Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/wyrmSLFRGSWU9bSo6omU7oBk2UU.roa
File: wyrmSLFRGSWU9bSo6omU7oBk2UU.roa (raw, json)
Hash identifier: FjbVdrYaQnnEwS2UtA0gmq1YoLU+O8LTaRhR07wPYaY=
Subject key identifier: C3:2A:E6:48:B1:51:19:25:94:F5:B4:A8:EA:89:94:EE:80:64:D9:45
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018EB02BF411F87284948B8A9D3511101ED8
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/wyrmSLFRGSWU9bSo6omU7oBk2UU.roa
Signing time: Fri 05 Apr 2024 21:30:54 +0000
ROA not before: Fri 05 Apr 2024 21:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.65.113.0/24 maxlen: 24
188.209.132.0/22 maxlen: 24
188.209.133.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Apr 2024 18:55:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b0:2b:f4:11:f8:72:84:94:8b:8a:9d:35:11:10:1e:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Apr 5 21:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c32ae648b151192594f5b4a8ea8994ee8064d945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:00:08:db:ae:9c:ca:c5:b3:07:11:5b:c1:15:
c1:d0:25:e7:b4:f2:b7:d2:57:fc:6f:4e:65:3c:1a:
48:5e:37:57:80:00:41:29:64:d3:62:f5:c8:a9:44:
31:36:81:8e:fd:3d:0d:58:b3:6a:c4:2e:60:92:e2:
92:5b:f0:02:11:f4:4f:51:3a:8b:aa:fa:0c:ab:62:
f8:18:17:a8:d3:8a:cf:8e:73:5b:fe:17:c1:59:ce:
ef:81:55:ff:24:02:a9:80:a7:b7:8d:a1:04:78:9a:
a0:0c:43:97:42:f8:89:dd:97:bc:87:36:48:a7:a2:
97:a0:85:72:22:93:53:cb:46:27:68:02:63:1d:87:
1d:74:ce:fb:07:5b:27:1b:d0:36:08:e8:bf:56:b4:
ee:7e:55:9e:e7:02:bd:07:f0:f1:f3:22:aa:56:fd:
38:7d:41:f2:32:5b:3f:8a:59:62:83:83:03:d5:bb:
d0:e0:3f:cf:81:f0:cd:97:85:ab:99:2c:7f:8a:be:
22:c4:ca:64:18:d8:8e:72:6d:b7:7d:14:8d:fd:4f:
82:70:13:df:f1:e0:5c:b5:17:33:b0:41:d1:65:68:
f0:99:0b:35:0f:ca:4b:64:0c:b6:ec:cd:74:c8:3e:
43:d1:50:da:ea:85:22:39:33:b3:2b:34:af:1c:29:
c9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:2A:E6:48:B1:51:19:25:94:F5:B4:A8:EA:89:94:EE:80:64:D9:45
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/wyrmSLFRGSWU9bSo6omU7oBk2UU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.113.0/24
188.209.132.0/22
188.209.139.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:c3:7c:47:c1:88:e3:54:52:a7:8a:19:18:27:ec:63:0b:37:
1f:34:8a:40:d0:f8:4e:7e:56:42:64:43:d8:4c:a6:0c:ad:5c:
ca:c7:99:9f:d3:aa:35:d3:7f:e3:59:22:b9:84:5e:88:ec:10:
85:f9:b7:cc:4b:24:da:24:8c:a9:5a:fa:7d:31:ad:e1:a3:bd:
2b:2c:51:9b:d8:73:1a:5f:8c:22:85:bb:5b:38:ab:ed:f6:68:
09:e3:c9:59:55:23:00:d0:1b:40:6e:9f:89:26:60:47:8c:6f:
a2:5b:7e:79:68:ba:5f:bc:96:d3:fa:f8:02:ed:cd:bd:b8:47:
eb:34:2d:51:ad:fe:1a:8a:70:5b:d9:71:06:d4:75:af:7f:22:
83:c0:3c:2e:64:03:a3:e4:c8:73:ae:3d:46:c5:f8:17:4b:3c:
f5:11:ce:d9:eb:5a:5c:2c:45:f4:77:3a:7c:9c:31:c3:e7:62:
6e:d8:91:86:47:da:d2:27:dd:d2:61:c2:c3:84:95:18:f2:99:
53:fa:15:47:57:25:08:84:76:c2:6e:a4:1b:db:55:3c:94:ca:
51:80:a6:16:5c:71:5e:b2:88:93:82:de:c5:bf:77:42:df:a9:
6b:28:2a:d7:84:95:e0:b4:4e:d0:7c:18:6e:2b:50:15:29:f2:
0e:31:4d:5f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6wK/QR+HKElIuKnTUREB7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwNDA1MjEzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzJhZTY0OGIxNTExOTI1OTRmNWI0YThlYTg5OTRlZTgwNjRkOTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQAI266cysWzBxFbwRXB0CXntPK3
0lf8b05lPBpIXjdXgABBKWTTYvXIqUQxNoGO/T0NWLNqxC5gkuKSW/ACEfRPUTqL
qvoMq2L4GBeo04rPjnNb/hfBWc7vgVX/JAKpgKe3jaEEeJqgDEOXQviJ3Ze8hzZI
p6KXoIVyIpNTy0YnaAJjHYcddM77B1snG9A2COi/VrTuflWe5wK9B/Dx8yKqVv04
fUHyMls/illig4MD1bvQ4D/PgfDNl4WrmSx/ir4ixMpkGNiOcm23fRSN/U+CcBPf
8eBctRczsEHRZWjwmQs1D8pLZAy27M10yD5D0VDa6oUiOTOzKzSvHCnJVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMMq5kixURkllPW0qOqJlO6AZNlFMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvd3lybVNMRlJHU1dVOWJTbzZvbVU3b0JrMlVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALUFxAwQC
vNGEAwQAvNGLMA0GCSqGSIb3DQEBCwUAA4IBAQCjw3xHwYjjVFKnihkYJ+xjCzcf
NIpA0PhOflZCZEPYTKYMrVzKx5mf06o103/jWSK5hF6I7BCF+bfMSyTaJIypWvp9
Ma3ho70rLFGb2HMaX4wihbtbOKvt9mgJ48lZVSMA0BtAbp+JJmBHjG+iW355aLpf
vJbT+vgC7c29uEfrNC1Rrf4ainBb2XEG1HWvfyKDwDwuZAOj5Mhzrj1GxfgXSzz1
Ec7Z61pcLEX0dzp8nDHD52Ju2JGGR9rSJ93SYcLDhJUY8plT+hVHVyUIhHbCbqQb
21U8lMpRgKYWXHFesoiTgt7Fv3dC36lrKCrXhJXgtE7QfBhuK1AVKfIOMU1f
-----END CERTIFICATE-----
Generated at Sat Apr 6 21:46:02 2024 by rpki-client on console-fra.rpki-client.org