Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/phb6WzUP53iA6dibqvEl1UR__nQ.roa
File: phb6WzUP53iA6dibqvEl1UR__nQ.roa (raw, json)
Hash identifier: 8M90XdlgqplkqXYlbgnLMgal3GFAi+cC1eSRGRmOai4=
Subject key identifier: A6:16:FA:5B:35:0F:E7:78:80:E9:D8:9B:AA:F1:25:D5:44:7F:FE:74
Certificate issuer: /CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Certificate serial: 01856F14EAD2962FA18B89EEDF12E95F63FD
Authority key identifier: 58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/phb6WzUP53iA6dibqvEl1UR__nQ.roa
Signing time: Sun 01 Jan 2023 20:45:19 +0000
ROA not before: Sun 01 Jan 2023 20:45:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29180
IP address blocks: 82.132.128.0/22 maxlen: 24
185.238.16.0/23 maxlen: 24
185.238.18.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ea:d2:96:2f:a1:8b:89:ee:df:12:e9:5f:63:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Validity
Not Before: Jan 1 20:45:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a616fa5b350fe77880e9d89baaf125d5447ffe74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f7:a3:94:8a:d0:06:73:bd:23:b0:e5:8e:f4:
90:82:eb:98:d3:75:22:eb:d4:7c:59:41:7c:56:34:
3e:3c:cc:b4:99:dc:12:b8:b0:37:5f:69:3f:12:50:
93:3b:1d:18:19:62:f4:53:b9:56:9e:d3:64:90:1c:
8e:80:c9:d7:08:f6:ee:43:01:a9:ed:30:e1:3e:b5:
5a:9d:2b:9d:1b:7a:c6:56:f8:12:64:33:1a:8e:d3:
0b:59:a7:88:01:ec:0e:58:02:32:d5:68:02:15:2b:
0f:a6:05:e1:0a:7c:fb:45:8f:97:00:8f:85:f4:42:
e1:d3:ee:e8:cf:75:40:a2:43:8f:85:e3:09:0f:52:
50:1f:3a:8a:35:22:24:ce:42:ba:d9:05:13:a8:c5:
a2:2e:16:5f:d8:82:57:5f:07:a0:20:b5:46:a9:e3:
e2:95:a1:d1:2f:e8:93:d0:fa:df:5e:e8:91:e7:f9:
8c:60:4d:76:ac:46:ff:63:a6:01:1a:c1:d0:61:28:
50:3f:9f:5f:6c:69:f3:2e:71:3f:6b:9e:65:86:ab:
5d:35:b6:a6:3c:06:9a:67:bf:47:6a:e2:33:9a:64:
b4:55:c3:ac:c6:36:09:06:d4:8e:2c:60:87:f5:cb:
16:1f:1c:88:99:e9:57:e7:ea:dd:b6:4d:6a:67:83:
58:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:16:FA:5B:35:0F:E7:78:80:E9:D8:9B:AA:F1:25:D5:44:7F:FE:74
X509v3 Authority Key Identifier:
keyid:58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/phb6WzUP53iA6dibqvEl1UR__nQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.132.128.0/22
185.238.16.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:32:37:ad:9e:08:67:d2:00:7c:13:61:97:44:9b:37:15:14:
5c:f7:d7:10:b0:5f:f5:f5:f1:b4:be:25:79:c5:95:0c:01:b8:
77:01:eb:1f:dc:0d:cc:7d:d0:fd:ee:ad:e7:b9:06:31:0e:56:
55:bb:14:b9:dd:7b:a2:92:2a:d1:65:b9:93:f6:0f:23:26:64:
d7:28:80:46:27:cb:e3:03:e7:f6:da:9d:d0:4a:2c:ae:e3:3c:
b1:d2:f0:6d:17:69:67:4a:a9:3b:ce:28:37:ef:3f:f1:78:6a:
a6:e2:4a:0f:0e:e1:d9:0e:30:9a:aa:e9:fe:96:e6:85:77:6a:
6b:a7:15:50:09:11:9f:f4:5e:55:a5:26:67:5e:44:af:8b:0a:
7b:9b:3f:ce:29:7c:74:61:71:35:c5:4d:9f:84:b7:2c:25:e4:
8b:25:09:6d:0d:e4:63:40:9b:36:88:f8:e5:74:b6:5a:aa:f4:
78:ea:60:d7:bb:9c:e6:e1:0b:44:9f:4c:16:d2:3f:f3:85:ed:
7d:77:0b:48:08:7e:d7:d6:4e:d7:fe:69:fb:38:bb:b8:77:3c:
37:58:f9:c0:e7:03:89:ec:1a:4b:7f:26:10:00:71:ed:6b:aa:
2c:b7:99:54:15:96:08:c4:77:07:31:8f:11:ba:ff:c1:41:3b:
9c:59:cd:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFOrSli+hi4nu3xLpX2P9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjI5ZTdiOGEwZGRiOWMzNmM2ZTBlM2Y0OTU3NzgxN2Iw
ZWEzYTYwHhcNMjMwMTAxMjA0NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjE2ZmE1YjM1MGZlNzc4ODBlOWQ4OWJhYWYxMjVkNTQ0N2ZmZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPejlIrQBnO9I7DljvSQguuY03Ui
69R8WUF8VjQ+PMy0mdwSuLA3X2k/ElCTOx0YGWL0U7lWntNkkByOgMnXCPbuQwGp
7TDhPrVanSudG3rGVvgSZDMajtMLWaeIAewOWAIy1WgCFSsPpgXhCnz7RY+XAI+F
9ELh0+7oz3VAokOPheMJD1JQHzqKNSIkzkK62QUTqMWiLhZf2IJXXwegILVGqePi
laHRL+iT0PrfXuiR5/mMYE12rEb/Y6YBGsHQYShQP59fbGnzLnE/a55lhqtdNbam
PAaaZ79HauIzmmS0VcOsxjYJBtSOLGCH9csWHxyImelX5+rdtk1qZ4NY0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKYW+ls1D+d4gOnYm6rxJdVEf/50MB8GA1UdIwQY
MBaAFFiynnuKDducNsbg4/SVd4F7DqOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUt
ZWU3M2ZlMjFlZDIzLzEvcGhiNld6VVA1M2lBNmRpYnF2RWwxVVJfX25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUtZWU3M2ZlMjFlZDIz
LzEvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUoSAAwQC
ue4QMA0GCSqGSIb3DQEBCwUAA4IBAQAsMjetnghn0gB8E2GXRJs3FRRc99cQsF/1
9fG0viV5xZUMAbh3Aesf3A3MfdD97q3nuQYxDlZVuxS53XuikirRZbmT9g8jJmTX
KIBGJ8vjA+f22p3QSiyu4zyx0vBtF2lnSqk7zig37z/xeGqm4koPDuHZDjCaqun+
luaFd2prpxVQCRGf9F5VpSZnXkSviwp7mz/OKXx0YXE1xU2fhLcsJeSLJQltDeRj
QJs2iPjldLZaqvR46mDXu5zm4QtEn0wW0j/zhe19dwtICH7X1k7X/mn7OLu4dzw3
WPnA5wOJ7BpLfyYQAHHta6ost5lUFZYIxHcHMY8Ruv/BQTucWc16
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:10 2024 by rpki-client on console-fra.rpki-client.org