Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Wp5eqYYpMtveiKHSK7uRoHsmybY.roa
File: Wp5eqYYpMtveiKHSK7uRoHsmybY.roa (raw, json)
Hash identifier: Ugp2S9VGiYTBJ0Rqj6OzCgRfk5RVLdQcqVARCEsCZss=
Subject key identifier: 5A:9E:5E:A9:86:29:32:DB:DE:88:A1:D2:2B:BB:91:A0:7B:26:C9:B6
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018FC48B4BE1CD4D420398CE3BEF96EFC5DC
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Wp5eqYYpMtveiKHSK7uRoHsmybY.roa
Signing time: Wed 29 May 2024 13:30:14 +0000
ROA not before: Wed 29 May 2024 13:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 45.67.117.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jun 2024 13:55:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c4:8b:4b:e1:cd:4d:42:03:98:ce:3b:ef:96:ef:c5:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: May 29 13:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a9e5ea9862932dbde88a1d22bbb91a07b26c9b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7e:e7:a5:59:af:6c:52:71:93:2f:d9:1d:fb:
48:9e:34:55:aa:6b:64:b2:52:4c:a6:06:94:26:17:
63:fb:df:c1:ed:c4:b8:b1:18:b6:7c:6e:4b:cd:12:
4b:59:40:9d:16:8a:c6:31:31:be:47:05:32:3f:90:
ef:cc:02:6b:d6:ca:fc:4a:3a:6d:9b:76:c3:a1:67:
ac:68:dd:12:07:34:17:1b:9f:94:2e:ab:c7:36:bf:
6c:ea:f9:a3:3b:33:3e:e7:c8:85:ef:f3:28:46:5a:
58:05:98:04:c6:74:9b:16:4f:9f:89:86:38:83:48:
22:94:5b:a2:d6:14:6c:8a:dd:88:50:8c:0e:f8:2b:
00:d5:f3:bf:3b:7a:84:87:64:53:f0:2c:d9:6b:c4:
5a:08:97:9e:c8:d1:5a:c0:e5:35:1a:76:0b:7d:a4:
a8:62:42:15:72:be:b3:3b:d7:4f:50:77:04:8f:6d:
15:d7:fe:a4:94:e6:94:c8:2c:8c:24:85:84:2e:af:
be:f1:aa:ec:cc:76:51:d0:26:46:c5:f2:90:14:cc:
c3:d0:9f:a9:65:91:9c:b5:96:6c:dd:a8:20:08:75:
e9:b6:58:e6:0e:6c:7d:5c:9e:1f:5a:ba:dc:27:41:
c4:ff:26:6e:27:25:1d:85:7a:2f:a6:87:a5:b4:a3:
89:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:9E:5E:A9:86:29:32:DB:DE:88:A1:D2:2B:BB:91:A0:7B:26:C9:B6
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Wp5eqYYpMtveiKHSK7uRoHsmybY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.117.0/24
91.242.71.0-91.242.73.255
91.242.75.0/24
91.242.103.0/24
94.231.198.0/24
185.40.105.0/24
194.180.238.0/24
194.213.10.0/24
194.242.28.0/23
Signature Algorithm: sha256WithRSAEncryption
72:d6:8f:30:19:67:ec:1c:8f:6a:7a:7d:7b:71:29:f6:ac:df:
50:57:07:0c:69:11:eb:33:95:f9:f3:d9:c4:3f:9f:11:df:c6:
f6:a6:e5:79:15:8a:57:ee:ff:b0:92:48:f2:d8:80:27:6e:aa:
78:24:24:c9:aa:8c:54:2c:a5:00:03:f3:2d:47:68:1e:f1:2c:
05:03:1f:8e:bf:f4:3a:b4:5c:87:e6:4f:fd:df:6b:90:22:a0:
79:57:3e:91:9b:9a:8a:a2:fa:dd:c6:d0:ab:bb:17:90:e4:40:
80:16:dc:55:d7:d3:c7:e7:09:77:af:9d:3a:0c:d6:e6:0b:7c:
da:0e:dd:e1:f2:99:28:01:d1:d9:60:88:cd:99:a0:a1:05:2c:
80:d6:f1:08:5b:10:9a:15:4c:cb:b3:ce:91:f4:f7:e0:73:a8:
eb:6f:56:e1:a4:f8:df:e9:99:c6:f9:9c:18:99:b7:0b:da:35:
c6:1c:c5:45:b7:11:45:a6:31:25:7d:97:66:46:e8:b8:07:e4:
85:0c:bf:d0:6f:5f:18:cd:82:71:6c:ce:6e:ef:40:48:a4:93:
42:49:ba:0a:50:57:d5:53:29:1e:c5:76:52:2a:ab:48:cc:24:
5b:e4:62:07:96:0a:19:bc:88:6b:c7:5c:63:0d:55:19:7f:9c:
c4:39:9b:82
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAY/Ei0vhzU1CA5jOO++W78XcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNTI5MTMzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTllNWVhOTg2MjkzMmRiZGU4OGExZDIyYmJiOTFhMDdiMjZjOWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApH7npVmvbFJxky/ZHftInjRVqmtk
slJMpgaUJhdj+9/B7cS4sRi2fG5LzRJLWUCdForGMTG+RwUyP5DvzAJr1sr8Sjpt
m3bDoWesaN0SBzQXG5+ULqvHNr9s6vmjOzM+58iF7/MoRlpYBZgExnSbFk+fiYY4
g0gilFui1hRsit2IUIwO+CsA1fO/O3qEh2RT8CzZa8RaCJeeyNFawOU1GnYLfaSo
YkIVcr6zO9dPUHcEj20V1/6klOaUyCyMJIWELq++8arszHZR0CZGxfKQFMzD0J+p
ZZGctZZs3aggCHXptljmDmx9XJ4fWrrcJ0HE/yZuJyUdhXovpoeltKOJUwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFFqeXqmGKTLb3oih0iu7kaB7Jsm2MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvV3A1ZXFZWXBNdHZlaUtIU0s3dVJvSHNteWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQALUN1MAwD
BABb8kcDBAFb8kgDBABb8ksDBABb8mcDBABe58YDBAC5KGkDBADCtO4DBADC1QoD
BAHC8hwwDQYJKoZIhvcNAQELBQADggEBAHLWjzAZZ+wcj2p6fXtxKfas31BXBwxp
Eeszlfnz2cQ/nxHfxvam5XkVilfu/7CSSPLYgCduqngkJMmqjFQspQAD8y1HaB7x
LAUDH46/9Dq0XIfmT/3fa5AioHlXPpGbmoqi+t3G0Ku7F5DkQIAW3FXX08fnCXev
nToM1uYLfNoO3eHymSgB0dlgiM2ZoKEFLIDW8QhbEJoVTMuzzpH09+BzqOtvVuGk
+N/pmcb5nBiZtwvaNcYcxUW3EUWmMSV9l2ZG6LgH5IUMv9BvXxjNgnFszm7vQEik
k0JJugpQV9VTKR7FdlIqq0jMJFvkYgeWChm8iGvHXGMNVRl/nMQ5m4I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org