Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/waYqMDaHMgAMN80laFSdUqHWNpg.roa
File: waYqMDaHMgAMN80laFSdUqHWNpg.roa (raw, json)
Hash identifier: rMqybTfEoTiSzLR5kxdsx3dUhP7IkMiJiwNShOjMDC0=
Subject key identifier: C1:A6:2A:30:36:87:32:00:0C:37:CD:25:68:54:9D:52:A1:D6:36:98
Certificate issuer: /CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Certificate serial: 018570027399CB5BA8FEAFE28059AD6FFF02
Authority key identifier: 8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/waYqMDaHMgAMN80laFSdUqHWNpg.roa
Signing time: Mon 02 Jan 2023 01:04:46 +0000
ROA not before: Mon 02 Jan 2023 01:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41114
IP address blocks: 45.151.16.0/22 maxlen: 22
147.78.164.0/22 maxlen: 22
193.148.80.0/22 maxlen: 22
45.157.248.0/22 maxlen: 22
185.98.64.0/22 maxlen: 22
62.192.140.0/22 maxlen: 22
213.226.72.0/22 maxlen: 22
2a0a:7980::/32 maxlen: 32
2a0d:e6c0::/32 maxlen: 32
2a09:4380::/32 maxlen: 32
2a09:26c0::/32 maxlen: 32
2a00:7aa0::/32 maxlen: 32
2a0f:d00::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 19 Jan 2023 22:17:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:73:99:cb:5b:a8:fe:af:e2:80:59:ad:6f:ff:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Validity
Not Before: Jan 2 01:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1a62a30368732000c37cd2568549d52a1d63698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:00:f7:43:ff:e4:9b:75:95:ec:f7:1d:e2:2e:
70:5d:3d:44:78:22:49:04:fd:00:b1:9e:2e:48:a3:
f2:4e:9c:83:3f:11:97:d9:4b:5f:67:b0:42:50:dd:
9f:3c:3f:7c:7c:50:45:fe:23:db:79:db:0f:97:17:
f0:af:ff:21:63:f4:6f:47:e4:a9:1c:09:4d:c7:8c:
28:2a:28:ce:e7:1a:16:be:77:00:c4:d5:16:9d:bb:
d9:10:8c:06:c5:6d:46:1d:d4:db:ba:f6:ac:42:38:
30:d9:8a:c6:2e:31:48:ad:9d:99:a8:36:09:f7:90:
3d:ae:2f:63:9a:d9:b5:c4:f4:5a:83:12:05:36:b9:
3f:a2:1f:fd:99:16:cc:72:0a:28:d0:fd:50:59:67:
86:25:43:1a:8e:39:27:fb:15:ef:8d:0f:fc:47:4d:
55:1a:d5:71:fc:4a:36:78:84:4d:c9:ac:57:74:d2:
5e:11:89:f2:19:8a:21:05:94:2b:02:e2:dc:15:56:
f2:06:d6:aa:9f:59:97:02:77:9c:46:3e:16:3a:e7:
c2:70:81:b2:39:b7:ed:f5:89:46:8c:60:71:f2:6b:
5a:4d:ca:7e:21:6c:b8:d9:bf:81:5a:73:88:17:0c:
86:49:a4:3b:10:72:53:67:3a:59:6a:04:77:90:61:
a8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:A6:2A:30:36:87:32:00:0C:37:CD:25:68:54:9D:52:A1:D6:36:98
X509v3 Authority Key Identifier:
keyid:8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/waYqMDaHMgAMN80laFSdUqHWNpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.16.0/22
45.157.248.0/22
62.192.140.0/22
147.78.164.0/22
185.98.64.0/22
193.148.80.0/22
213.226.72.0/22
IPv6:
2a00:7aa0::/32
2a09:26c0::/32
2a09:4380::/32
2a0a:7980::/32
2a0d:e6c0::/32
2a0f:d00::/32
Signature Algorithm: sha256WithRSAEncryption
a0:55:c3:2f:0e:a7:ec:08:f0:f6:d9:72:77:dd:90:b3:17:9b:
68:44:08:c5:66:a6:2b:f5:03:bf:b3:73:a5:7e:f0:2a:dd:e4:
c7:4a:60:4b:e5:f8:8c:ef:d0:46:90:ee:ff:85:9d:d5:e0:29:
13:ca:15:4f:3c:ed:6c:34:82:04:09:77:80:82:00:a6:7b:7c:
0c:c3:c0:a1:09:36:ed:05:73:75:d9:45:59:92:f8:18:65:af:
a9:32:f8:db:7b:3e:e4:78:19:41:fb:91:0b:f4:80:b9:59:59:
31:49:96:a4:e3:fc:d5:3f:dc:2e:9a:01:d8:70:89:b3:ec:59:
07:9b:14:74:18:92:c8:f7:9c:39:5b:36:03:20:21:01:5f:09:
b1:04:50:ed:36:3b:3e:34:57:67:ac:40:a1:42:a0:90:3f:a2:
25:1f:55:d7:ba:96:34:7d:93:36:90:25:4c:2f:7f:05:6e:c9:
57:b4:36:51:bd:ea:a1:31:0c:c4:c3:bd:dd:10:59:dd:ad:cd:
5a:6a:5a:55:9e:df:5a:8b:c0:d8:f5:8c:cb:e6:84:00:52:e8:
97:44:1c:f2:fa:b8:27:ad:34:96:a5:d3:8a:f1:37:76:cf:54:
95:d7:38:13:c4:fa:73:ff:0b:21:1e:9f:78:13:68:76:59:a0:
da:61:4a:f0
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYVwAnOZy1uo/q/igFmtb/8CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGNmMjZmNzQ4NjA1ODhjYWM2YmFlMTdmOTlkZTIyZGJj
NDlhZTYwHhcNMjMwMTAyMDEwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWE2MmEzMDM2ODczMjAwMGMzN2NkMjU2ODU0OWQ1MmExZDYzNjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwD3Q//km3WV7Pcd4i5wXT1EeCJJ
BP0AsZ4uSKPyTpyDPxGX2UtfZ7BCUN2fPD98fFBF/iPbedsPlxfwr/8hY/RvR+Sp
HAlNx4woKijO5xoWvncAxNUWnbvZEIwGxW1GHdTbuvasQjgw2YrGLjFIrZ2ZqDYJ
95A9ri9jmtm1xPRagxIFNrk/oh/9mRbMcgoo0P1QWWeGJUMajjkn+xXvjQ/8R01V
GtVx/Eo2eIRNyaxXdNJeEYnyGYohBZQrAuLcFVbyBtaqn1mXAnecRj4WOufCcIGy
Obft9YlGjGBx8mtaTcp+IWy42b+BWnOIFwyGSaQ7EHJTZzpZagR3kGGo1QIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFMGmKjA2hzIADDfNJWhUnVKh1jaYMB8GA1UdIwQY
MBaAFIzc8m90hgWIysa64X+Z3iLbxJrmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMt
MmZiMjVhYmZkYzUzLzEvd2FZcU1EYUhNZ0FNTjgwbGFGU2RVcUhXTnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMtMmZiMjVhYmZkYzUz
LzEvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDAwBAIAATAqAwQCLZcQAwQC
LZ34AwQCPsCMAwQCk06kAwQCuWJAAwQCwZRQAwQC1eJIMDAEAgACMCoDBQAqAHqg
AwUAKgkmwAMFACoJQ4ADBQAqCnmAAwUAKg3mwAMFACoPDQAwDQYJKoZIhvcNAQEL
BQADggEBAKBVwy8Op+wI8PbZcnfdkLMXm2hECMVmpiv1A7+zc6V+8Crd5MdKYEvl
+Izv0EaQ7v+FndXgKRPKFU887Ww0ggQJd4CCAKZ7fAzDwKEJNu0Fc3XZRVmS+Bhl
r6ky+Nt7PuR4GUH7kQv0gLlZWTFJlqTj/NU/3C6aAdhwibPsWQebFHQYksj3nDlb
NgMgIQFfCbEEUO02Oz40V2esQKFCoJA/oiUfVde6ljR9kzaQJUwvfwVuyVe0NlG9
6qExDMTDvd0QWd2tzVpqWlWe31qLwNj1jMvmhABS6JdEHPL6uCetNJal04rxN3bP
VJXXOBPE+nP/CyEen3gTaHZZoNphSvA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:32 2024 by rpki-client on console-ams.rpki-client.org