3mezPNrXW47cMxRXQgp4LCjiaVNh933kuzpcyG96quhaVEgXU
WsB2oVMjCjrwMsOa/0eamRgU7htkJ/kBW5A5ACFmQ36KAyIKNAKLFmpDwSl2PpWe
TYNvtVz52LtyOLXCnKDWnkT92ddkex7ypKv5mxVlUr3xfglt6l+TXV4YRoUCW+CL
Nu8h5Ev8LevaTNKmZoyH7gL2vAbA0zytPabi8I2MOv4XhUzOlBFp+FCD5Z36b0nq
nuWghIJK+cNtOFoNxceybc3rSriT2EqlUb0z/R3EiZ49I7A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:51 2024 by rpki-client on console-ams.rpki-client.org