Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/wPOiZmmi3wglhcpBF6J8iC9PWGQ.roa
File: wPOiZmmi3wglhcpBF6J8iC9PWGQ.roa (raw, json)
Hash identifier: DmF5hvXszi3Eu3oOzvFJS/q/kt/VULW6X7RnxbltIKU=
Subject key identifier: C0:F3:A2:66:69:A2:DF:08:25:85:CA:41:17:A2:7C:88:2F:4F:58:64
Certificate issuer: /CN=05881f357ea6680dde52a2a9bfbbb6ed4385d8d9
Certificate serial: 01924CEA2E5F625AD82CD54AC17A85D48568
Authority key identifier: 05:88:1F:35:7E:A6:68:0D:DE:52:A2:A9:BF:BB:B6:ED:43:85:D8:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BYgfNX6maA3eUqKpv7u27UOF2Nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/wPOiZmmi3wglhcpBF6J8iC9PWGQ.roa
Signing time: Wed 02 Oct 2024 11:07:48 +0000
ROA not before: Wed 02 Oct 2024 11:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8240
IP address blocks: 185.161.84.0/22 maxlen: 22
185.161.87.0/24 maxlen: 24
185.172.24.0/22 maxlen: 22
195.80.96.0/19 maxlen: 19
213.184.32.0/19 maxlen: 19
2a02:88::/32 maxlen: 32
2a0b:6c00::/29 maxlen: 29
2a0b:6c00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4c:ea:2e:5f:62:5a:d8:2c:d5:4a:c1:7a:85:d4:85:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05881f357ea6680dde52a2a9bfbbb6ed4385d8d9
Validity
Not Before: Oct 2 11:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0f3a26669a2df082585ca4117a27c882f4f5864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a3:5e:df:14:a2:51:59:63:8d:85:47:8d:49:
ec:13:28:fc:b3:48:ba:9f:f0:98:72:40:f3:9a:c7:
56:ed:f0:26:4d:94:90:36:b3:f8:30:18:0b:a3:3e:
cd:05:3a:94:d3:42:7c:13:fb:4d:33:34:d9:5f:8a:
a5:c9:5f:1c:dc:83:4a:b5:10:cc:69:f8:bb:91:d7:
51:ac:47:ed:73:1f:78:48:b3:79:3f:0a:89:9d:54:
36:98:db:5f:98:5d:ad:e1:d9:b1:4c:9e:b0:c3:76:
9a:e1:72:ee:67:ee:68:f0:1d:89:41:f7:af:1b:4a:
2e:bc:fe:a5:09:39:5b:d3:ad:f0:76:2e:15:aa:f1:
e1:83:96:eb:27:1a:6c:bd:64:5d:fe:58:d4:f4:5e:
eb:38:a8:ba:a3:87:4c:90:01:fb:92:88:dc:14:b4:
79:fc:5e:b4:5a:6b:f1:98:6d:ea:ca:db:c9:94:e6:
d9:16:ca:04:51:1a:b5:d9:ac:81:49:68:c2:97:ae:
30:96:49:a8:fc:b7:57:3b:ba:27:a7:ce:04:20:5a:
97:a5:0e:0c:37:5b:51:67:0a:54:fb:d4:58:ee:50:
fa:0f:e0:f3:8f:34:3a:52:cf:0b:d6:6d:8d:17:24:
cb:88:d7:0f:38:d1:25:7d:b9:04:35:d5:37:ac:66:
4e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F3:A2:66:69:A2:DF:08:25:85:CA:41:17:A2:7C:88:2F:4F:58:64
X509v3 Authority Key Identifier:
keyid:05:88:1F:35:7E:A6:68:0D:DE:52:A2:A9:BF:BB:B6:ED:43:85:D8:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYgfNX6maA3eUqKpv7u27UOF2Nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/wPOiZmmi3wglhcpBF6J8iC9PWGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/BYgfNX6maA3eUqKpv7u27UOF2Nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.84.0/22
185.172.24.0/22
195.80.96.0/19
213.184.32.0/19
IPv6:
2a02:88::/32
2a0b:6c00::/29
Signature Algorithm: sha256WithRSAEncryption
08:fc:75:f4:0d:3a:99:6a:5a:cd:ca:52:9f:a3:1b:9e:92:48:
75:e5:f3:04:88:48:4b:74:56:cb:1b:f9:19:02:cd:8f:5b:5c:
08:3b:77:b4:a9:55:70:5c:44:77:e3:f6:c8:57:01:6d:bf:81:
a2:46:c2:83:67:52:59:53:3e:64:46:db:80:23:4c:ea:b7:25:
2a:86:32:91:dc:27:99:58:eb:02:4e:ca:ae:4e:12:28:2c:f4:
3c:cd:a8:06:8c:c9:73:37:2d:39:58:98:a0:ea:2d:a6:51:51:
d9:d9:18:0d:b4:d8:ec:b0:56:37:e8:66:fc:91:74:6a:63:73:
6f:f8:81:9e:79:04:c6:e4:5c:f5:e8:1c:1f:d5:51:93:d3:1b:
17:66:66:e2:ae:85:6a:cc:96:0f:a2:6d:f9:ba:ba:91:28:e5:
65:37:35:f6:17:06:30:0e:73:d8:7d:f1:47:e1:ad:88:6a:bf:
3a:49:88:d8:27:77:26:9f:6f:2a:6c:e0:82:bf:fb:5b:81:ac:
b7:4b:54:90:f8:30:4e:eb:b3:0b:f3:87:b8:69:88:b7:cb:5b:
6e:21:a3:82:82:9f:f2:cd:06:ac:e8:8e:89:ed:b5:14:3c:15:
66:e7:99:80:6d:3e:d9:aa:e1:5b:12:03:27:e2:2d:31:f0:4e:
ef:25:10:8f
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZJM6i5fYlrYLNVKwXqF1IVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ODgxZjM1N2VhNjY4MGRkZTUyYTJhOWJmYmJiNmVkNDM4
NWQ4ZDkwHhcNMjQxMDAyMTEwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGYzYTI2NjY5YTJkZjA4MjU4NWNhNDExN2EyN2M4ODJmNGY1ODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKNe3xSiUVljjYVHjUnsEyj8s0i6
n/CYckDzmsdW7fAmTZSQNrP4MBgLoz7NBTqU00J8E/tNMzTZX4qlyV8c3INKtRDM
afi7kddRrEftcx94SLN5PwqJnVQ2mNtfmF2t4dmxTJ6ww3aa4XLuZ+5o8B2JQfev
G0ouvP6lCTlb063wdi4VqvHhg5brJxpsvWRd/ljU9F7rOKi6o4dMkAH7kojcFLR5
/F60WmvxmG3qytvJlObZFsoEURq12ayBSWjCl64wlkmo/LdXO7onp84EIFqXpQ4M
N1tRZwpU+9RY7lD6D+DzjzQ6Us8L1m2NFyTLiNcPONElfbkENdU3rGZOwwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMDzomZpot8IJYXKQReifIgvT1hkMB8GA1UdIwQY
MBaAFAWIHzV+pmgN3lKiqb+7tu1DhdjZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQllnZk5YNm1hQTNlVXFLcHY3dTI3VU9GMk5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9hYmMxMDMtY2U2Ni00ZmNjLThmZTEt
M2M5MWFkNGIzZTA4LzEvd1BPaVptbWkzd2dsaGNwQkY2SjhpQzlQV0dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9hYmMxMDMtY2U2Ni00ZmNjLThmZTEtM2M5MWFkNGIzZTA4
LzEvQllnZk5YNm1hQTNlVXFLcHY3dTI3VU9GMk5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCuaFUAwQC
uawYAwQFw1BgAwQF1bggMBQEAgACMA4DBQAqAgCIAwUDKgtsADANBgkqhkiG9w0B
AQsFAAOCAQEACPx19A06mWpazcpSn6MbnpJIdeXzBIhIS3RWyxv5GQLNj1tcCDt3
tKlVcFxEd+P2yFcBbb+BokbCg2dSWVM+ZEbbgCNM6rclKoYykdwnmVjrAk7Krk4S
KCz0PM2oBozJczctOViYoOotplFR2dkYDbTY7LBWN+hm/JF0amNzb/iBnnkExuRc
9egcH9VRk9MbF2Zm4q6FasyWD6Jt+bq6kSjlZTc19hcGMA5z2H3xR+GtiGq/OkmI
2Cd3Jp9vKmzggr/7W4Gst0tUkPgwTuuzC/OHuGmIt8tbbiGjgoKf8s0GrOiOie21
FDwVZueZgG0+2arhWxIDJ+ItMfBO7yUQjw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:16 2025 by rpki-client