Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/wwPBSLfUaX8lbnLwCRK2qN-kjV8.roa
File: wwPBSLfUaX8lbnLwCRK2qN-kjV8.roa (raw, json)
Hash identifier: aFa1xH+VUOadVGPQK1K2IDB7YVf7VunuXCeyFf5B3qU=
Subject key identifier: C3:03:C1:48:B7:D4:69:7F:25:6E:72:F0:09:12:B6:A8:DF:A4:8D:5F
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018D6A3C0B792A4926B402732C4A86DA02F1
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/wwPBSLfUaX8lbnLwCRK2qN-kjV8.roa
Signing time: Fri 02 Feb 2024 14:32:16 +0000
ROA not before: Fri 02 Feb 2024 14:32:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.251.21.0/24 maxlen: 24
89.251.30.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 20:46:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:3c:0b:79:2a:49:26:b4:02:73:2c:4a:86:da:02:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 2 14:32:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c303c148b7d4697f256e72f00912b6a8dfa48d5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6a:f3:7a:12:2f:83:0b:70:57:ef:18:95:5f:
87:01:9a:e1:48:d6:4a:ae:c4:a4:5f:5e:93:36:ba:
dd:00:f7:f2:77:b5:fc:f2:ac:98:30:10:3a:31:6e:
89:b0:ed:50:59:4a:25:83:81:5a:d7:24:89:5a:ac:
93:9e:39:92:02:35:74:bd:af:2c:4b:80:c9:87:ba:
06:51:2b:b8:4d:ca:bd:ef:49:67:c6:51:6c:cc:e4:
3b:fe:ea:94:a2:6b:f3:ce:90:56:93:9f:7b:1e:1b:
cc:55:81:f3:25:40:2c:5d:86:15:16:df:c6:3b:f3:
2a:b4:bc:eb:05:4d:a4:e1:aa:d5:03:1a:80:f0:1b:
91:85:a4:33:05:fb:da:26:d8:78:8c:8b:9f:f5:a3:
69:2d:20:b7:4d:fc:70:cd:29:30:cb:ad:26:3c:b6:
84:f8:c3:7c:9e:82:fe:22:63:bc:d3:34:52:53:00:
7c:44:60:5b:3d:44:f2:e7:59:1d:34:ab:5d:22:e6:
d9:5b:4c:f3:8b:98:f8:42:98:73:89:02:e6:be:df:
09:00:2b:ed:bc:75:ff:51:aa:01:73:7a:e4:fa:6f:
7a:f3:36:d2:16:b2:46:5c:9e:05:c2:c7:11:47:8d:
6c:f8:8b:94:39:1d:2c:ec:27:95:04:45:48:94:67:
6b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:03:C1:48:B7:D4:69:7F:25:6E:72:F0:09:12:B6:A8:DF:A4:8D:5F
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/wwPBSLfUaX8lbnLwCRK2qN-kjV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.21.0/24
89.251.30.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:be:95:c7:c9:82:20:ff:fc:32:c3:a5:21:60:94:af:9e:ab:
13:f8:db:28:d7:33:fb:ce:e0:54:b6:00:f8:0f:10:b1:6d:2e:
f6:2a:5d:2a:da:e4:e9:8b:e3:f3:14:bf:6c:b6:26:a4:61:b6:
7a:32:88:ce:43:ec:5f:b4:8a:7f:39:0d:9c:48:5e:5b:5f:4e:
b3:9c:f7:5b:56:7b:a9:62:17:3f:8b:62:e5:ab:79:df:4b:78:
6b:b6:5f:2b:f1:e5:ae:a8:8a:ac:78:32:15:24:3b:3a:87:f5:
98:d3:6d:57:ec:11:2a:cb:7e:3a:13:29:f9:e1:75:8b:99:a1:
15:43:41:f6:d9:c5:61:55:f6:b9:f0:0c:3b:e3:a2:47:30:30:
89:89:92:3f:11:b2:81:ea:4a:9d:04:c5:2e:d3:6f:0e:ec:1e:
86:c6:fb:19:af:aa:82:13:5b:75:de:c4:ee:a0:0c:65:04:ea:
94:53:0f:b6:2d:dd:9e:98:37:a4:94:4c:f1:a1:32:b1:67:e4:
04:d1:ed:3a:66:ae:2c:56:dd:a4:6f:db:fc:c3:a5:78:3d:45:
9e:41:05:bf:bb:1a:24:51:17:41:a1:e0:57:50:20:5f:40:bb:
be:0c:ea:83:b8:90:8e:9e:88:04:4c:c4:78:0f:29:c3:05:10:
2f:f2:82:88
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1qPAt5KkkmtAJzLEqG2gLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMjAyMTQzMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzAzYzE0OGI3ZDQ2OTdmMjU2ZTcyZjAwOTEyYjZhOGRmYTQ4ZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2rzehIvgwtwV+8YlV+HAZrhSNZK
rsSkX16TNrrdAPfyd7X88qyYMBA6MW6JsO1QWUolg4Fa1ySJWqyTnjmSAjV0va8s
S4DJh7oGUSu4Tcq970lnxlFszOQ7/uqUomvzzpBWk597HhvMVYHzJUAsXYYVFt/G
O/MqtLzrBU2k4arVAxqA8BuRhaQzBfvaJth4jIuf9aNpLSC3TfxwzSkwy60mPLaE
+MN8noL+ImO80zRSUwB8RGBbPUTy51kdNKtdIubZW0zzi5j4QphziQLmvt8JACvt
vHX/UaoBc3rk+m968zbSFrJGXJ4FwscRR41s+IuUOR0s7CeVBEVIlGdrUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMMDwUi31Gl/JW5y8AkStqjfpI1fMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvd3dQQlNMZlVhWDhsYm5Md0NSSzJxTi1ralY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfsVAwQA
WfseAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQAdvpXHyYIg//wyw6UhYJSvnqsT
+Nso1zP7zuBUtgD4DxCxbS72Kl0q2uTpi+PzFL9stiakYbZ6MojOQ+xftIp/OQ2c
SF5bX06znPdbVnupYhc/i2Llq3nfS3hrtl8r8eWuqIqseDIVJDs6h/WY021X7BEq
y346Eyn54XWLmaEVQ0H22cVhVfa58Aw746JHMDCJiZI/EbKB6kqdBMUu028O7B6G
xvsZr6qCE1t13sTuoAxlBOqUUw+2Ld2emDeklEzxoTKxZ+QE0e06Zq4sVt2kb9v8
w6V4PUWeQQW/uxokURdBoeBXUCBfQLu+DOqDuJCOnogETMR4DynDBRAv8oKI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org