Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/WtfJx1Xduq_3PLIG9Ns42SVn74I.roa
File: WtfJx1Xduq_3PLIG9Ns42SVn74I.roa (raw, json)
Hash identifier: h775bBdOrPQ/hYjM+2pHW95jRP7HsP3ZRG9sYbTkitA=
Subject key identifier: 5A:D7:C9:C7:55:DD:BA:AF:F7:3C:B2:06:F4:DB:38:D9:25:67:EF:82
Certificate issuer: /CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Certificate serial: 018DE8F029768EAFCFA231EEDB7E7C4DECAA
Authority key identifier: 4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/WtfJx1Xduq_3PLIG9Ns42SVn74I.roa
Signing time: Tue 27 Feb 2024 05:01:09 +0000
ROA not before: Tue 27 Feb 2024 05:01:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216408
IP address blocks: 185.87.216.0/24 maxlen: 24
185.87.217.0/24 maxlen: 24
2a13:85c0:100::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 04 Mar 2024 07:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e8:f0:29:76:8e:af:cf:a2:31:ee:db:7e:7c:4d:ec:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Validity
Not Before: Feb 27 05:01:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ad7c9c755ddbaaff73cb206f4db38d92567ef82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e4:da:56:e0:04:10:da:85:c5:26:fc:45:72:
d3:32:69:75:95:e8:b3:4b:96:cb:93:a0:2c:11:96:
70:e8:76:0f:80:3f:60:6b:0f:ac:b7:24:46:15:36:
f2:3f:42:d5:33:71:8c:ac:00:0f:08:5f:95:8c:ab:
d8:44:08:85:3b:c5:a5:43:e5:d1:95:0a:97:c4:74:
5a:9c:81:12:9a:e3:93:58:46:67:e4:64:8c:3e:cb:
8e:c2:65:3f:a2:9b:56:cb:d8:03:58:a1:74:39:63:
47:a1:6c:cd:a3:cd:82:ff:5e:18:50:d5:b7:30:a8:
85:6d:e9:af:f9:b2:b7:bb:c8:85:c0:38:f6:35:2a:
ae:fc:af:33:7e:5f:e7:af:08:12:95:d1:e3:96:1a:
10:23:ae:bf:59:f9:df:1d:73:71:58:37:ba:64:da:
c6:f7:a2:8e:d4:2c:b2:e9:f5:a7:9e:bb:03:6d:16:
00:f9:c6:fb:fb:70:7f:0a:5f:b2:21:0a:f9:0e:56:
76:a2:6a:c9:1d:c9:58:6f:ec:31:81:47:3d:11:f6:
99:8e:ba:f4:64:f7:68:d0:50:41:6a:9c:b1:72:5a:
8a:de:cf:62:08:55:58:f5:8d:37:de:b2:2b:b6:93:
db:96:bc:49:96:5e:eb:13:b2:33:b1:e6:ce:9f:9e:
af:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D7:C9:C7:55:DD:BA:AF:F7:3C:B2:06:F4:DB:38:D9:25:67:EF:82
X509v3 Authority Key Identifier:
keyid:4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/WtfJx1Xduq_3PLIG9Ns42SVn74I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.216.0/23
IPv6:
2a13:85c0:100::/40
Signature Algorithm: sha256WithRSAEncryption
5d:8c:c2:88:17:70:b4:e3:f0:de:b1:f4:f2:9f:91:d7:de:50:
30:89:db:e2:04:88:eb:03:7d:e6:27:81:19:f0:2c:90:23:83:
aa:bf:e0:f2:62:45:3c:52:52:47:ae:0d:cb:ba:3f:6f:95:fb:
68:4a:8d:c9:5b:d1:59:70:10:66:a8:a7:c8:65:22:5b:67:e3:
98:6a:95:00:95:b7:56:5d:fa:32:e0:68:7a:1d:12:13:4c:be:
21:98:eb:30:fa:a1:92:9e:46:59:2c:f2:22:1e:ed:4f:2f:34:
36:c9:fc:85:8e:5f:7a:70:ff:e2:1c:66:44:67:97:22:98:28:
27:a1:7b:c8:86:66:da:2a:da:a5:fa:74:3a:6f:67:67:82:72:
3f:df:a3:83:43:d1:b9:c4:52:18:5c:01:4b:d3:b6:26:f1:db:
86:65:dd:cf:9b:09:32:6a:82:d8:cf:13:9b:43:90:4d:19:8b:
a1:9a:1c:80:2d:71:ba:24:5a:5b:1f:83:30:9a:a8:f4:a8:be:
1f:62:2a:49:86:9b:88:92:d3:6b:2a:30:20:ec:f7:69:bb:c5:
07:35:15:3f:f6:43:17:6c:b8:8a:61:ab:b8:25:32:1a:fa:59:
3e:27:36:6f:fa:ee:1d:ec:3f:ad:c7:0f:5b:85:4f:7e:bf:43:
49:62:33:30
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY3o8Cl2jq/PojHu2358TeyqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODEyNzNkY2IwM2MzNDU3Yjc5MjUwYmUxMDllMTlhNWU3
NGYwZmQwHhcNMjQwMjI3MDUwMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWQ3YzljNzU1ZGRiYWFmZjczY2IyMDZmNGRiMzhkOTI1NjdlZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOTaVuAEENqFxSb8RXLTMml1leiz
S5bLk6AsEZZw6HYPgD9gaw+styRGFTbyP0LVM3GMrAAPCF+VjKvYRAiFO8WlQ+XR
lQqXxHRanIESmuOTWEZn5GSMPsuOwmU/optWy9gDWKF0OWNHoWzNo82C/14YUNW3
MKiFbemv+bK3u8iFwDj2NSqu/K8zfl/nrwgSldHjlhoQI66/WfnfHXNxWDe6ZNrG
96KO1Cyy6fWnnrsDbRYA+cb7+3B/Cl+yIQr5DlZ2omrJHclYb+wxgUc9EfaZjrr0
ZPdo0FBBapyxclqK3s9iCFVY9Y033rIrtpPblrxJll7rE7IzsebOn56v9QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFFrXycdV3bqv9zyyBvTbONklZ++CMB8GA1UdIwQY
MBaAFEyBJz3LA8NFe3klC+EJ4ZpedPD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYt
Nzc3OTRmYmZkMmU0LzEvV3RmSngxWGR1cV8zUExJRzlOczQyU1ZuNzRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYtNzc3OTRmYmZkMmU0
LzEvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuVfYMA4E
AgACMAgDBgAqE4XAATANBgkqhkiG9w0BAQsFAAOCAQEAXYzCiBdwtOPw3rH08p+R
195QMInb4gSI6wN95ieBGfAskCODqr/g8mJFPFJSR64Ny7o/b5X7aEqNyVvRWXAQ
ZqinyGUiW2fjmGqVAJW3Vl36MuBoeh0SE0y+IZjrMPqhkp5GWSzyIh7tTy80Nsn8
hY5fenD/4hxmRGeXIpgoJ6F7yIZm2irapfp0Om9nZ4JyP9+jg0PRucRSGFwBS9O2
JvHbhmXdz5sJMmqC2M8Tm0OQTRmLoZocgC1xuiRaWx+DMJqo9Ki+H2IqSYabiJLT
ayowIOz3abvFBzUVP/ZDF2y4imGruCUyGvpZPic2b/ruHew/rccPW4VPfr9DSWIz
MA==
-----END CERTIFICATE-----
Generated at Mon Mar 4 11:56:59 2024 by rpki-client on console-fra.rpki-client.org