Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/wTcJjk1KL6Cp3vQ6uR0Msu0sxcs.roa
File: wTcJjk1KL6Cp3vQ6uR0Msu0sxcs.roa (raw, json)
Hash identifier: ijW2ozR8AYIWX5Wn1i1v+jVB06170FhcRh1Ji4kllLs=
Subject key identifier: C1:37:09:8E:4D:4A:2F:A0:A9:DE:F4:3A:B9:1D:0C:B2:ED:2C:C5:CB
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018973965BDDF18D8CBC204BD83ECFBC79A1
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/wTcJjk1KL6Cp3vQ6uR0Msu0sxcs.roa
Signing time: Thu 20 Jul 2023 13:56:21 +0000
ROA not before: Thu 20 Jul 2023 13:56:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6762
IP address blocks: 85.204.127.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:73:96:5b:dd:f1:8d:8c:bc:20:4b:d8:3e:cf:bc:79:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jul 20 13:56:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c137098e4d4a2fa0a9def43ab91d0cb2ed2cc5cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:da:18:7d:b9:a6:f4:4c:c1:16:bc:16:db:31:
97:82:a0:82:67:9d:36:1e:2d:d3:56:1d:ac:4a:40:
62:88:a6:17:08:b7:df:08:0b:f5:7e:5a:69:33:b0:
a2:da:8b:99:ac:6e:c3:5a:43:00:03:fc:4e:67:fb:
19:c8:df:5f:59:b5:ff:9f:6b:e0:f2:14:94:9e:34:
28:f3:d7:31:b4:ca:ce:68:96:f8:bb:68:f4:b5:14:
79:57:7a:33:ec:45:89:8f:05:32:9c:31:14:26:75:
a8:b1:5e:92:9b:db:74:98:6a:a9:18:38:4d:7f:72:
e8:02:33:29:31:b7:4e:7e:45:4b:52:6b:8c:5a:59:
4b:1d:69:cf:53:c4:6d:65:02:20:0c:60:b3:81:13:
f5:22:cc:34:be:af:26:f7:3c:63:97:98:e5:cd:4c:
36:34:74:d3:7e:b4:7f:c2:86:a2:c8:7e:1a:87:2f:
26:11:b2:f8:03:bc:ce:0b:71:5c:30:16:aa:84:38:
47:0a:ed:79:dc:92:75:c4:b2:bf:79:20:a6:df:0f:
d3:ad:d9:17:a0:08:f6:bb:bf:83:c9:22:4b:45:97:
15:89:60:b0:b5:1c:e4:35:13:be:9c:da:02:60:c5:
f2:8c:81:e0:60:3b:f5:05:44:73:31:30:7a:4e:d8:
2d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:37:09:8E:4D:4A:2F:A0:A9:DE:F4:3A:B9:1D:0C:B2:ED:2C:C5:CB
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/wTcJjk1KL6Cp3vQ6uR0Msu0sxcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.127.0/24
89.33.163.0/24
89.39.252.0/24
93.113.158.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:e6:50:ae:94:89:57:13:e2:72:46:3f:8c:a4:14:5b:bc:9e:
5a:38:f5:04:76:59:27:95:23:9e:e0:5e:d0:11:9a:51:76:04:
aa:6b:21:64:f0:c9:fc:56:a8:6d:69:70:53:d0:48:10:46:e8:
72:02:cd:63:d4:d6:d6:85:61:59:eb:1a:e0:30:0f:93:5d:f4:
a6:e3:7d:01:55:64:10:b7:e6:40:08:82:a2:fa:77:d9:4f:c3:
d7:fc:a4:19:7d:82:0e:73:22:ac:2f:76:64:2b:32:64:40:60:
60:82:42:7c:72:bd:db:02:ab:c6:2c:37:87:92:46:a2:b2:55:
2f:81:3f:1a:41:ee:a8:a2:03:94:19:f7:f0:a3:40:bf:27:03:
6c:de:7f:c4:00:dd:06:cc:b8:c9:e2:92:d0:ea:50:6c:27:94:
f7:b3:04:d2:cd:22:e5:4f:0c:a0:14:de:fa:a9:c9:9e:89:4e:
81:71:09:79:7b:78:de:07:a7:02:b1:8f:ff:8a:d2:d0:35:e6:
d7:38:49:ac:79:68:1b:dd:b3:d3:69:a3:0d:91:ed:32:56:02:
26:0f:6a:96:87:62:f1:74:27:a4:98:c1:eb:95:0f:7a:b1:6a:
b4:7a:f0:e0:92:d6:72:0d:0c:87:c0:ae:d8:de:4d:2b:e0:3e:
41:98:34:cc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYlzllvd8Y2MvCBL2D7PvHmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwNzIwMTM1NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTM3MDk4ZTRkNGEyZmEwYTlkZWY0M2FiOTFkMGNiMmVkMmNjNWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotoYfbmm9EzBFrwW2zGXgqCCZ502
Hi3TVh2sSkBiiKYXCLffCAv1flppM7Ci2ouZrG7DWkMAA/xOZ/sZyN9fWbX/n2vg
8hSUnjQo89cxtMrOaJb4u2j0tRR5V3oz7EWJjwUynDEUJnWosV6Sm9t0mGqpGDhN
f3LoAjMpMbdOfkVLUmuMWllLHWnPU8RtZQIgDGCzgRP1Isw0vq8m9zxjl5jlzUw2
NHTTfrR/woaiyH4ahy8mEbL4A7zOC3FcMBaqhDhHCu153JJ1xLK/eSCm3w/TrdkX
oAj2u7+DySJLRZcViWCwtRzkNRO+nNoCYMXyjIHgYDv1BURzMTB6TtgtrQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFME3CY5NSi+gqd70OrkdDLLtLMXLMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvd1RjSmprMUtMNkNwM3ZRNnVSME1zdTBzeGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVcx/AwQA
WSGjAwQAWSf8AwQAXXGeMA0GCSqGSIb3DQEBCwUAA4IBAQB95lCulIlXE+JyRj+M
pBRbvJ5aOPUEdlknlSOe4F7QEZpRdgSqayFk8Mn8VqhtaXBT0EgQRuhyAs1j1NbW
hWFZ6xrgMA+TXfSm430BVWQQt+ZACIKi+nfZT8PX/KQZfYIOcyKsL3ZkKzJkQGBg
gkJ8cr3bAqvGLDeHkkaislUvgT8aQe6oogOUGffwo0C/JwNs3n/EAN0GzLjJ4pLQ
6lBsJ5T3swTSzSLlTwygFN76qcmeiU6BcQl5e3jeB6cCsY//itLQNebXOEmseWgb
3bPTaaMNke0yVgImD2qWh2LxdCekmMHrlQ96sWq0evDgktZyDQyHwK7Y3k0r4D5B
mDTM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org