Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/W-hEd5aXkOt5x4pHtUGDE9e_9_Q.roa
File: W-hEd5aXkOt5x4pHtUGDE9e_9_Q.roa (raw, json)
Hash identifier: iRtXrivBai0a1cYBk/6KVbBiavcFO5R3oIpwCbt5pbg=
Subject key identifier: 5B:E8:44:77:96:97:90:EB:79:C7:8A:47:B5:41:83:13:D7:BF:F7:F4
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01902A46B1E104FFB8C47CA6A109AAE3DDB6
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/W-hEd5aXkOt5x4pHtUGDE9e_9_Q.roa
Signing time: Tue 18 Jun 2024 07:36:34 +0000
ROA not before: Tue 18 Jun 2024 07:36:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208621
IP address blocks: 45.157.34.0/24 maxlen: 24
80.64.216.0/23 maxlen: 24
80.64.218.0/23 maxlen: 24
185.232.86.0/23 maxlen: 23
194.146.44.0/24 maxlen: 24
194.146.49.0/24 maxlen: 24
194.156.177.0/24 maxlen: 24
195.22.156.0/24 maxlen: 24
195.22.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jun 2024 16:14:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:46:b1:e1:04:ff:b8:c4:7c:a6:a1:09:aa:e3:dd:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jun 18 07:36:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5be84477969790eb79c78a47b5418313d7bff7f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:66:21:55:66:ac:5a:57:3b:6d:70:e9:3a:87:
ce:15:da:9a:56:fa:e0:b9:6e:9d:f6:ba:5e:ac:a1:
fa:8c:8a:d3:9e:dd:3f:05:1a:c0:56:dd:7a:87:c7:
4f:2d:ea:6b:fe:b6:36:43:b6:c5:70:7f:5f:95:4c:
aa:1a:bb:27:54:9a:43:95:0c:9b:ea:7a:1d:f7:77:
af:98:60:fb:15:ae:06:ab:1d:34:bc:85:ba:f3:16:
3c:90:0b:d8:13:73:36:c6:2b:cb:65:12:23:06:b3:
52:b1:10:2c:9d:20:52:60:c2:f1:12:76:e5:8a:b5:
5b:4e:16:07:4c:67:3b:c9:5f:6e:74:40:82:f3:f7:
36:fd:94:d6:44:f6:7d:fc:7b:67:4b:fb:72:ba:09:
54:d4:d6:a9:f4:12:ee:93:dc:16:b6:cd:05:79:b5:
55:16:ba:36:ca:7e:cb:c4:47:b5:88:ba:6d:04:4c:
e9:ff:d9:b3:c2:d0:f8:d0:65:80:46:e1:86:76:15:
e3:92:b7:b6:8f:39:be:3f:cf:70:c0:3f:e3:90:c4:
c1:24:7d:dd:03:e3:5d:2d:d0:ac:0f:e8:0f:5a:b4:
d5:88:dd:a6:c1:64:df:0b:2a:ef:67:a7:45:95:cd:
cd:b3:41:49:10:f2:4d:8e:15:3e:18:84:75:88:a4:
05:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E8:44:77:96:97:90:EB:79:C7:8A:47:B5:41:83:13:D7:BF:F7:F4
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/W-hEd5aXkOt5x4pHtUGDE9e_9_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.34.0/24
80.64.216.0/22
185.232.86.0/23
194.146.44.0/24
194.146.49.0/24
194.156.177.0/24
195.22.156.0/23
Signature Algorithm: sha256WithRSAEncryption
54:87:9b:77:ad:7c:8f:45:77:ec:17:fa:05:87:0c:27:c3:5d:
0c:70:d1:74:05:52:3e:a8:28:87:ed:9b:a0:41:fa:17:17:b8:
00:f3:ca:fa:3a:5d:5f:aa:d3:30:8d:84:53:87:0d:4f:c3:d9:
db:c4:4c:fc:7a:c2:3b:4f:69:d7:f1:8f:eb:3e:86:46:0a:77:
bd:be:67:0b:e6:18:52:f0:96:52:6e:2b:c7:e1:bb:ee:dd:81:
73:cf:d6:e8:90:1f:ca:bb:3c:15:22:03:dd:73:cd:66:00:54:
6f:df:b7:2f:37:1a:f3:9e:2f:34:f6:52:33:03:40:88:bd:c0:
33:4a:1f:b4:ae:a9:42:2c:a1:74:1a:2f:da:bf:ce:7f:c1:81:
37:cb:c5:c4:28:f8:63:a5:2d:e3:53:7d:53:06:1f:01:40:37:
25:d7:a6:23:ff:01:08:d3:c3:b1:a2:aa:73:5d:d1:bc:f5:df:
71:de:e8:c9:a4:32:ed:6e:bf:a2:0f:86:e9:35:c3:fe:de:d1:
33:52:6f:90:68:99:19:99:5b:82:57:c9:41:82:9f:42:d2:90:
f8:fa:51:37:5d:c7:ee:1b:30:3e:d1:32:34:0b:d7:f7:84:c6:
ae:0f:e0:d4:e2:11:6a:65:19:09:f4:a6:0c:69:9e:35:d7:e4:
25:54:f1:e8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZAqRrHhBP+4xHymoQmq4922MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwNjE4MDczNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmU4NDQ3Nzk2OTc5MGViNzljNzhhNDdiNTQxODMxM2Q3YmZmN2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GYhVWasWlc7bXDpOofOFdqaVvrg
uW6d9rperKH6jIrTnt0/BRrAVt16h8dPLepr/rY2Q7bFcH9flUyqGrsnVJpDlQyb
6nod93evmGD7Fa4Gqx00vIW68xY8kAvYE3M2xivLZRIjBrNSsRAsnSBSYMLxEnbl
irVbThYHTGc7yV9udECC8/c2/ZTWRPZ9/HtnS/tyuglU1Nap9BLuk9wWts0FebVV
Fro2yn7LxEe1iLptBEzp/9mzwtD40GWARuGGdhXjkre2jzm+P89wwD/jkMTBJH3d
A+NdLdCsD+gPWrTViN2mwWTfCyrvZ6dFlc3Ns0FJEPJNjhU+GIR1iKQFVQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFvoRHeWl5DreceKR7VBgxPXv/f0MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvVy1oRWQ1YVhrT3Q1eDRwSHRVR0RFOWVfOV9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZ0iAwQC
UEDYAwQBuehWAwQAwpIsAwQAwpIxAwQAwpyxAwQBwxacMA0GCSqGSIb3DQEBCwUA
A4IBAQBUh5t3rXyPRXfsF/oFhwwnw10McNF0BVI+qCiH7ZugQfoXF7gA88r6Ol1f
qtMwjYRThw1Pw9nbxEz8esI7T2nX8Y/rPoZGCne9vmcL5hhS8JZSbivH4bvu3YFz
z9bokB/KuzwVIgPdc81mAFRv37cvNxrzni809lIzA0CIvcAzSh+0rqlCLKF0Gi/a
v85/wYE3y8XEKPhjpS3jU31TBh8BQDcl16Yj/wEI08OxoqpzXdG89d9x3ujJpDLt
br+iD4bpNcP+3tEzUm+QaJkZmVuCV8lBgp9C0pD4+lE3XcfuGzA+0TI0C9f3hMau
D+DU4hFqZRkJ9KYMaZ411+QlVPHo
-----END CERTIFICATE-----
Generated at Sat Jun 22 18:54:42 2024 by rpki-client on console-fra.rpki-client.org