Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/WpHwZhNEb6pBS7Jp_YsSSCI7wPw.roa
File: WpHwZhNEb6pBS7Jp_YsSSCI7wPw.roa (raw, json)
Hash identifier: AeYuoYW8KTtKKdc4fQFvqyaOXsa5yQpD9vpCl6uHoV4=
Subject key identifier: 5A:91:F0:66:13:44:6F:AA:41:4B:B2:69:FD:8B:12:48:22:3B:C0:FC
Certificate issuer: /CN=3b3daef89306a75f0b88191440742a720afb3f20
Certificate serial: 0192C290B769661A80AC7DC95515B102DAEE
Authority key identifier: 3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/WpHwZhNEb6pBS7Jp_YsSSCI7wPw.roa
Signing time: Fri 25 Oct 2024 07:25:16 +0000
ROA not before: Fri 25 Oct 2024 07:25:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24796
IP address blocks: 185.33.108.0/22 maxlen: 22
185.33.108.0/23 maxlen: 23
185.33.108.0/24 maxlen: 24
185.33.109.0/24 maxlen: 24
185.33.110.0/23 maxlen: 23
185.33.110.0/24 maxlen: 24
185.33.111.0/24 maxlen: 24
193.24.29.0/24 maxlen: 24
193.201.40.0/24 maxlen: 24
2a0f:80::/32 maxlen: 32
2a0f:80:1::/48 maxlen: 48
2a0f:80:2::/48 maxlen: 48
2a0f:80:3::/48 maxlen: 48
2a0f:80:a::/48 maxlen: 48
2a0f:80:b::/48 maxlen: 48
2a0f:80:c::/48 maxlen: 48
2a0f:80:d::/48 maxlen: 48
2a0f:80:e::/48 maxlen: 48
2a0f:80:f::/48 maxlen: 48
2a0f:80:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 25 Oct 2024 07:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c2:90:b7:69:66:1a:80:ac:7d:c9:55:15:b1:02:da:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b3daef89306a75f0b88191440742a720afb3f20
Validity
Not Before: Oct 25 07:25:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a91f06613446faa414bb269fd8b1248223bc0fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:54:39:32:2b:0c:81:ef:56:db:41:b9:81:1d:
1c:d0:ee:ba:3d:c7:ee:cb:20:eb:5f:b8:3f:ed:58:
76:67:48:12:53:89:78:9b:85:e8:e3:66:cb:e2:c5:
9e:7f:ef:9f:d4:65:98:af:ce:39:d8:01:ee:7a:9c:
bf:86:77:5e:84:26:6c:1f:d3:99:e4:93:a0:35:a2:
4d:aa:bf:5e:be:08:c8:b5:c5:0a:6f:c0:3c:48:2d:
ee:92:3c:aa:02:be:20:0e:98:24:c1:08:02:ed:20:
4a:4e:32:a3:52:ed:95:40:23:65:b5:83:bb:74:19:
b0:83:a5:cf:f1:e6:c0:80:13:ce:6e:ba:bb:d9:71:
97:a1:1e:fd:bd:38:b3:ac:2c:95:58:2f:93:fd:3e:
23:fd:31:54:37:cf:db:c4:77:d8:5c:7f:67:b5:9c:
23:04:42:a3:4b:b7:bf:51:31:bc:f2:88:88:86:60:
4b:72:a8:54:51:c8:cc:13:22:2f:3e:c6:20:bb:79:
d1:eb:60:19:f9:5b:3c:da:75:10:ab:dc:a9:e9:d9:
59:a3:10:b6:2a:ee:45:50:61:35:9c:3c:39:bc:cb:
f5:a0:c7:16:14:93:a8:11:a7:a0:8d:13:81:80:f3:
4f:b3:4f:6e:db:21:fd:e6:5e:2d:ce:ce:77:aa:48:
9b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:91:F0:66:13:44:6F:AA:41:4B:B2:69:FD:8B:12:48:22:3B:C0:FC
X509v3 Authority Key Identifier:
keyid:3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/WpHwZhNEb6pBS7Jp_YsSSCI7wPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/Oz2u-JMGp18LiBkUQHQqcgr7PyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.108.0/22
193.24.29.0/24
193.201.40.0/24
IPv6:
2a0f:80::/32
Signature Algorithm: sha256WithRSAEncryption
2f:c6:86:4e:2c:18:de:41:4b:8f:54:e8:3c:bc:04:d6:81:fe:
f0:cb:30:9b:0e:35:8f:f9:04:f4:65:1a:eb:dc:39:c6:c7:52:
e8:60:e7:9b:72:0f:ca:23:e0:36:ac:1f:c5:66:96:d8:64:5f:
8d:f1:fc:7a:c1:5a:95:5e:3e:ca:cc:b3:6e:1c:d9:07:56:3d:
48:ca:18:78:5c:2a:53:1b:b8:bd:e7:1b:fe:83:3f:98:9e:56:
7e:18:16:0f:99:de:b7:2e:1f:75:fd:cb:7b:05:37:91:58:01:
8c:c2:da:af:c7:d8:24:7f:00:ae:60:4c:c1:6a:c3:50:53:2f:
5e:57:46:07:30:74:61:5c:3c:08:16:d3:f0:22:d1:d7:c0:df:
e3:6b:a8:e7:f0:b5:a4:d0:5c:fb:1f:4c:eb:23:6c:11:15:f5:
a6:e1:59:5f:c6:b0:3b:eb:ff:88:05:ac:d3:31:56:d1:4c:58:
8e:91:e3:b5:84:50:96:e0:17:22:ae:ce:5e:96:54:69:5b:09:
25:87:aa:d2:31:35:b1:f6:c5:f9:47:22:bb:be:ff:4e:24:d5:
a7:68:00:ab:e7:ed:18:2b:2b:fe:70:97:61:fc:10:6d:a8:48:
96:3c:26:2e:21:11:05:0c:79:41:8e:1b:53:ff:50:ae:41:51:
a2:90:69:90
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZLCkLdpZhqArH3JVRWxAtruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiM2RhZWY4OTMwNmE3NWYwYjg4MTkxNDQwNzQyYTcyMGFm
YjNmMjAwHhcNMjQxMDI1MDcyNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTkxZjA2NjEzNDQ2ZmFhNDE0YmIyNjlmZDhiMTI0ODIyM2JjMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51Q5MisMge9W20G5gR0c0O66Pcfu
yyDrX7g/7Vh2Z0gSU4l4m4Xo42bL4sWef++f1GWYr8452AHuepy/hndehCZsH9OZ
5JOgNaJNqr9evgjItcUKb8A8SC3ukjyqAr4gDpgkwQgC7SBKTjKjUu2VQCNltYO7
dBmwg6XP8ebAgBPObrq72XGXoR79vTizrCyVWC+T/T4j/TFUN8/bxHfYXH9ntZwj
BEKjS7e/UTG88oiIhmBLcqhUUcjMEyIvPsYgu3nR62AZ+Vs82nUQq9yp6dlZoxC2
Ku5FUGE1nDw5vMv1oMcWFJOoEaegjROBgPNPs09u2yH95l4tzs53qkibtwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFqR8GYTRG+qQUuyaf2LEkgiO8D8MB8GA1UdIwQY
MBaAFDs9rviTBqdfC4gZFEB0KnIK+z8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3oydS1KTUdwMThMaUJrVVFIUXFjZ3I3UHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9mMTUwYjEtNDNiOS00OTExLWEwMDUt
YWFjYWQ4NmM2MTdkLzEvV3BId1poTkViNnBCUzdKcF9Zc1NTQ0k3d1B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9mMTUwYjEtNDNiOS00OTExLWEwMDUtYWFjYWQ4NmM2MTdk
LzEvT3oydS1KTUdwMThMaUJrVVFIUXFjZ3I3UHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuSFsAwQA
wRgdAwQAwckoMA0EAgACMAcDBQAqDwCAMA0GCSqGSIb3DQEBCwUAA4IBAQAvxoZO
LBjeQUuPVOg8vATWgf7wyzCbDjWP+QT0ZRrr3DnGx1LoYOebcg/KI+A2rB/FZpbY
ZF+N8fx6wVqVXj7KzLNuHNkHVj1Iyhh4XCpTG7i95xv+gz+YnlZ+GBYPmd63Lh91
/ct7BTeRWAGMwtqvx9gkfwCuYEzBasNQUy9eV0YHMHRhXDwIFtPwItHXwN/ja6jn
8LWk0Fz7H0zrI2wRFfWm4VlfxrA76/+IBazTMVbRTFiOkeO1hFCW4Bcirs5ellRp
Wwklh6rSMTWx9sX5RyK7vv9OJNWnaACr5+0YKyv+cJdh/BBtqEiWPCYuIREFDHlB
jhtT/1CuQVGikGmQ
-----END CERTIFICATE-----
Generated at Fri Oct 25 09:57:07 2024 by rpki-client on console-fra.rpki-client.org