Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/WocuLGoprR2_4XabPc_Hjq_BM7c.roa
File: WocuLGoprR2_4XabPc_Hjq_BM7c.roa (raw, json)
Hash identifier: eYafITyncedcflUtP+PtxHeUzPbl5niNQymTJLbUBUg=
Subject key identifier: 5A:87:2E:2C:6A:29:AD:1D:BF:E1:76:9B:3D:CF:C7:8E:AF:C1:33:B7
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 0185F30C4E374172BACB099A9957AAA2B774
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/WocuLGoprR2_4XabPc_Hjq_BM7c.roa
Signing time: Fri 27 Jan 2023 11:45:48 +0000
ROA not before: Fri 27 Jan 2023 11:45:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200313
IP address blocks: 185.232.52.0/24 maxlen: 24
195.43.147.0/24 maxlen: 24
185.212.130.0/24 maxlen: 24
185.212.131.0/24 maxlen: 24
185.212.128.0/23 maxlen: 23
2a0d:1640::/32 maxlen: 32
2a0d:63c0::/32 maxlen: 32
2a0d:1643::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 16 Feb 2023 10:44:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:0c:4e:37:41:72:ba:cb:09:9a:99:57:aa:a2:b7:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jan 27 11:45:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a872e2c6a29ad1dbfe1769b3dcfc78eafc133b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:38:83:d0:83:60:47:f1:3b:09:fd:8c:f6:43:
95:d7:fb:90:70:5d:b3:b1:9e:4e:38:eb:91:64:33:
7f:b9:b1:5a:68:55:24:87:59:35:42:35:31:f3:18:
5e:15:cf:99:a3:4b:82:15:a5:50:c5:8a:83:05:c8:
32:fb:a6:30:e5:a9:46:09:20:c3:af:b1:ce:de:88:
22:e3:d3:b4:1a:70:74:52:b2:17:e6:2c:6c:6f:a4:
67:b0:9f:28:93:3c:05:8a:f9:2d:8c:c1:02:2e:ac:
2a:26:a1:cd:fa:b6:9e:4a:fc:69:06:14:67:ab:a1:
3a:60:44:42:08:68:ee:c7:3e:01:6b:44:8c:e1:99:
59:3c:93:60:33:34:e8:27:9b:9a:b0:0f:a7:75:52:
cd:8d:d6:40:d8:2c:7a:0d:4f:20:27:30:cf:9e:a2:
90:8a:c2:10:2e:8e:ec:9d:6c:e1:80:bf:15:5c:2e:
3a:3d:f7:46:5a:b2:45:9c:93:fc:b6:40:a4:d5:eb:
33:69:e5:3d:85:1d:41:b1:e1:69:a3:9d:15:a2:ea:
be:9d:e2:3c:29:46:79:46:43:10:6f:c5:a4:19:5e:
e8:0d:9b:e3:a6:03:07:c7:a6:bc:90:5d:cf:76:26:
3e:27:94:d6:dc:b0:e9:44:87:7d:f1:e4:ec:63:2d:
57:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:87:2E:2C:6A:29:AD:1D:BF:E1:76:9B:3D:CF:C7:8E:AF:C1:33:B7
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/WocuLGoprR2_4XabPc_Hjq_BM7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.128.0/22
185.232.52.0/24
195.43.147.0/24
IPv6:
2a0d:1640::/32
2a0d:1643::/32
2a0d:63c0::/32
Signature Algorithm: sha256WithRSAEncryption
28:24:9d:85:8d:07:d0:a2:1c:f4:39:89:96:d7:35:de:50:1b:
c5:04:9b:88:b4:23:a8:69:18:f3:00:07:23:bd:49:35:a3:4a:
8a:80:cb:66:75:d8:2f:c0:19:d2:61:12:d2:91:f5:35:09:46:
43:c6:63:36:02:10:81:52:ea:3e:5f:d2:53:26:6d:3d:a6:82:
37:69:61:65:6e:a5:cc:82:27:1c:b9:61:c3:9b:98:e6:14:13:
7c:94:ce:97:99:88:5f:b7:f5:dc:81:15:64:2a:84:d7:f5:bf:
06:ac:38:23:dd:69:5b:fa:02:89:8a:ad:72:ee:89:09:23:60:
cf:7d:49:59:73:c6:ee:85:f6:7e:0d:ab:d2:3e:f3:ef:2e:3c:
d6:a0:72:21:e0:92:d5:63:23:9b:93:05:0a:07:5a:5d:c4:84:
4e:56:4c:76:8f:86:8d:12:c0:8a:b0:7d:26:fe:3e:48:31:89:
26:ac:4e:5e:08:4e:9d:93:09:25:ec:13:67:f7:a8:82:43:ae:
e9:9d:3a:a5:d3:ce:42:ee:ad:72:37:79:98:fd:bf:ca:b0:da:
b9:05:a1:f9:ce:68:9a:6a:b1:99:26:83:67:b3:60:7b:17:e8:
f2:6d:77:35:5e:8d:04:51:a3:89:bf:a1:12:5f:8a:3d:ba:f8:
eb:d5:cc:f3
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYXzDE43QXK6ywmamVeqord0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwMTI3MTE0NTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTg3MmUyYzZhMjlhZDFkYmZlMTc2OWIzZGNmYzc4ZWFmYzEzM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDiD0INgR/E7Cf2M9kOV1/uQcF2z
sZ5OOOuRZDN/ubFaaFUkh1k1QjUx8xheFc+Zo0uCFaVQxYqDBcgy+6Yw5alGCSDD
r7HO3ogi49O0GnB0UrIX5ixsb6RnsJ8okzwFivktjMECLqwqJqHN+raeSvxpBhRn
q6E6YERCCGjuxz4Ba0SM4ZlZPJNgMzToJ5uasA+ndVLNjdZA2Cx6DU8gJzDPnqKQ
isIQLo7snWzhgL8VXC46PfdGWrJFnJP8tkCk1eszaeU9hR1BseFpo50Vouq+neI8
KUZ5RkMQb8WkGV7oDZvjpgMHx6a8kF3PdiY+J5TW3LDpRId98eTsYy1XVQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFqHLixqKa0dv+F2mz3Px46vwTO3MB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvV29jdUxHb3ByUjJfNFhhYlBjX0hqcV9CTTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCudSAAwQA
ueg0AwQAwyuTMBsEAgACMBUDBQAqDRZAAwUAKg0WQwMFACoNY8AwDQYJKoZIhvcN
AQELBQADggEBACgknYWNB9CiHPQ5iZbXNd5QG8UEm4i0I6hpGPMAByO9STWjSoqA
y2Z12C/AGdJhEtKR9TUJRkPGYzYCEIFS6j5f0lMmbT2mgjdpYWVupcyCJxy5YcOb
mOYUE3yUzpeZiF+39dyBFWQqhNf1vwasOCPdaVv6AomKrXLuiQkjYM99SVlzxu6F
9n4Nq9I+8+8uPNagciHgktVjI5uTBQoHWl3EhE5WTHaPho0SwIqwfSb+PkgxiSas
Tl4ITp2TCSXsE2f3qIJDrumdOqXTzkLurXI3eZj9v8qw2rkFofnOaJpqsZkmg2ez
YHsX6PJtdzVejQRRo4m/oRJfij26+OvVzPM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:08 2024 by rpki-client on console-fra.rpki-client.org