Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/wSbCnFNZiq5roVPoJTlIi_zxI64.roa
File: wSbCnFNZiq5roVPoJTlIi_zxI64.roa (raw, json)
Hash identifier: VBUgFIEeTwIXvmEdbcFPorZN0gxNwxdO7sCROb26eSA=
Subject key identifier: C1:26:C2:9C:53:59:8A:AE:6B:A1:53:E8:25:39:48:8B:FC:F1:23:AE
Certificate issuer: /CN=352ae33b11b36a319ba81347d852480d8e74c87d
Certificate serial: 01856B40C65A0C6EF54474AC6EE3C40F3D9F
Authority key identifier: 35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/wSbCnFNZiq5roVPoJTlIi_zxI64.roa
Signing time: Sun 01 Jan 2023 02:54:44 +0000
ROA not before: Sun 01 Jan 2023 02:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200555
IP address blocks: 46.24.73.0/24 maxlen: 24
212.145.48.0/24 maxlen: 24
212.145.58.0/24 maxlen: 24
212.145.62.0/24 maxlen: 24
77.228.197.0/24 maxlen: 24
77.228.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:40:c6:5a:0c:6e:f5:44:74:ac:6e:e3:c4:0f:3d:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352ae33b11b36a319ba81347d852480d8e74c87d
Validity
Not Before: Jan 1 02:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c126c29c53598aae6ba153e82539488bfcf123ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7a:31:b6:76:50:ce:97:3f:e7:bf:6e:7a:bc:
58:88:3c:31:da:46:83:6f:dc:cc:f6:d3:f2:54:b5:
28:2a:8a:32:9d:ed:3c:72:62:b7:00:c0:14:2e:68:
6c:6e:2d:8c:d4:a9:fe:98:7c:db:52:db:32:c0:32:
a0:fa:5d:ec:16:39:4c:7b:aa:42:15:9f:3c:5b:d7:
cc:bf:23:a2:8e:aa:87:4c:99:75:67:01:8c:9c:9f:
95:ee:c9:71:0a:f5:f2:7e:e9:50:b0:4d:53:38:a9:
af:d9:cb:a5:74:d7:52:2b:13:b3:cf:08:29:82:8f:
5e:43:dc:a4:51:cc:97:02:5f:09:9c:bd:ca:5f:7b:
08:f8:18:8c:fa:1e:75:ad:5d:92:8a:08:4c:21:b9:
a7:05:2a:10:cc:29:0b:b5:d2:e7:72:5e:84:17:c3:
fe:56:d8:ba:1f:38:dd:7b:00:bc:b7:24:6b:56:ad:
46:82:b3:10:63:f9:4c:8c:56:00:8a:0d:9c:93:58:
93:ef:e0:24:13:74:a7:71:7e:02:89:bc:33:4c:2d:
55:c1:fe:f1:0a:21:10:b5:0e:00:5f:ee:72:53:55:
6d:3b:d5:07:99:91:91:d5:7f:b2:a7:6b:a5:7c:22:
da:6d:30:d9:38:cb:76:b5:44:28:a8:09:bb:f2:1e:
16:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:26:C2:9C:53:59:8A:AE:6B:A1:53:E8:25:39:48:8B:FC:F1:23:AE
X509v3 Authority Key Identifier:
keyid:35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/wSbCnFNZiq5roVPoJTlIi_zxI64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.24.73.0/24
77.228.196.0/23
212.145.48.0/24
212.145.58.0/24
212.145.62.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:59:7f:49:e8:9f:9f:be:2d:f3:b9:b1:93:00:f1:af:75:06:
c6:a1:8c:6f:84:3d:62:15:44:df:80:43:1d:08:f3:74:08:34:
fa:d4:db:db:a7:58:c1:3f:3e:62:19:23:15:15:9b:27:d8:22:
01:c5:1c:f3:9d:55:df:36:07:84:4d:d0:9b:ce:37:38:c8:c4:
3c:16:8d:fe:bf:21:b9:5e:4f:d3:84:34:24:99:68:98:ce:3a:
a4:a6:c0:a6:f4:5e:40:58:fc:22:71:28:73:08:ea:4b:57:69:
ad:ef:29:ee:ec:8d:97:f2:0e:35:48:cd:ea:cd:71:5a:06:28:
48:23:12:fc:f7:52:e8:7f:dc:db:9e:76:fe:df:7a:4b:31:76:
a3:c1:21:71:c8:1b:56:1e:8b:6f:5b:1c:c3:9d:0e:a7:a7:8f:
b5:7a:23:d6:3c:45:59:ad:87:0b:f3:8d:d4:c1:ed:72:b7:a3:
c6:5b:0f:84:ac:94:3e:52:de:88:dc:08:02:85:00:5c:3b:46:
24:56:6a:3b:67:4f:27:cd:f5:a4:9c:cc:29:19:dd:78:7d:26:
79:aa:5e:de:eb:74:1b:32:df:9b:21:8d:e1:31:bf:0a:f6:32:
d5:b2:e8:49:74:e8:7a:30:d6:62:bd:5e:23:8f:ca:7d:10:31:
46:f9:9f:a7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVrQMZaDG71RHSsbuPEDz2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmFlMzNiMTFiMzZhMzE5YmE4MTM0N2Q4NTI0ODBkOGU3
NGM4N2QwHhcNMjMwMTAxMDI1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTI2YzI5YzUzNTk4YWFlNmJhMTUzZTgyNTM5NDg4YmZjZjEyM2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnoxtnZQzpc/579uerxYiDwx2kaD
b9zM9tPyVLUoKooyne08cmK3AMAULmhsbi2M1Kn+mHzbUtsywDKg+l3sFjlMe6pC
FZ88W9fMvyOijqqHTJl1ZwGMnJ+V7slxCvXyfulQsE1TOKmv2culdNdSKxOzzwgp
go9eQ9ykUcyXAl8JnL3KX3sI+BiM+h51rV2SighMIbmnBSoQzCkLtdLncl6EF8P+
Vti6HzjdewC8tyRrVq1GgrMQY/lMjFYAig2ck1iT7+AkE3SncX4CibwzTC1Vwf7x
CiEQtQ4AX+5yU1VtO9UHmZGR1X+yp2ulfCLabTDZOMt2tUQoqAm78h4WxQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMEmwpxTWYqua6FT6CU5SIv88SOuMB8GA1UdIwQY
MBaAFDUq4zsRs2oxm6gTR9hSSA2OdMh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMt
MjUwNTBjNTkzYWExLzEvd1NiQ25GTlppcTVyb1ZQb0pUbElpX3p4STY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMtMjUwNTBjNTkzYWEx
LzEvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALhhJAwQB
TeTEAwQA1JEwAwQA1JE6AwQA1JE+MA0GCSqGSIb3DQEBCwUAA4IBAQA9WX9J6J+f
vi3zubGTAPGvdQbGoYxvhD1iFUTfgEMdCPN0CDT61Nvbp1jBPz5iGSMVFZsn2CIB
xRzznVXfNgeETdCbzjc4yMQ8Fo3+vyG5Xk/ThDQkmWiYzjqkpsCm9F5AWPwicShz
COpLV2mt7ynu7I2X8g41SM3qzXFaBihIIxL891Lof9zbnnb+33pLMXajwSFxyBtW
HotvWxzDnQ6np4+1eiPWPEVZrYcL843Uwe1yt6PGWw+ErJQ+Ut6I3AgChQBcO0Yk
Vmo7Z08nzfWknMwpGd14fSZ5ql7e63QbMt+bIY3hMb8K9jLVsuhJdOh6MNZivV4j
j8p9EDFG+Z+n
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:12 2024 by rpki-client on console-ams.rpki-client.org