Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/WKGvHnrgxsFUr0tnXyuWDX6Sj-w.roa
File: WKGvHnrgxsFUr0tnXyuWDX6Sj-w.roa (raw, json)
Hash identifier: ek9h1k4KXbDvIyTsEjOK7d0p4+60I4oKJesNHQWvCK0=
Subject key identifier: 58:A1:AF:1E:7A:E0:C6:C1:54:AF:4B:67:5F:2B:96:0D:7E:92:8F:EC
Certificate issuer: /CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Certificate serial: 01856E78CC86258417442FE773A426C48D08
Authority key identifier: AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/WKGvHnrgxsFUr0tnXyuWDX6Sj-w.roa
Signing time: Sun 01 Jan 2023 17:54:48 +0000
ROA not before: Sun 01 Jan 2023 17:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34081
IP address blocks: 84.33.16.0/23 maxlen: 24
217.70.144.0/20 maxlen: 24
193.188.28.0/22 maxlen: 24
31.14.163.0/24 maxlen: 25
172.83.81.0/24 maxlen: 25
84.33.192.0/18 maxlen: 24
84.33.0.0/18 maxlen: 24
2001:1a38::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:34:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:cc:86:25:84:17:44:2f:e7:73:a4:26:c4:8d:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Validity
Not Before: Jan 1 17:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58a1af1e7ae0c6c154af4b675f2b960d7e928fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b2:2a:e1:8e:39:ff:46:6c:b9:5c:b2:37:1a:
ac:b9:a2:c3:42:7f:6e:c5:72:f1:82:7f:05:c5:ed:
08:8f:f1:ae:bd:c3:19:82:11:a6:48:34:36:bd:f7:
2a:63:35:9d:79:41:01:9e:c8:32:79:05:94:cf:36:
3c:6c:9a:9a:a1:e7:d0:a6:90:71:99:d6:d6:48:79:
4c:f5:9f:89:32:5d:54:73:df:6f:c1:c5:c2:cd:96:
be:a2:e7:dc:fa:36:4c:e8:8c:95:64:6c:78:7b:23:
20:4b:87:93:0b:aa:c2:a0:4f:d1:32:5c:b7:6c:d2:
22:01:f0:df:fa:28:45:94:81:15:f3:79:64:a9:2e:
d7:6c:41:02:9f:2f:ee:44:3e:b1:20:3a:48:d8:33:
a5:ed:82:9c:0d:d2:46:d5:69:1c:38:f1:e1:7a:b8:
10:35:41:8f:bb:e2:fe:c0:8c:f6:71:9e:14:92:59:
f3:9c:56:57:eb:a8:80:45:91:ce:7b:ab:26:8e:c0:
c3:a2:e0:58:92:57:e4:c5:3d:b7:d2:c4:2a:23:bc:
26:67:b8:78:3a:26:26:9f:53:b7:c1:62:28:8f:51:
18:ad:fc:f9:28:62:86:6d:18:cf:ec:51:ee:52:67:
08:c4:8f:fa:af:54:06:6e:5d:55:ab:ef:00:8b:d8:
7e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:A1:AF:1E:7A:E0:C6:C1:54:AF:4B:67:5F:2B:96:0D:7E:92:8F:EC
X509v3 Authority Key Identifier:
keyid:AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/WKGvHnrgxsFUr0tnXyuWDX6Sj-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/quvJv-8rTSPxlRO_1NYLt5j1pZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.163.0/24
84.33.0.0/18
84.33.192.0/18
172.83.81.0/24
193.188.28.0/22
217.70.144.0/20
IPv6:
2001:1a38::/32
Signature Algorithm: sha256WithRSAEncryption
a3:79:1b:b0:e2:dc:99:84:eb:90:ec:36:29:28:1d:50:eb:a4:
41:1b:1e:dd:92:73:34:16:7e:e8:10:02:2c:f8:73:43:8d:ad:
55:a0:83:31:d7:65:3b:82:6f:a0:5d:ed:1c:67:52:a6:a3:b6:
37:11:69:63:65:e9:05:e8:f8:ba:76:8c:c2:23:d4:87:97:bc:
b7:b2:6d:3d:d8:f5:64:90:b3:32:5b:78:bc:8d:34:de:9b:86:
ed:c0:c6:8b:7c:99:18:9e:d1:fa:19:e4:d5:43:2f:4c:8b:50:
5a:77:37:3d:87:0a:78:26:dc:68:70:b8:03:08:f6:21:d5:30:
cf:cc:69:70:c1:0b:53:3f:1d:51:57:bc:58:da:ec:b0:67:02:
e8:e1:70:f6:77:3b:61:49:38:b9:11:9e:2c:fb:0e:95:58:e5:
36:bc:58:e7:44:8e:0a:a4:b7:51:ca:4b:b8:a1:d9:5a:b9:eb:
0f:d6:19:fc:af:4e:5f:69:01:28:61:26:ae:b3:d6:d2:47:50:
f1:53:ae:13:1c:37:de:8a:50:06:85:7a:ce:20:ff:86:f2:ea:
83:8e:92:ed:48:81:ce:51:c3:f4:cd:7b:f4:e7:c9:bd:ec:3b:
71:a1:70:b9:a7:9a:6d:d0:4d:5b:16:38:df:7c:48:5f:2d:a3:
c3:c6:9b:e2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVueMyGJYQXRC/nc6QmxI0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZWJjOWJmZWYyYjRkMjNmMTk1MTNiZmQ0ZDYwYmI3OThm
NWE1OWQwHhcNMjMwMTAxMTc1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGExYWYxZTdhZTBjNmMxNTRhZjRiNjc1ZjJiOTYwZDdlOTI4ZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorIq4Y45/0ZsuVyyNxqsuaLDQn9u
xXLxgn8Fxe0Ij/GuvcMZghGmSDQ2vfcqYzWdeUEBnsgyeQWUzzY8bJqaoefQppBx
mdbWSHlM9Z+JMl1Uc99vwcXCzZa+oufc+jZM6IyVZGx4eyMgS4eTC6rCoE/RMly3
bNIiAfDf+ihFlIEV83lkqS7XbEECny/uRD6xIDpI2DOl7YKcDdJG1WkcOPHhergQ
NUGPu+L+wIz2cZ4UklnznFZX66iARZHOe6smjsDDouBYklfkxT230sQqI7wmZ7h4
OiYmn1O3wWIoj1EYrfz5KGKGbRjP7FHuUmcIxI/6r1QGbl1Vq+8Ai9h+UQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFihrx564MbBVK9LZ18rlg1+ko/sMB8GA1UdIwQY
MBaAFKrryb/vK00j8ZUTv9TWC7eY9aWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXV2SnYtOHJUU1B4bFJPXzFOWUx0NWoxcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mYjEyODktNGQxNC00MGYwLTk2Nzkt
MTFhZmI0OTkyZWVmLzEvV0tHdkhucmd4c0ZVcjB0blh5dVdEWDZTai13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9mYjEyODktNGQxNC00MGYwLTk2NzktMTFhZmI0OTkyZWVm
LzEvcXV2SnYtOHJUU1B4bFJPXzFOWUx0NWoxcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAHw6jAwQG
VCEAAwQGVCHAAwQArFNRAwQCwbwcAwQE2UaQMA0EAgACMAcDBQAgARo4MA0GCSqG
SIb3DQEBCwUAA4IBAQCjeRuw4tyZhOuQ7DYpKB1Q66RBGx7dknM0Fn7oEAIs+HND
ja1VoIMx12U7gm+gXe0cZ1Kmo7Y3EWljZekF6Pi6dozCI9SHl7y3sm092PVkkLMy
W3i8jTTem4btwMaLfJkYntH6GeTVQy9Mi1Badzc9hwp4JtxocLgDCPYh1TDPzGlw
wQtTPx1RV7xY2uywZwLo4XD2dzthSTi5EZ4s+w6VWOU2vFjnRI4KpLdRyku4odla
uesP1hn8r05faQEoYSaus9bSR1DxU64THDfeilAGhXrOIP+G8uqDjpLtSIHOUcP0
zXv058m97DtxoXC5p5pt0E1bFjjffEhfLaPDxpvi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:38 2024 by rpki-client on console-fra.rpki-client.org