Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/086277-821c-405a-9e75-9ba719f259cb/1/wGhlx2kVYMpXPic2WrAahI_dI38.roa
File: wGhlx2kVYMpXPic2WrAahI_dI38.roa (raw, json)
Hash identifier: zkgbW+jo9fVGo4ZAyKQaOwBcBu1Oyczx//a3ZkoAw5I=
Subject key identifier: C0:68:65:C7:69:15:60:CA:57:3E:27:36:5A:B0:1A:84:8F:DD:23:7F
Certificate issuer: /CN=1746948856a2b0adf304a16d0d3ad66857f7fd39
Certificate serial: 018CC500DF2DCB17CEF4FC2CD4879F9CACFC
Authority key identifier: 17:46:94:88:56:A2:B0:AD:F3:04:A1:6D:0D:3A:D6:68:57:F7:FD:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0aUiFaisK3zBKFtDTrWaFf3_Tk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/086277-821c-405a-9e75-9ba719f259cb/1/wGhlx2kVYMpXPic2WrAahI_dI38.roa
Signing time: Mon 01 Jan 2024 12:30:17 +0000
ROA not before: Mon 01 Jan 2024 12:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15699
IP address blocks: 87.236.216.0/21 maxlen: 32
88.151.212.0/23 maxlen: 32
88.151.208.0/22 maxlen: 32
88.151.214.0/23 maxlen: 32
185.11.200.0/22 maxlen: 32
94.24.114.0/24 maxlen: 32
94.24.112.0/20 maxlen: 32
212.36.64.0/19 maxlen: 32
109.235.128.0/21 maxlen: 32
2a01:1c8::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 May 2024 07:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:df:2d:cb:17:ce:f4:fc:2c:d4:87:9f:9c:ac:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1746948856a2b0adf304a16d0d3ad66857f7fd39
Validity
Not Before: Jan 1 12:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c06865c7691560ca573e27365ab01a848fdd237f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2b:00:5d:98:b1:1b:23:89:28:f1:f6:80:a1:
79:f7:bc:55:41:32:9f:41:09:cb:63:72:2e:47:84:
c8:23:cc:f0:32:ea:24:82:e3:1e:93:ef:f3:79:1a:
37:77:2c:e6:c8:c4:dd:8c:9e:3a:7a:2b:b3:a6:e8:
c3:c0:45:47:47:e5:0c:5e:eb:44:a0:ef:cb:3e:d2:
ac:88:c7:27:89:61:d2:fe:55:5f:63:77:3f:82:29:
19:4c:24:1c:f9:d3:60:10:38:d1:92:e8:dc:43:24:
05:65:26:ab:40:19:09:74:64:99:91:a1:6c:61:8f:
65:53:66:9d:27:2d:7f:17:ef:2e:b0:7b:f3:7f:08:
16:5f:af:6a:42:74:e0:ff:c1:37:05:32:b4:08:93:
13:40:c3:1c:73:e5:b9:66:53:fc:b6:74:ea:a4:11:
ee:c5:67:c5:ad:8e:b7:c5:e0:73:cc:8f:1d:15:55:
6c:46:ed:ea:3e:b2:e1:1c:d4:87:a9:58:18:e5:8f:
af:81:e2:21:78:23:ee:fc:95:46:8c:92:cc:06:d8:
b1:13:df:57:0d:86:19:8b:e5:4c:10:1a:97:e7:77:
34:20:d8:57:2a:a5:d6:81:2a:f4:3f:11:18:1f:35:
36:f1:6c:60:ef:84:43:06:d2:8d:0f:49:9f:2e:14:
4e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:68:65:C7:69:15:60:CA:57:3E:27:36:5A:B0:1A:84:8F:DD:23:7F
X509v3 Authority Key Identifier:
keyid:17:46:94:88:56:A2:B0:AD:F3:04:A1:6D:0D:3A:D6:68:57:F7:FD:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0aUiFaisK3zBKFtDTrWaFf3_Tk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/086277-821c-405a-9e75-9ba719f259cb/1/wGhlx2kVYMpXPic2WrAahI_dI38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/086277-821c-405a-9e75-9ba719f259cb/1/F0aUiFaisK3zBKFtDTrWaFf3_Tk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.216.0/21
88.151.208.0/21
94.24.112.0/20
109.235.128.0/21
185.11.200.0/22
212.36.64.0/19
IPv6:
2a01:1c8::/32
Signature Algorithm: sha256WithRSAEncryption
6a:70:c9:9b:1f:89:bb:52:bc:9d:61:96:28:ea:ff:0b:9e:1c:
4c:a0:30:71:2d:00:f9:be:fb:2a:c2:8e:9d:72:b7:74:c8:55:
4a:e8:e0:2a:ed:45:ba:a0:49:5c:63:75:20:85:78:24:0e:ab:
51:c8:05:0d:b6:fe:1f:36:9e:52:cc:a8:8b:4a:1c:d1:64:d3:
1c:0e:89:8c:56:65:df:27:f7:58:94:f9:2a:c1:46:1e:fc:57:
6d:5c:5e:b7:d0:31:ec:8f:a7:aa:29:3f:6d:b9:a5:94:41:49:
fb:c8:8a:86:fb:49:c4:8d:1c:cf:a7:8f:8c:f8:d0:31:70:70:
82:b9:5a:43:39:5d:73:95:4c:9a:2a:1c:11:f8:60:05:00:3e:
d4:a9:23:9b:bd:63:16:42:62:19:51:9b:28:50:13:ef:16:6e:
33:6f:48:62:ec:ec:e3:ff:7d:d4:16:75:43:f1:63:91:0e:08:
93:6f:d7:c0:ea:96:55:0a:78:24:e9:ad:c2:75:a1:b6:48:b2:
bd:dd:ca:d2:39:89:d4:8d:ff:05:33:95:70:ef:18:52:21:35:
81:10:f2:d7:1f:89:fb:d2:11:b6:f5:fe:8b:ac:84:31:8b:55:
eb:be:d2:a1:57:21:0f:fb:c4:4c:44:6b:13:59:48:56:cc:70:
6d:44:3f:02
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzFAN8tyxfO9Pws1IefnKz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDY5NDg4NTZhMmIwYWRmMzA0YTE2ZDBkM2FkNjY4NTdm
N2ZkMzkwHhcNMjQwMTAxMTIzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDY4NjVjNzY5MTU2MGNhNTczZTI3MzY1YWIwMWE4NDhmZGQyMzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSsAXZixGyOJKPH2gKF597xVQTKf
QQnLY3IuR4TII8zwMuokguMek+/zeRo3dyzmyMTdjJ46eiuzpujDwEVHR+UMXutE
oO/LPtKsiMcniWHS/lVfY3c/gikZTCQc+dNgEDjRkujcQyQFZSarQBkJdGSZkaFs
YY9lU2adJy1/F+8usHvzfwgWX69qQnTg/8E3BTK0CJMTQMMcc+W5ZlP8tnTqpBHu
xWfFrY63xeBzzI8dFVVsRu3qPrLhHNSHqVgY5Y+vgeIheCPu/JVGjJLMBtixE99X
DYYZi+VMEBqX53c0INhXKqXWgSr0PxEYHzU28Wxg74RDBtKND0mfLhROaQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMBoZcdpFWDKVz4nNlqwGoSP3SN/MB8GA1UdIwQY
MBaAFBdGlIhWorCt8wShbQ061mhX9/05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBhVWlGYWlzSzN6QktGdERUcldhRmYzX1RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wODYyNzctODIxYy00MDVhLTllNzUt
OWJhNzE5ZjI1OWNiLzEvd0dobHgya1ZZTXBYUGljMldyQWFoSV9kSTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wODYyNzctODIxYy00MDVhLTllNzUtOWJhNzE5ZjI1OWNi
LzEvRjBhVWlGYWlzSzN6QktGdERUcldhRmYzX1RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDV+zYAwQD
WJfQAwQEXhhwAwQDbeuAAwQCuQvIAwQF1CRAMA0EAgACMAcDBQAqAQHIMA0GCSqG
SIb3DQEBCwUAA4IBAQBqcMmbH4m7UrydYZYo6v8LnhxMoDBxLQD5vvsqwo6dcrd0
yFVK6OAq7UW6oElcY3UghXgkDqtRyAUNtv4fNp5SzKiLShzRZNMcDomMVmXfJ/dY
lPkqwUYe/FdtXF630DHsj6eqKT9tuaWUQUn7yIqG+0nEjRzPp4+M+NAxcHCCuVpD
OV1zlUyaKhwR+GAFAD7UqSObvWMWQmIZUZsoUBPvFm4zb0hi7Ozj/33UFnVD8WOR
DgiTb9fA6pZVCngk6a3CdaG2SLK93crSOYnUjf8FM5Vw7xhSITWBEPLXH4n70hG2
9f6LrIQxi1XrvtKhVyEP+8RMRGsTWUhWzHBtRD8C
-----END CERTIFICATE-----
Generated at Wed May 15 10:27:38 2024 by rpki-client on console-ams.rpki-client.org