Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/a954bd-157f-4dbb-bba4-3463b56e372c/1/xAuJkVLnO4VgCajQ25vSHUfRL90.roa
File: xAuJkVLnO4VgCajQ25vSHUfRL90.roa (raw, json)
Hash identifier: ODn4Dlm6nIAMvfhSYuQxsCFaksRW/8gySr2VTx76zYM=
Subject key identifier: C4:0B:89:91:52:E7:3B:85:60:09:A8:D0:DB:9B:D2:1D:47:D1:2F:DD
Certificate issuer: /CN=c28973affaa9936d39146aa136fbcb051b9af99f
Certificate serial: 018DECAABAECCBA902113E8F422B0422528A
Authority key identifier: C2:89:73:AF:FA:A9:93:6D:39:14:6A:A1:36:FB:CB:05:1B:9A:F9:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wolzr_qpk205FGqhNvvLBRua-Z8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/a954bd-157f-4dbb-bba4-3463b56e372c/1/xAuJkVLnO4VgCajQ25vSHUfRL90.roa
Signing time: Tue 27 Feb 2024 22:23:48 +0000
ROA not before: Tue 27 Feb 2024 22:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 78.40.200.0/21 maxlen: 21
82.119.192.0/19 maxlen: 19
88.81.160.0/19 maxlen: 19
185.155.164.0/22 maxlen: 22
217.22.224.0/19 maxlen: 19
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ec:aa:ba:ec:cb:a9:02:11:3e:8f:42:2b:04:22:52:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c28973affaa9936d39146aa136fbcb051b9af99f
Validity
Not Before: Feb 27 22:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c40b899152e73b856009a8d0db9bd21d47d12fdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7d:ba:e3:34:13:19:94:7e:30:11:53:81:44:
38:25:7c:7b:99:cb:9c:96:ff:42:eb:bb:49:db:60:
82:59:9e:c5:44:37:cd:15:7e:b3:88:a8:dc:70:a6:
4a:d3:87:57:3d:5d:56:ba:59:e1:ba:6e:fe:87:43:
7d:f0:0e:eb:c8:33:5e:3f:fb:a3:6a:cf:7c:1f:86:
ec:b8:01:b8:2e:b3:7e:1b:fe:c8:a9:69:23:f9:79:
bd:c3:ea:62:2c:fb:36:37:00:4b:2b:16:06:5b:e4:
38:0c:43:07:48:7d:e6:e1:92:23:84:72:52:3d:53:
90:96:67:48:81:50:9d:ad:e7:8e:26:55:60:fd:16:
a4:1f:bd:40:f2:db:eb:3d:fa:53:38:b1:2b:ce:85:
9a:e6:33:32:16:39:49:ac:5b:84:9e:09:30:58:7c:
79:9f:5a:0f:c9:a4:4e:ac:07:3e:f2:5a:30:b7:25:
98:ab:f6:26:c2:cd:b2:83:b0:47:eb:05:c8:89:8d:
12:7a:58:81:51:ef:c6:69:27:ad:2b:d7:a6:40:8f:
53:d9:35:eb:76:38:7e:3e:e3:c7:6e:31:bc:99:4b:
b7:5b:44:19:96:5f:44:dc:a4:26:5b:6e:d8:79:d8:
ea:74:37:4a:21:90:c3:7f:3b:69:26:a7:0f:ea:23:
71:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:0B:89:91:52:E7:3B:85:60:09:A8:D0:DB:9B:D2:1D:47:D1:2F:DD
X509v3 Authority Key Identifier:
keyid:C2:89:73:AF:FA:A9:93:6D:39:14:6A:A1:36:FB:CB:05:1B:9A:F9:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wolzr_qpk205FGqhNvvLBRua-Z8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a954bd-157f-4dbb-bba4-3463b56e372c/1/xAuJkVLnO4VgCajQ25vSHUfRL90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a954bd-157f-4dbb-bba4-3463b56e372c/1/wolzr_qpk205FGqhNvvLBRua-Z8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.200.0/21
82.119.192.0/19
88.81.160.0/19
185.155.164.0/22
217.22.224.0/19
Signature Algorithm: sha256WithRSAEncryption
cb:8f:7c:59:21:8d:80:ef:81:11:2d:b4:4b:46:b7:47:a3:cf:
c6:6f:82:1a:b7:31:54:07:80:80:95:95:9b:1c:e4:91:f2:f6:
62:69:0d:ce:80:de:b5:76:f1:6a:81:68:29:41:28:6c:c3:0d:
ef:1d:29:60:8a:73:f5:11:9a:d3:cc:72:b4:e8:f7:89:a9:15:
c6:05:13:19:45:d0:da:9f:15:c0:0b:79:35:a8:cb:7a:ef:b7:
02:45:03:45:8f:4c:e5:e4:52:6b:f1:1d:60:6b:04:6d:64:94:
ab:92:da:8a:00:fc:af:2b:ea:56:17:9b:8f:d7:5c:aa:bb:e8:
df:bc:66:e2:31:42:ef:e1:87:11:24:7f:a3:2b:68:ab:58:bf:
6c:2b:db:57:b3:ea:d4:35:ff:59:03:cd:21:6d:af:4c:3a:b5:
43:97:f3:15:95:dd:f8:6f:55:8a:9a:de:8a:0d:a2:92:26:fa:
60:7d:8e:a8:e2:c4:1f:2f:c5:95:4a:d9:86:06:04:22:33:3f:
b2:11:13:f5:94:21:36:38:cd:39:6a:4a:03:a4:c8:a0:e3:0c:
e4:39:c3:9c:37:53:e3:0e:36:6b:61:3e:af:ad:3f:f0:a5:29:
f2:1f:50:1d:da:ca:06:c5:ac:f6:39:4f:98:52:f6:fb:3b:41:
50:3c:77:67
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY3sqrrsy6kCET6PQisEIlKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyODk3M2FmZmFhOTkzNmQzOTE0NmFhMTM2ZmJjYjA1MWI5
YWY5OWYwHhcNMjQwMjI3MjIyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDBiODk5MTUyZTczYjg1NjAwOWE4ZDBkYjliZDIxZDQ3ZDEyZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnn264zQTGZR+MBFTgUQ4JXx7mcuc
lv9C67tJ22CCWZ7FRDfNFX6ziKjccKZK04dXPV1Wulnhum7+h0N98A7ryDNeP/uj
as98H4bsuAG4LrN+G/7IqWkj+Xm9w+piLPs2NwBLKxYGW+Q4DEMHSH3m4ZIjhHJS
PVOQlmdIgVCdreeOJlVg/RakH71A8tvrPfpTOLErzoWa5jMyFjlJrFuEngkwWHx5
n1oPyaROrAc+8lowtyWYq/Ymws2yg7BH6wXIiY0SeliBUe/GaSetK9emQI9T2TXr
djh+PuPHbjG8mUu3W0QZll9E3KQmW27YedjqdDdKIZDDfztpJqcP6iNxiQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMQLiZFS5zuFYAmo0Nub0h1H0S/dMB8GA1UdIwQY
MBaAFMKJc6/6qZNtORRqoTb7ywUbmvmfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd29senJfcXBrMjA1RkdxaE52dkxCUnVhLVo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9hOTU0YmQtMTU3Zi00ZGJiLWJiYTQt
MzQ2M2I1NmUzNzJjLzEveEF1SmtWTG5PNFZnQ2FqUTI1dlNIVWZSTDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9hOTU0YmQtMTU3Zi00ZGJiLWJiYTQtMzQ2M2I1NmUzNzJj
LzEvd29senJfcXBrMjA1RkdxaE52dkxCUnVhLVo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDTijIAwQF
UnfAAwQFWFGgAwQCuZukAwQF2RbgMA0GCSqGSIb3DQEBCwUAA4IBAQDLj3xZIY2A
74ERLbRLRrdHo8/Gb4IatzFUB4CAlZWbHOSR8vZiaQ3OgN61dvFqgWgpQShsww3v
HSlginP1EZrTzHK06PeJqRXGBRMZRdDanxXAC3k1qMt677cCRQNFj0zl5FJr8R1g
awRtZJSrktqKAPyvK+pWF5uP11yqu+jfvGbiMULv4YcRJH+jK2irWL9sK9tXs+rU
Nf9ZA80hba9MOrVDl/MVld34b1WKmt6KDaKSJvpgfY6o4sQfL8WVStmGBgQiMz+y
ERP1lCE2OM05akoDpMig4wzkOcOcN1PjDjZrYT6vrT/wpSnyH1Ad2soGxaz2OU+Y
Uvb7O0FQPHdn
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:38:20 2025 by rpki-client