Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/WHwV5yRcGgS-pMw_mPAv8AIGf6g.roa
File: WHwV5yRcGgS-pMw_mPAv8AIGf6g.roa (raw, json)
Hash identifier: h4RXxVIX26gHxyjPmTlrX1jWjOLPg2I3EMHLaDM2BR0=
Subject key identifier: 58:7C:15:E7:24:5C:1A:04:BE:A4:CC:3F:98:F0:2F:F0:02:06:7F:A8
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018A6658C48A273D136FCBFF5CAE5888D64A
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/WHwV5yRcGgS-pMw_mPAv8AIGf6g.roa
Signing time: Tue 05 Sep 2023 17:16:48 +0000
ROA not before: Tue 05 Sep 2023 17:16:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 185.255.99.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
185.15.136.0/23 maxlen: 24
195.149.127.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
45.149.160.0/22 maxlen: 24
185.243.140.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:66:58:c4:8a:27:3d:13:6f:cb:ff:5c:ae:58:88:d6:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 5 17:16:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=587c15e7245c1a04bea4cc3f98f02ff002067fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b0:f7:7d:23:d3:0e:88:ba:f2:57:75:88:76:
db:4f:96:e1:8c:c8:70:87:20:29:36:86:45:b3:6d:
7b:9a:97:a3:93:30:ba:2f:45:08:87:e3:7e:b5:5e:
83:83:d9:9f:e3:49:a3:2e:74:72:0d:4c:5f:99:de:
fd:98:3b:c3:1a:9e:ab:82:a2:07:6b:21:36:35:c2:
0b:c0:a6:9f:68:d4:21:2a:68:b2:4d:f8:61:06:a8:
15:9c:0d:0c:a6:bf:d8:24:e7:c0:a1:00:8e:4b:be:
36:2d:da:a4:b0:2e:47:bc:e2:e4:59:50:c3:e9:3d:
97:65:94:24:ad:db:c2:0c:eb:0d:7f:33:b4:e1:5f:
c2:9f:c9:03:b3:50:64:cf:1a:63:3e:b6:d6:e7:fb:
43:99:1b:dc:ff:6e:74:ca:e6:26:46:55:d5:10:bd:
cc:3f:9f:e6:5b:c0:a1:44:1a:e1:26:1b:ed:2c:ef:
ff:ac:5e:80:a7:06:fc:c6:47:8b:fe:bf:a3:1f:36:
35:52:d7:aa:ec:99:e8:0f:dd:0e:30:05:19:80:28:
1f:39:f6:62:1e:61:59:15:e7:a7:b6:fa:ca:86:a8:
0a:6a:44:7f:97:07:23:0e:d7:61:89:0a:94:3d:9d:
a6:09:68:37:9e:6f:08:57:90:33:ad:cf:64:af:a2:
dd:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:7C:15:E7:24:5C:1A:04:BE:A4:CC:3F:98:F0:2F:F0:02:06:7F:A8
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/WHwV5yRcGgS-pMw_mPAv8AIGf6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.160.0/22
89.32.126.0/24
92.118.108.0/24
185.15.136.0/23
185.243.140.0/22
185.255.99.0/24
194.180.238.0/24
195.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
43:67:e8:6e:1a:74:85:7f:d0:35:f8:f9:f9:82:e1:d8:3b:0a:
af:5b:4a:49:31:b0:fd:05:23:2f:98:66:c7:66:35:bf:b4:e6:
a0:ff:07:94:9c:72:82:08:e1:bc:ab:73:2b:05:17:61:12:6f:
d1:b7:ea:82:f6:d0:21:0c:e8:65:15:ed:4a:9f:2c:46:16:ba:
0a:d3:cb:f2:05:79:3a:34:87:63:35:ab:a9:9c:48:df:fc:54:
11:0e:cc:6d:e9:fe:0a:4b:71:90:ed:3b:48:61:0d:87:89:44:
ff:b2:33:1d:65:6a:ba:56:78:23:6f:5b:6c:d3:2f:45:a3:a9:
3b:e3:91:4b:d1:36:b8:7c:3a:74:64:1e:7f:7f:18:e9:95:e5:
86:d4:07:25:05:c4:f7:02:81:a0:91:49:ec:b7:0c:77:2d:69:
bd:5a:2e:dd:cc:91:ba:48:f5:d5:c8:30:c1:f7:ff:cc:f1:08:
82:50:39:e3:58:01:d7:84:21:b6:a8:f8:9e:97:98:8f:0a:17:
07:3f:9c:8d:3e:c6:8d:c1:6c:4a:59:d0:0e:2b:ef:21:88:22:
ea:c4:ce:a7:df:2a:80:af:2e:bf:bc:60:0c:12:c4:cd:f2:dd:
32:8d:c9:2f:37:79:76:da:53:c3:38:58:98:7f:57:aa:97:a8:
3f:8d:e3:f8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYpmWMSKJz0Tb8v/XK5YiNZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwOTA1MTcxNjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODdjMTVlNzI0NWMxYTA0YmVhNGNjM2Y5OGYwMmZmMDAyMDY3ZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLD3fSPTDoi68ld1iHbbT5bhjMhw
hyApNoZFs217mpejkzC6L0UIh+N+tV6Dg9mf40mjLnRyDUxfmd79mDvDGp6rgqIH
ayE2NcILwKafaNQhKmiyTfhhBqgVnA0Mpr/YJOfAoQCOS742LdqksC5HvOLkWVDD
6T2XZZQkrdvCDOsNfzO04V/Cn8kDs1BkzxpjPrbW5/tDmRvc/250yuYmRlXVEL3M
P5/mW8ChRBrhJhvtLO//rF6Apwb8xkeL/r+jHzY1Uteq7JnoD90OMAUZgCgfOfZi
HmFZFeentvrKhqgKakR/lwcjDtdhiQqUPZ2mCWg3nm8IV5Azrc9kr6LdvwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFh8FeckXBoEvqTMP5jwL/ACBn+oMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvV0h3VjV5UmNHZ1MtcE13X21QQXY4QUlHZjZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLZWgAwQA
WSB+AwQAXHZsAwQBuQ+IAwQCufOMAwQAuf9jAwQAwrTuAwQAw5V/MA0GCSqGSIb3
DQEBCwUAA4IBAQBDZ+huGnSFf9A1+Pn5guHYOwqvW0pJMbD9BSMvmGbHZjW/tOag
/weUnHKCCOG8q3MrBRdhEm/Rt+qC9tAhDOhlFe1KnyxGFroK08vyBXk6NIdjNaup
nEjf/FQRDsxt6f4KS3GQ7TtIYQ2HiUT/sjMdZWq6Vngjb1ts0y9Fo6k745FL0Ta4
fDp0ZB5/fxjpleWG1AclBcT3AoGgkUnstwx3LWm9Wi7dzJG6SPXVyDDB9//M8QiC
UDnjWAHXhCG2qPiel5iPChcHP5yNPsaNwWxKWdAOK+8hiCLqxM6n3yqAry6/vGAM
EsTN8t0yjckvN3l22lPDOFiYf1eql6g/jeP4
-----END CERTIFICATE-----
Generated at Thu Dec 7 16:03:50 2023 by rpki-client on console-fra.rpki-client.org