Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/wjn1vlLOOxE7HkiJg4moK-3ZYbc.roa
File: wjn1vlLOOxE7HkiJg4moK-3ZYbc.roa (raw, json)
Hash identifier: QjZr4xyysxdWCVhRyGzCjW4T6uyfDnr+CbaCM9ueECg=
Subject key identifier: C2:39:F5:BE:52:CE:3B:11:3B:1E:48:89:83:89:A8:2B:ED:D9:61:B7
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0188917A0242E51E01BA75375763D40DC49C
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/wjn1vlLOOxE7HkiJg4moK-3ZYbc.roa
Signing time: Tue 06 Jun 2023 16:11:12 +0000
ROA not before: Tue 06 Jun 2023 16:11:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51765
IP address blocks: 193.31.126.0/24 maxlen: 24
88.218.45.0/24 maxlen: 24
88.218.47.0/24 maxlen: 24
193.151.189.0/24 maxlen: 24
193.151.191.0/24 maxlen: 24
193.151.190.0/24 maxlen: 24
178.20.28.0/22 maxlen: 22
45.159.22.0/24 maxlen: 24
45.159.21.0/24 maxlen: 24
194.99.24.0/24 maxlen: 24
77.83.24.0/22 maxlen: 24
194.99.26.0/24 maxlen: 24
83.97.116.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:91:7a:02:42:e5:1e:01:ba:75:37:57:63:d4:0d:c4:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jun 6 16:11:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c239f5be52ce3b113b1e48898389a82bedd961b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:02:58:dd:c4:ca:67:4b:9f:38:2b:a0:3a:31:
65:63:51:fd:03:01:76:8b:20:e6:f4:aa:8a:ad:74:
7b:13:74:d3:3a:b1:69:96:8c:48:fe:4e:7c:96:a7:
de:fe:ee:b7:cd:c6:94:cc:c5:d6:e0:8f:c4:9b:e6:
bb:4a:e0:9d:c4:17:3b:57:78:ba:44:ff:d7:ce:95:
34:6b:74:11:57:90:6d:0b:0d:c1:82:e4:80:9e:a4:
30:57:a0:03:e2:3b:92:e7:50:80:30:32:80:c8:c4:
ed:ca:95:52:88:62:75:07:ee:31:89:70:8e:0c:d5:
ae:4b:20:85:2c:2e:41:26:5c:6e:ea:36:16:fc:d9:
a0:8d:5b:a2:a9:41:cc:7f:dc:be:c0:42:cd:6d:d9:
eb:70:4b:e7:b0:6e:20:31:ac:86:31:89:de:82:5b:
56:de:44:74:cb:09:a1:a5:a8:bb:77:b2:38:6f:62:
4b:83:4f:f6:00:96:4f:32:83:8a:db:1a:44:eb:bd:
62:49:9b:de:ba:74:a3:70:bb:c3:6b:c1:6b:58:e2:
2e:7a:48:e4:eb:f8:49:aa:f1:08:41:45:12:32:7d:
9b:4e:cc:72:be:34:fb:33:41:f3:e3:b1:e9:c7:b8:
07:48:7f:99:35:2d:ec:2c:fa:b6:1b:3f:10:15:0b:
23:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:39:F5:BE:52:CE:3B:11:3B:1E:48:89:83:89:A8:2B:ED:D9:61:B7
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/wjn1vlLOOxE7HkiJg4moK-3ZYbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.21.0-45.159.22.255
77.83.24.0/22
83.97.116.0/22
88.218.45.0/24
88.218.47.0/24
178.20.28.0/22
193.31.126.0/24
193.151.189.0-193.151.191.255
194.99.24.0/24
194.99.26.0/24
Signature Algorithm: sha256WithRSAEncryption
95:9e:1f:eb:56:b0:cd:da:16:7f:33:36:50:40:62:e2:d7:63:
cf:dd:24:91:12:45:54:48:4d:e7:f7:71:f9:28:be:d6:65:2b:
33:3b:49:50:96:89:df:c8:d3:8c:71:0f:fc:f9:d6:1e:13:e9:
88:85:f9:27:20:ae:8d:fb:79:10:ac:f7:92:68:8e:c0:e3:29:
7c:94:cc:76:cd:87:c2:46:14:c7:c9:06:d3:82:ea:2a:8b:bf:
fd:3f:07:c4:ba:65:46:05:fd:76:fe:2f:c7:63:67:0b:4f:74:
4e:bd:40:3b:3f:a5:96:9d:c1:fc:7f:69:12:e1:f1:b7:0a:c1:
c6:b9:25:62:ab:73:3c:de:7e:f1:a4:19:db:4f:2c:a0:b7:b1:
85:73:bb:e7:23:19:32:36:9d:24:fd:a3:40:da:2e:5d:f2:56:
a6:6f:ae:04:18:eb:9e:41:d5:dd:f5:18:c5:81:27:36:99:86:
2b:e7:a3:9c:d9:e6:23:01:29:88:62:12:4d:8e:aa:d4:56:e6:
f7:75:18:76:7c:a1:18:3e:01:a0:9a:19:bb:b4:b0:e5:ca:72:
84:25:ca:93:4d:c3:e8:0d:21:f7:4d:ab:5b:5c:4a:ff:be:b2:
b5:ad:61:4d:f8:fd:94:31:a7:12:2e:c7:50:af:9a:49:ca:0a:
20:5b:3d:d7
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYiRegJC5R4BunU3V2PUDcScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwNjA2MTYxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjM5ZjViZTUyY2UzYjExM2IxZTQ4ODk4Mzg5YTgyYmVkZDk2MWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAJY3cTKZ0ufOCugOjFlY1H9AwF2
iyDm9KqKrXR7E3TTOrFploxI/k58lqfe/u63zcaUzMXW4I/Em+a7SuCdxBc7V3i6
RP/XzpU0a3QRV5BtCw3BguSAnqQwV6AD4juS51CAMDKAyMTtypVSiGJ1B+4xiXCO
DNWuSyCFLC5BJlxu6jYW/NmgjVuiqUHMf9y+wELNbdnrcEvnsG4gMayGMYnegltW
3kR0ywmhpai7d7I4b2JLg0/2AJZPMoOK2xpE671iSZveunSjcLvDa8FrWOIuekjk
6/hJqvEIQUUSMn2bTsxyvjT7M0Hz47Hpx7gHSH+ZNS3sLPq2Gz8QFQsj5QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFMI59b5SzjsROx5IiYOJqCvt2WG3MB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvd2puMXZsTE9PeEU3SGtpSmc0bW9LLTNaWWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMMAwDBAAtnxUD
BAAtnxYDBAJNUxgDBAJTYXQDBABY2i0DBABY2i8DBAKyFBwDBADBH34wDAMEAMGX
vQMEBsGXgAMEAMJjGAMEAMJjGjANBgkqhkiG9w0BAQsFAAOCAQEAlZ4f61awzdoW
fzM2UEBi4tdjz90kkRJFVEhN5/dx+Si+1mUrMztJUJaJ38jTjHEP/PnWHhPpiIX5
JyCujft5EKz3kmiOwOMpfJTMds2HwkYUx8kG04LqKou//T8HxLplRgX9dv4vx2Nn
C090Tr1AOz+llp3B/H9pEuHxtwrBxrklYqtzPN5+8aQZ208soLexhXO75yMZMjad
JP2jQNouXfJWpm+uBBjrnkHV3fUYxYEnNpmGK+ejnNnmIwEpiGISTY6q1Fbm93UY
dnyhGD4BoJoZu7Sw5cpyhCXKk03D6A0h902rW1xK/76yta1hTfj9lDGnEi7HUK+a
ScoKIFs91w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:24 2023 by rpki-client on console-ams.rpki-client.org