Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/wfwFErkLmmv63QD6SymJiYgcP3Q.roa
File: wfwFErkLmmv63QD6SymJiYgcP3Q.roa (raw, json)
Hash identifier: f/xy0eLjq9Xvxhqii92Q4Dr8stOd4dZxjFc/OG13rHA=
Subject key identifier: C1:FC:05:12:B9:0B:9A:6B:FA:DD:00:FA:4B:29:89:89:88:1C:3F:74
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187B1ACC21B081202BF2E0B029F12FBDA81
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/wfwFErkLmmv63QD6SymJiYgcP3Q.roa
Signing time: Mon 24 Apr 2023 05:11:41 +0000
ROA not before: Mon 24 Apr 2023 05:11:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 94.156.11.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
94.156.236.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
37.221.121.0/24 maxlen: 24
37.221.122.0/24 maxlen: 24
37.221.123.0/24 maxlen: 24
37.221.120.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 May 2023 13:06:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b1:ac:c2:1b:08:12:02:bf:2e:0b:02:9f:12:fb:da:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 24 05:11:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1fc0512b90b9a6bfadd00fa4b298989881c3f74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:7e:7e:9e:f6:0d:57:87:3d:aa:51:3d:ae:7f:
11:2b:dc:07:f6:0d:7e:fe:9c:68:2d:4e:c5:39:33:
6c:1d:fe:36:f5:42:32:f1:f9:84:09:43:e7:5c:72:
49:77:1c:ed:4c:4a:a4:d7:94:09:04:82:c0:2d:fa:
b6:88:cd:37:ae:70:fa:e0:65:7e:c9:c3:8d:16:99:
66:0f:de:5c:7f:34:48:e2:17:62:a7:5a:af:98:4b:
53:ae:e3:f2:4c:0c:c8:4e:bd:45:f5:c0:97:61:dc:
75:98:52:57:f3:ca:7e:a6:e1:2b:dc:1c:5a:b5:78:
54:86:14:9e:40:de:4e:10:07:08:ad:00:54:81:3b:
82:a8:e1:d1:d2:2c:f3:ea:d5:78:e7:ae:1e:ff:1f:
99:85:ae:d2:c4:d5:6f:f5:40:37:ec:3a:6a:ec:33:
f4:21:32:ef:78:70:69:8f:4e:d5:c8:e1:9c:45:01:
54:62:62:57:4d:fd:e6:ac:68:8b:97:8c:e2:76:a0:
f7:91:75:ea:d3:f2:b6:c9:3e:56:a8:b4:71:81:69:
1d:b8:c6:d3:69:90:1b:f1:52:09:95:49:38:76:d0:
e4:d0:cd:7e:75:ce:6b:ff:9a:cd:3a:87:94:3c:3a:
f7:4f:38:25:6a:cc:54:ad:03:4d:e9:e7:24:a7:5b:
10:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:FC:05:12:B9:0B:9A:6B:FA:DD:00:FA:4B:29:89:89:88:1C:3F:74
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/wfwFErkLmmv63QD6SymJiYgcP3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.81.241.0/24
45.144.153.0/24
94.156.10.0/23
94.156.176.0/24
94.156.236.0/24
94.156.239.0/24
141.98.1.0/24
185.221.64.0/24
193.149.2.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:88:f1:da:cc:b6:35:e2:36:ef:71:d2:0d:ec:e8:21:8b:00:
47:58:4e:3e:ee:b8:6f:bb:ae:b6:f7:b4:a3:a8:44:e7:eb:70:
5d:20:8b:b6:66:92:05:e1:a0:d1:3b:db:a9:c5:20:e9:dc:a5:
10:ff:cb:e9:c6:84:4c:2e:f0:70:b5:2c:c7:16:81:ee:15:11:
99:af:32:70:e8:f6:7a:ee:eb:2a:d9:35:f4:6e:67:bd:38:6e:
85:ec:20:c9:b0:e3:5f:6c:fa:73:65:48:f6:6a:0d:0d:1c:d2:
8c:c5:ba:8d:d8:7f:ac:92:04:31:aa:ff:48:84:c1:da:74:66:
96:ab:39:16:30:a0:7c:82:f7:2f:c0:b1:82:69:52:c4:41:5d:
8b:ba:59:4c:8f:b5:59:8b:39:e0:34:64:ef:b1:01:6d:85:fe:
69:87:73:be:99:48:67:bc:69:c5:c5:f9:51:88:cf:01:8e:f0:
d0:ad:23:be:47:44:3c:86:69:05:ec:8c:49:77:37:d3:bf:70:
b9:d6:1f:62:3f:6d:13:b6:ba:dc:70:af:0d:ce:20:b4:dc:a0:
b1:30:b3:65:3e:f1:5d:a5:28:c2:01:87:a0:4f:d6:97:22:c4:
85:05:50:43:5d:10:2b:33:c2:83:8d:f0:7d:b3:0a:27:5b:25:
41:da:d5:ca
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYexrMIbCBICvy4LAp8S+9qBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDI0MDUxMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWZjMDUxMmI5MGI5YTZiZmFkZDAwZmE0YjI5ODk4OTg4MWMzZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6n5+nvYNV4c9qlE9rn8RK9wH9g1+
/pxoLU7FOTNsHf429UIy8fmECUPnXHJJdxztTEqk15QJBILALfq2iM03rnD64GV+
ycONFplmD95cfzRI4hdip1qvmEtTruPyTAzITr1F9cCXYdx1mFJX88p+puEr3Bxa
tXhUhhSeQN5OEAcIrQBUgTuCqOHR0izz6tV4564e/x+Zha7SxNVv9UA37Dpq7DP0
ITLveHBpj07VyOGcRQFUYmJXTf3mrGiLl4zidqD3kXXq0/K2yT5WqLRxgWkduMbT
aZAb8VIJlUk4dtDk0M1+dc5r/5rNOoeUPDr3TzglasxUrQNN6eckp1sQawIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMH8BRK5C5pr+t0A+kspiYmIHD90MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvd2Z3RkVya0xtbXY2M1FENlN5bUppWWdjUDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCJd14AwQA
LVHxAwQALZCZAwQBXpwKAwQAXpywAwQAXpzsAwQAXpzvAwQAjWIBAwQAud1AAwQB
wZUCMA0GCSqGSIb3DQEBCwUAA4IBAQA+iPHazLY14jbvcdIN7OghiwBHWE4+7rhv
u66297SjqETn63BdIIu2ZpIF4aDRO9upxSDp3KUQ/8vpxoRMLvBwtSzHFoHuFRGZ
rzJw6PZ67usq2TX0bme9OG6F7CDJsONfbPpzZUj2ag0NHNKMxbqN2H+skgQxqv9I
hMHadGaWqzkWMKB8gvcvwLGCaVLEQV2LullMj7VZizngNGTvsQFthf5ph3O+mUhn
vGnFxflRiM8BjvDQrSO+R0Q8hmkF7IxJdzfTv3C51h9iP20TtrrccK8NziC03KCx
MLNlPvFdpSjCAYegT9aXIsSFBVBDXRArM8KDjfB9swonWyVB2tXK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:46 2024 by rpki-client on console-ams.rpki-client.org