Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/WuHzva3PvQ60G-gj5kBuTe6Vneo.roa
File: WuHzva3PvQ60G-gj5kBuTe6Vneo.roa (raw, json)
Hash identifier: nrGQphJOinbnWc+X6gF2eJOJXf+rTAO59BUXol1Fp1s=
Subject key identifier: 5A:E1:F3:BD:AD:CF:BD:0E:B4:1B:E8:23:E6:40:6E:4D:EE:95:9D:EA
Certificate issuer: /CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Certificate serial: 018B907FCA84E0E54407DAA81AC2A7963423
Authority key identifier: 4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/WuHzva3PvQ60G-gj5kBuTe6Vneo.roa
Signing time: Thu 02 Nov 2023 14:46:15 +0000
ROA not before: Thu 02 Nov 2023 14:46:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16276
IP address blocks: 123.100.227.0/24 maxlen: 24
64.225.244.0/23 maxlen: 23
148.222.40.0/22 maxlen: 22
104.225.253.0/24 maxlen: 24
216.183.120.0/24 maxlen: 24
64.95.150.0/23 maxlen: 23
167.234.38.0/24 maxlen: 24
63.251.117.0/24 maxlen: 24
216.203.15.0/24 maxlen: 24
198.49.103.0/24 maxlen: 24
46.17.217.0/24 maxlen: 24
91.198.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:90:7f:ca:84:e0:e5:44:07:da:a8:1a:c2:a7:96:34:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Validity
Not Before: Nov 2 14:46:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ae1f3bdadcfbd0eb41be823e6406e4dee959dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c0:9e:85:f3:2b:28:d4:7b:82:48:1d:fc:a4:
44:41:d8:c0:33:1c:c3:43:cf:0e:fe:26:d3:80:b7:
39:a4:cb:67:18:10:09:31:5a:82:3c:19:ef:ab:bb:
c5:6f:8c:b9:86:8e:32:bf:91:a7:27:14:3a:95:28:
58:5a:85:fb:ef:2a:1f:6a:09:6e:31:df:89:7e:bf:
27:88:72:e0:51:ee:fe:1b:31:51:8d:e0:a8:b0:5a:
c1:2c:fb:75:fd:4c:69:fd:02:d5:4d:ca:fa:64:ae:
b4:04:d9:ef:7b:34:43:4f:5f:91:8f:b7:f4:b7:62:
76:3a:6d:b3:76:19:83:4d:a2:6e:57:59:a9:b9:dd:
7c:0f:61:dd:ba:fb:3e:d1:d8:27:90:cf:3a:fa:69:
dd:8c:27:bf:11:23:34:01:f1:22:1d:84:9e:28:22:
b0:bf:83:f6:6a:7b:c5:b6:d4:85:d8:86:dc:3f:b4:
1c:9d:98:68:d3:06:f5:94:44:49:d1:2f:d0:20:e6:
72:46:d3:be:dc:43:52:c6:b1:ef:0e:35:14:34:91:
86:d5:6a:eb:60:e8:52:23:5e:90:cc:38:fa:0e:5b:
da:ab:50:5c:b0:7f:3b:73:50:7f:88:77:c1:eb:fc:
6d:a2:0b:a1:ff:98:4d:1b:83:e7:d8:0b:62:4b:e5:
a8:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:E1:F3:BD:AD:CF:BD:0E:B4:1B:E8:23:E6:40:6E:4D:EE:95:9D:EA
X509v3 Authority Key Identifier:
keyid:4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/WuHzva3PvQ60G-gj5kBuTe6Vneo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/T5Exd1syYLEaFiQNHY52iR1_NzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.217.0/24
63.251.117.0/24
64.95.150.0/23
64.225.244.0/23
91.198.19.0/24
104.225.253.0/24
123.100.227.0/24
148.222.40.0/22
167.234.38.0/24
198.49.103.0/24
216.183.120.0/24
216.203.15.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:05:2a:db:0f:31:76:45:85:f5:9a:46:10:61:87:88:26:5b:
26:9a:e8:a0:ba:e7:f3:9e:56:fb:14:e3:7f:6b:52:fb:2b:14:
3b:9d:e7:32:00:47:36:37:62:fd:7e:01:f5:73:18:63:4b:5b:
f8:69:fd:ca:e5:c1:b5:5a:cc:74:4a:e4:4e:34:42:07:80:8e:
90:67:c0:8c:69:b3:7b:42:c2:35:6b:29:53:06:ef:25:2d:f6:
88:98:2e:f1:04:a5:27:73:bb:c3:67:79:e5:ba:b8:06:09:aa:
21:34:db:ec:57:ee:1c:b6:81:ae:bc:da:f7:16:f7:a8:fd:15:
c8:63:37:11:27:e6:da:7b:cb:83:be:9e:40:33:46:74:ae:4a:
3c:c2:71:5f:05:fb:8b:5c:53:1b:14:8d:58:e1:7f:93:9f:7a:
ce:50:89:27:b0:8c:52:5f:06:39:4b:8e:ea:fc:9b:d7:2d:36:
b1:14:3a:71:d7:b2:4e:be:2a:01:5c:b1:fb:cb:f8:53:d3:30:
32:36:eb:f0:c9:a4:ea:6e:e1:93:c5:c2:63:09:8c:b8:0e:73:
64:b6:2f:54:f4:77:c5:66:37:b4:cd:09:66:6d:11:04:96:4f:
e7:7a:d4:5a:2a:19:24:1b:06:a9:e6:3f:c5:5e:cd:d9:7f:26:
fb:a5:b3:fa
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYuQf8qE4OVEB9qoGsKnljQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTEzMTc3NWIzMjYwYjExYTE2MjQwZDFkOGU3Njg5MWQ3
ZjM3MzIwHhcNMjMxMTAyMTQ0NjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWUxZjNiZGFkY2ZiZDBlYjQxYmU4MjNlNjQwNmU0ZGVlOTU5ZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsCehfMrKNR7gkgd/KREQdjAMxzD
Q88O/ibTgLc5pMtnGBAJMVqCPBnvq7vFb4y5ho4yv5GnJxQ6lShYWoX77yofaglu
Md+Jfr8niHLgUe7+GzFRjeCosFrBLPt1/Uxp/QLVTcr6ZK60BNnvezRDT1+Rj7f0
t2J2Om2zdhmDTaJuV1mpud18D2Hduvs+0dgnkM86+mndjCe/ESM0AfEiHYSeKCKw
v4P2anvFttSF2IbcP7QcnZho0wb1lERJ0S/QIOZyRtO+3ENSxrHvDjUUNJGG1Wrr
YOhSI16QzDj6Dlvaq1BcsH87c1B/iHfB6/xtoguh/5hNG4Pn2AtiS+WohQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFFrh872tz70OtBvoI+ZAbk3ulZ3qMB8GA1UdIwQY
MBaAFE+RMXdbMmCxGhYkDR2OdokdfzcyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMt
YWI2M2Q0NWY0YjZhLzEvV3VIenZhM1B2UTYwRy1najVrQnVUZTZWbmVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMtYWI2M2Q0NWY0YjZh
LzEvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALhHZAwQA
P/t1AwQBQF+WAwQBQOH0AwQAW8YTAwQAaOH9AwQAe2TjAwQClN4oAwQAp+omAwQA
xjFnAwQA2Ld4AwQA2MsPMA0GCSqGSIb3DQEBCwUAA4IBAQBqBSrbDzF2RYX1mkYQ
YYeIJlsmmuiguufznlb7FON/a1L7KxQ7necyAEc2N2L9fgH1cxhjS1v4af3K5cG1
Wsx0SuRONEIHgI6QZ8CMabN7QsI1aylTBu8lLfaImC7xBKUnc7vDZ3nlurgGCaoh
NNvsV+4ctoGuvNr3Fveo/RXIYzcRJ+bae8uDvp5AM0Z0rko8wnFfBfuLXFMbFI1Y
4X+Tn3rOUIknsIxSXwY5S47q/JvXLTaxFDpx17JOvioBXLH7y/hT0zAyNuvwyaTq
buGTxcJjCYy4DnNkti9U9HfFZje0zQlmbREElk/netRaKhkkGwap5j/FXs3Zfyb7
pbP6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:08 2024 by rpki-client on console-ams.rpki-client.org