Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/3eefc1-4f08-452e-84b4-3cddf1751f59/1/wk_-4z0ljsstSv2wcwRd_5S-T8E.roa
File: wk_-4z0ljsstSv2wcwRd_5S-T8E.roa (raw, json)
Hash identifier: m5QCZskVa3fSewkgu3XbJpq3yDbqRiqXtN56X0AKzJg=
Subject key identifier: C2:4F:FE:E3:3D:25:8E:CB:2D:4A:FD:B0:73:04:5D:FF:94:BE:4F:C1
Certificate issuer: /CN=afdbf456010a9bd14941ca2c91ca533e7ef5178a
Certificate serial: 01857315C9E0487463D0BAEB20C9D46FC459
Authority key identifier: AF:DB:F4:56:01:0A:9B:D1:49:41:CA:2C:91:CA:53:3E:7E:F5:17:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r9v0VgEKm9FJQcoskcpTPn71F4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/3eefc1-4f08-452e-84b4-3cddf1751f59/1/wk_-4z0ljsstSv2wcwRd_5S-T8E.roa
Signing time: Mon 02 Jan 2023 15:24:45 +0000
ROA not before: Mon 02 Jan 2023 15:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48253
IP address blocks: 185.142.38.0/24 maxlen: 24
185.142.37.0/24 maxlen: 24
185.142.36.0/24 maxlen: 24
185.142.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:c9:e0:48:74:63:d0:ba:eb:20:c9:d4:6f:c4:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afdbf456010a9bd14941ca2c91ca533e7ef5178a
Validity
Not Before: Jan 2 15:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c24ffee33d258ecb2d4afdb073045dff94be4fc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f0:c8:ee:29:7d:5a:ca:9b:c3:92:30:9c:26:
aa:23:7f:eb:2c:e4:2e:eb:cb:1d:0d:70:7e:05:68:
4c:7f:f8:c4:d4:2a:ef:b6:66:4b:11:f8:b1:a5:66:
ca:3a:61:6d:a5:dd:71:f2:43:47:8c:8f:eb:b7:d0:
4c:d1:3b:ae:6e:1a:ca:00:c7:4e:03:1d:e1:bf:6c:
52:61:7d:eb:cd:88:ee:b1:d2:b3:50:73:87:5c:1e:
54:a0:16:13:46:4d:61:a2:14:a8:88:38:b6:1c:f4:
4a:01:48:df:47:e2:90:89:f3:e2:74:8d:ea:41:fd:
c3:de:cb:e2:1f:c0:1a:84:2f:9d:fc:45:13:ca:a6:
51:3b:50:d7:4b:f9:5d:a5:ff:8e:5e:6c:af:b4:17:
55:e3:1d:e2:5a:eb:1d:f1:e9:15:01:e9:29:c0:b0:
8b:ae:0f:8e:ff:b2:00:6a:85:46:c5:61:72:f3:d0:
0a:b5:e9:52:4a:8b:d9:6e:7f:d2:1c:e0:19:e7:8b:
9a:5f:1e:3e:78:d7:16:05:54:2e:d3:06:ef:f9:6e:
2e:3b:aa:f2:e1:01:59:96:6e:b1:4b:6f:b6:96:15:
25:46:df:a9:e6:41:f2:c6:a6:9f:d8:89:c5:6f:0d:
18:07:26:3d:09:5c:f8:33:3a:fa:38:69:f3:e5:00:
98:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:4F:FE:E3:3D:25:8E:CB:2D:4A:FD:B0:73:04:5D:FF:94:BE:4F:C1
X509v3 Authority Key Identifier:
keyid:AF:DB:F4:56:01:0A:9B:D1:49:41:CA:2C:91:CA:53:3E:7E:F5:17:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r9v0VgEKm9FJQcoskcpTPn71F4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/3eefc1-4f08-452e-84b4-3cddf1751f59/1/wk_-4z0ljsstSv2wcwRd_5S-T8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/3eefc1-4f08-452e-84b4-3cddf1751f59/1/r9v0VgEKm9FJQcoskcpTPn71F4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.36.0/22
Signature Algorithm: sha256WithRSAEncryption
17:01:f2:9b:d7:5a:19:5a:6a:b3:45:94:b2:2b:d5:6c:d6:be:
8f:f0:55:4d:33:8a:7c:29:f5:29:53:85:45:8b:22:a5:3a:bf:
da:e2:05:82:fb:da:2b:d8:65:57:90:d9:34:27:36:57:6b:b4:
03:ad:43:ff:db:4b:9f:0c:12:a0:d0:6f:46:1f:f4:57:63:a9:
f2:0d:2c:1c:ca:0c:d4:f3:c7:70:2c:e4:ed:57:d0:1e:f7:5e:
c9:db:8a:de:dd:d6:e1:bf:9b:5c:e5:13:14:53:23:b8:e6:ef:
80:96:7f:3b:ff:5d:58:eb:df:c7:1b:a3:fc:4a:98:6d:21:5c:
df:60:93:0a:9e:66:8c:8d:c9:83:8b:bb:ab:cc:55:ca:92:4d:
24:f8:21:c7:eb:5b:b2:16:b8:45:d0:b9:57:32:1c:51:fd:c2:
08:6c:ed:83:13:b2:64:25:92:97:33:d9:6a:07:79:7a:95:b6:
dc:a3:7d:c5:a0:8f:cd:bc:1e:4a:82:b2:4c:04:da:b9:25:44:
60:a0:87:0c:29:b1:87:bb:f7:0a:c6:9f:3b:69:49:00:32:19:
ab:1b:45:b3:8e:2c:19:01:f0:f3:3d:48:d7:60:db:a2:ec:f1:
06:90:d3:df:40:b5:4c:e6:8a:e1:cc:ab:85:8b:98:b2:5f:32:
71:ab:6c:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFcngSHRj0LrrIMnUb8RZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZGJmNDU2MDEwYTliZDE0OTQxY2EyYzkxY2E1MzNlN2Vm
NTE3OGEwHhcNMjMwMTAyMTUyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjRmZmVlMzNkMjU4ZWNiMmQ0YWZkYjA3MzA0NWRmZjk0YmU0ZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifDI7il9Wsqbw5IwnCaqI3/rLOQu
68sdDXB+BWhMf/jE1CrvtmZLEfixpWbKOmFtpd1x8kNHjI/rt9BM0TuubhrKAMdO
Ax3hv2xSYX3rzYjusdKzUHOHXB5UoBYTRk1hohSoiDi2HPRKAUjfR+KQifPidI3q
Qf3D3sviH8AahC+d/EUTyqZRO1DXS/ldpf+OXmyvtBdV4x3iWusd8ekVAekpwLCL
rg+O/7IAaoVGxWFy89AKtelSSovZbn/SHOAZ54uaXx4+eNcWBVQu0wbv+W4uO6ry
4QFZlm6xS2+2lhUlRt+p5kHyxqaf2InFbw0YByY9CVz4Mzr6OGnz5QCYQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMJP/uM9JY7LLUr9sHMEXf+Uvk/BMB8GA1UdIwQY
MBaAFK/b9FYBCpvRSUHKLJHKUz5+9ReKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjl2MFZnRUttOUZKUWNvc2tjcFRQbjcxRjRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8zZWVmYzEtNGYwOC00NTJlLTg0YjQt
M2NkZGYxNzUxZjU5LzEvd2tfLTR6MGxqc3N0U3Yyd2N3UmRfNVMtVDhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8zZWVmYzEtNGYwOC00NTJlLTg0YjQtM2NkZGYxNzUxZjU5
LzEvcjl2MFZnRUttOUZKUWNvc2tjcFRQbjcxRjRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuY4kMA0G
CSqGSIb3DQEBCwUAA4IBAQAXAfKb11oZWmqzRZSyK9Vs1r6P8FVNM4p8KfUpU4VF
iyKlOr/a4gWC+9or2GVXkNk0JzZXa7QDrUP/20ufDBKg0G9GH/RXY6nyDSwcygzU
88dwLOTtV9Ae917J24re3dbhv5tc5RMUUyO45u+Aln87/11Y69/HG6P8SphtIVzf
YJMKnmaMjcmDi7urzFXKkk0k+CHH61uyFrhF0LlXMhxR/cIIbO2DE7JkJZKXM9lq
B3l6lbbco33FoI/NvB5KgrJMBNq5JURgoIcMKbGHu/cKxp87aUkAMhmrG0WzjiwZ
AfDzPUjXYNui7PEGkNPfQLVM5orhzKuFi5iyXzJxq2wp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:15 2024 by rpki-client on console-ams.rpki-client.org