Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/wx5NxfyPy7fkq_W1La3nhJnWpY4.roa
File: wx5NxfyPy7fkq_W1La3nhJnWpY4.roa (raw, json)
Hash identifier: ZuD6TbC5WmxdrUDQ2uSduNUm1D/Zfc+tG6OqfSg3yH4=
Subject key identifier: C3:1E:4D:C5:FC:8F:CB:B7:E4:AB:F5:B5:2D:AD:E7:84:99:D6:A5:8E
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018E2E6D6623B2516106534FE0D929C31A16
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/wx5NxfyPy7fkq_W1La3nhJnWpY4.roa
Signing time: Mon 11 Mar 2024 16:51:45 +0000
ROA not before: Mon 11 Mar 2024 16:51:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203
IP address blocks: 80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
195.26.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 09:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:6d:66:23:b2:51:61:06:53:4f:e0:d9:29:c3:1a:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 11 16:51:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c31e4dc5fc8fcbb7e4abf5b52dade78499d6a58e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b7:df:91:e8:12:03:a8:23:20:bb:91:df:a2:
52:9a:20:f0:6a:ba:e7:56:07:a4:6a:50:24:ad:e0:
e1:c3:a6:d1:9f:dc:f6:02:8f:d7:b9:81:8e:e1:79:
3e:54:0c:ac:76:e6:c6:28:4a:a0:33:41:bc:ad:9c:
16:01:65:dd:e2:58:e6:af:f4:42:d8:71:c4:ba:92:
13:0d:df:bd:20:39:74:71:2b:5a:0f:89:b1:51:e9:
07:c7:82:fa:0f:bf:4d:ea:22:f0:1c:91:67:5f:28:
a8:d7:8d:90:d2:bb:00:af:25:36:54:1d:29:e3:8c:
e1:49:86:2c:b1:7c:0d:17:be:c7:33:ef:9a:2f:f8:
c8:c2:2e:9a:5a:37:74:da:ca:20:5b:4b:41:f5:34:
3b:01:83:c7:55:85:2a:71:71:67:2d:7f:16:ee:a0:
b1:07:eb:47:35:a9:f2:b5:a8:c5:99:52:6c:08:80:
83:9b:95:7c:32:ca:44:80:cc:2c:df:e2:6f:ba:cf:
61:e3:97:e0:3e:29:76:73:f6:5a:0c:5c:2c:22:ab:
b8:2e:a0:db:f1:ba:d5:00:54:d2:1c:ac:9f:61:fc:
90:7c:af:39:c5:01:39:80:e4:08:4f:8f:8c:9c:09:
59:7d:38:6e:f5:96:4c:fc:df:6e:24:9c:94:18:97:
98:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:1E:4D:C5:FC:8F:CB:B7:E4:AB:F5:B5:2D:AD:E7:84:99:D6:A5:8E
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/wx5NxfyPy7fkq_W1La3nhJnWpY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.240.0/20
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
195.26.32.0/19
Signature Algorithm: sha256WithRSAEncryption
9b:2e:33:ce:85:77:aa:ea:7b:8d:31:0a:be:dd:3b:54:4d:a6:
6e:17:e7:79:58:13:a6:1b:31:74:be:08:5b:90:f2:04:f9:f7:
46:69:16:b4:c0:fe:f9:1a:95:62:00:35:82:6b:20:ad:23:9c:
4d:02:62:c8:bb:25:ea:3e:be:64:af:e4:d0:1a:21:0c:c9:28:
56:6c:1c:85:c0:50:60:37:86:31:ae:9d:98:62:a5:ef:ee:33:
d0:71:aa:71:b1:5e:52:29:e6:65:80:04:32:11:2b:a7:9d:a8:
62:c7:74:05:46:67:72:7d:fb:9e:8c:3c:37:f1:ca:4d:a2:ca:
ba:db:d8:9c:c7:8a:a0:b6:a4:50:a6:34:da:d4:57:ce:3b:3e:
6b:28:9a:41:05:62:e1:7d:24:3e:4b:fb:e4:50:c0:a9:0b:42:
57:ab:07:76:bd:05:89:07:2e:36:21:de:b1:e1:02:e6:cd:3d:
2b:0d:81:14:9e:88:48:61:2c:f8:c7:fc:7c:66:b1:16:9a:f4:
a0:2c:d9:7b:33:0f:4c:e1:b5:04:08:8f:e4:ea:c6:f5:6a:eb:
9c:32:9a:4a:0d:2c:fb:27:0b:b6:9e:ea:08:e6:d9:9d:1c:d1:
69:61:cb:69:e4:1f:f7:7e:14:2f:1a:db:83:5a:c2:4b:f0:1c:
98:6a:6a:49
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY4ubWYjslFhBlNP4NkpwxoWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzExMTY1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzFlNGRjNWZjOGZjYmI3ZTRhYmY1YjUyZGFkZTc4NDk5ZDZhNThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7ffkegSA6gjILuR36JSmiDwarrn
VgekalAkreDhw6bRn9z2Ao/XuYGO4Xk+VAysdubGKEqgM0G8rZwWAWXd4ljmr/RC
2HHEupITDd+9IDl0cStaD4mxUekHx4L6D79N6iLwHJFnXyio142Q0rsAryU2VB0p
44zhSYYssXwNF77HM++aL/jIwi6aWjd02sogW0tB9TQ7AYPHVYUqcXFnLX8W7qCx
B+tHNanytajFmVJsCICDm5V8MspEgMws3+Jvus9h45fgPil2c/ZaDFwsIqu4LqDb
8brVAFTSHKyfYfyQfK85xQE5gOQIT4+MnAlZfThu9ZZM/N9uJJyUGJeYDwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMMeTcX8j8u35Kv1tS2t54SZ1qWOMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvd3g1TnhmeVB5N2ZrcV9XMUxhM25oSm5XcFk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEUErwAwQF
VV9gAwQDXCp4AwQDX4FAAwQFwxogMA0GCSqGSIb3DQEBCwUAA4IBAQCbLjPOhXeq
6nuNMQq+3TtUTaZuF+d5WBOmGzF0vghbkPIE+fdGaRa0wP75GpViADWCayCtI5xN
AmLIuyXqPr5kr+TQGiEMyShWbByFwFBgN4Yxrp2YYqXv7jPQcapxsV5SKeZlgAQy
ESunnahix3QFRmdyffuejDw38cpNosq629icx4qgtqRQpjTa1FfOOz5rKJpBBWLh
fSQ+S/vkUMCpC0JXqwd2vQWJBy42Id6x4QLmzT0rDYEUnohIYSz4x/x8ZrEWmvSg
LNl7Mw9M4bUECI/k6sb1auucMppKDSz7Jwu2nuoI5tmdHNFpYctp5B/3fhQvGtuD
WsJL8ByYampJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:55 2024 by rpki-client on console-ams.rpki-client.org