Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/WKy9Zb5Hu1jEBkMa6So6AFOcEIQ.roa
File: WKy9Zb5Hu1jEBkMa6So6AFOcEIQ.roa (raw, json)
Hash identifier: Hzl+0+jHiDJ6UHj6/Qz4YK70S05uQJWUJWodabN0ol0=
Subject key identifier: 58:AC:BD:65:BE:47:BB:58:C4:06:43:1A:E9:2A:3A:00:53:9C:10:84
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018FBEAA9B4E70C9E43901ACE18E48100B96
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/WKy9Zb5Hu1jEBkMa6So6AFOcEIQ.roa
Signing time: Tue 28 May 2024 10:06:42 +0000
ROA not before: Tue 28 May 2024 10:06:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203446
IP address blocks: 2.56.246.0/24 maxlen: 24
45.13.226.0/24 maxlen: 24
45.67.139.0/24 maxlen: 24
45.90.96.0/24 maxlen: 24
45.90.97.0/24 maxlen: 24
45.131.65.0/24 maxlen: 24
45.134.39.0/24 maxlen: 24
45.137.70.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
194.62.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jul 2024 14:32:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:be:aa:9b:4e:70:c9:e4:39:01:ac:e1:8e:48:10:0b:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: May 28 10:06:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58acbd65be47bb58c406431ae92a3a00539c1084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:42:71:8a:74:b7:20:a8:d9:d8:c2:fb:ee:25:
23:d9:48:86:0f:3d:c1:f1:cf:e4:59:1f:43:0d:dc:
dc:7b:1e:ba:2f:19:12:06:2c:32:f1:5b:51:99:c0:
20:b1:2d:65:9f:97:24:e4:5d:17:67:3a:eb:58:55:
b2:1d:65:1e:ec:4f:b8:f8:32:67:8a:af:6d:82:87:
55:18:db:91:f5:f8:66:b8:b3:c6:b1:08:16:53:ba:
37:18:5f:59:9d:37:be:e7:b5:d2:25:7b:e5:99:ad:
c2:59:bb:9a:ba:cd:fb:f2:bf:f9:5b:f0:ef:99:53:
b3:49:0f:a8:c2:60:8d:e2:8b:71:9a:93:6d:d8:3f:
c5:04:99:ee:aa:e6:5d:0c:d4:a4:4e:de:07:a9:49:
ab:af:6c:49:70:d0:1b:7e:a2:cf:6e:29:cf:c2:b7:
fa:13:48:95:5d:e3:04:48:1c:2d:5e:cf:37:d5:e3:
5e:11:0f:d3:78:5d:1c:2b:be:28:bf:25:f9:1f:cb:
a8:43:75:84:65:87:ac:14:61:e2:e4:c5:48:18:45:
4e:a8:5b:d8:9d:bb:68:b7:86:1b:5c:29:d8:af:a9:
43:c6:f7:bd:b0:89:e8:1a:a8:b4:da:bb:89:80:06:
51:f1:b3:cd:c9:f0:7f:69:fa:ad:4b:43:65:aa:59:
26:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:AC:BD:65:BE:47:BB:58:C4:06:43:1A:E9:2A:3A:00:53:9C:10:84
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/WKy9Zb5Hu1jEBkMa6So6AFOcEIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.246.0/24
45.13.226.0/24
45.67.139.0/24
45.90.96.0/23
45.131.65.0/24
45.134.39.0/24
45.137.70.0/24
185.117.0.0/24
194.62.248.0/24
Signature Algorithm: sha256WithRSAEncryption
69:94:93:86:55:70:d9:4d:67:0e:5e:45:d0:d7:43:5f:45:4a:
58:62:da:4f:c9:5b:e2:60:14:f7:3a:ee:47:3e:c6:17:22:91:
f2:7c:26:7f:92:78:50:d9:b7:cf:1a:0d:33:58:18:59:40:30:
b1:11:cf:27:ef:b0:ce:31:98:3b:8a:cf:2e:f5:80:f9:fd:c1:
cc:f2:58:73:36:af:92:e9:a0:e8:7b:74:62:a1:72:22:82:f0:
f9:62:46:a0:98:e8:d8:c1:1b:28:ee:49:cc:c1:7d:db:65:22:
8c:be:26:11:3d:32:4f:dd:79:f1:03:71:8e:90:dd:c7:2b:52:
db:c0:ce:1f:7d:46:30:38:ab:60:4c:40:84:09:3c:e7:3e:43:
be:a9:0f:ad:68:66:e4:67:75:f8:d2:35:58:8a:ef:14:40:58:
84:5e:25:13:84:96:13:2c:ab:70:cf:00:a3:15:db:ff:22:63:
dc:32:0f:10:97:5c:5f:b1:81:fd:ad:7e:56:94:a6:df:23:b0:
43:c3:04:42:c6:60:28:d1:bd:3c:c5:5a:46:ea:32:68:d8:ce:
e2:59:e5:ba:5b:d9:57:e6:eb:d7:d8:b3:e9:e3:3c:db:33:e3:
4b:ff:e0:86:32:b6:5b:3c:7b:5a:34:b7:aa:79:52:e4:5f:8c:
29:45:41:79
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY++qptOcMnkOQGs4Y5IEAuWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwNTI4MTAwNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGFjYmQ2NWJlNDdiYjU4YzQwNjQzMWFlOTJhM2EwMDUzOWMxMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7UJxinS3IKjZ2ML77iUj2UiGDz3B
8c/kWR9DDdzcex66LxkSBiwy8VtRmcAgsS1ln5ck5F0XZzrrWFWyHWUe7E+4+DJn
iq9tgodVGNuR9fhmuLPGsQgWU7o3GF9ZnTe+57XSJXvlma3CWbuaus378r/5W/Dv
mVOzSQ+owmCN4otxmpNt2D/FBJnuquZdDNSkTt4HqUmrr2xJcNAbfqLPbinPwrf6
E0iVXeMESBwtXs831eNeEQ/TeF0cK74ovyX5H8uoQ3WEZYesFGHi5MVIGEVOqFvY
nbtot4YbXCnYr6lDxve9sInoGqi02ruJgAZR8bPNyfB/afqtS0NlqlkmDQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFisvWW+R7tYxAZDGukqOgBTnBCEMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvV0t5OVpiNUh1MWpFQmtNYTZTbzZBRk9jRUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjj2AwQA
LQ3iAwQALUOLAwQBLVpgAwQALYNBAwQALYYnAwQALYlGAwQAuXUAAwQAwj74MA0G
CSqGSIb3DQEBCwUAA4IBAQBplJOGVXDZTWcOXkXQ10NfRUpYYtpPyVviYBT3Ou5H
PsYXIpHyfCZ/knhQ2bfPGg0zWBhZQDCxEc8n77DOMZg7is8u9YD5/cHM8lhzNq+S
6aDoe3RioXIigvD5YkagmOjYwRso7knMwX3bZSKMviYRPTJP3XnxA3GOkN3HK1Lb
wM4ffUYwOKtgTECECTznPkO+qQ+taGbkZ3X40jVYiu8UQFiEXiUThJYTLKtwzwCj
Fdv/ImPcMg8Ql1xfsYH9rX5WlKbfI7BDwwRCxmAo0b08xVpG6jJo2M7iWeW6W9lX
5uvX2LPp4zzbM+NL/+CGMrZbPHtaNLeqeVLkX4wpRUF5
-----END CERTIFICATE-----
Generated at Fri Jul 12 18:03:13 2024 by rpki-client on console-ams.rpki-client.org