Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/118e24-742b-4392-8dfa-071518e0573e/1/WkgBNtXlo1htamIU-2ca0A4EaOU.roa
File: WkgBNtXlo1htamIU-2ca0A4EaOU.roa (raw, json)
Hash identifier: 2iQ9cP87fbJxF+KDANdGX3PIR7LhqaqFWq4Zu1aWtV0=
Subject key identifier: 5A:48:01:36:D5:E5:A3:58:6D:6A:62:14:FB:67:1A:D0:0E:04:68:E5
Certificate issuer: /CN=69f7352d07135623e33f5a7e62925d4bab722fc6
Certificate serial: 018CC56EF909F73C1DAEB74BC23CB26450B6
Authority key identifier: 69:F7:35:2D:07:13:56:23:E3:3F:5A:7E:62:92:5D:4B:AB:72:2F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/afc1LQcTViPjP1p-YpJdS6tyL8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/118e24-742b-4392-8dfa-071518e0573e/1/WkgBNtXlo1htamIU-2ca0A4EaOU.roa
Signing time: Mon 01 Jan 2024 14:30:33 +0000
ROA not before: Mon 01 Jan 2024 14:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210094
IP address blocks: 178.251.20.0/22 maxlen: 22
2a0d:5d40::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 09 Aug 2024 08:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f9:09:f7:3c:1d:ae:b7:4b:c2:3c:b2:64:50:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69f7352d07135623e33f5a7e62925d4bab722fc6
Validity
Not Before: Jan 1 14:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a480136d5e5a3586d6a6214fb671ad00e0468e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:97:bb:2f:0a:7a:81:51:f6:ee:a4:e5:3f:0f:
07:35:cc:4b:0d:74:c9:1f:7c:fc:28:6b:6b:83:91:
7e:02:11:e5:25:5c:97:0b:57:2e:98:10:50:ad:d5:
85:03:1b:77:ac:e3:e8:2b:e6:99:fb:06:39:df:01:
69:85:05:8e:50:24:8b:ac:2b:cf:6a:0a:76:59:63:
15:84:e0:01:47:4d:95:f7:1a:e3:6d:9a:0d:6e:79:
b5:1f:04:c0:b0:c1:06:6e:83:8b:bf:35:d3:55:44:
90:6d:53:95:b2:d1:38:b1:d5:76:4d:36:c4:05:3b:
c3:42:45:be:f1:93:c6:cb:e5:7a:2d:ae:ed:40:70:
d1:2f:14:2b:5d:f7:3c:a3:59:0b:1b:e5:03:09:a2:
1c:64:a7:dd:b7:4b:d0:45:ed:aa:20:62:4b:8c:cc:
35:ff:c7:50:8a:ae:9f:2b:23:18:8a:07:33:13:65:
b3:9f:58:1f:bd:fc:17:9c:a5:a9:a6:eb:e9:f5:15:
90:da:40:af:db:05:cf:f4:f7:bc:78:18:15:0b:f7:
45:61:bd:b4:bd:f2:cc:40:1d:29:6e:43:03:7f:12:
5f:01:90:d0:67:63:0b:9b:23:59:09:fd:7c:b4:2b:
86:ee:89:16:30:2d:2e:62:a0:42:de:26:4d:65:1c:
25:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:48:01:36:D5:E5:A3:58:6D:6A:62:14:FB:67:1A:D0:0E:04:68:E5
X509v3 Authority Key Identifier:
keyid:69:F7:35:2D:07:13:56:23:E3:3F:5A:7E:62:92:5D:4B:AB:72:2F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afc1LQcTViPjP1p-YpJdS6tyL8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/118e24-742b-4392-8dfa-071518e0573e/1/WkgBNtXlo1htamIU-2ca0A4EaOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/118e24-742b-4392-8dfa-071518e0573e/1/afc1LQcTViPjP1p-YpJdS6tyL8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.20.0/22
IPv6:
2a0d:5d40::/32
Signature Algorithm: sha256WithRSAEncryption
24:79:27:f7:45:68:97:c8:f3:7f:87:fb:24:0b:22:7c:9e:d3:
e0:7b:36:0b:c6:12:08:3f:35:8b:d5:63:10:83:77:94:6f:a0:
14:ba:d7:86:77:a7:32:fd:70:c0:94:4a:c3:8d:1c:d7:27:b2:
b8:c6:d0:d0:df:55:79:d1:19:96:38:51:30:ed:86:26:9e:82:
72:eb:64:da:60:51:44:3f:e5:df:bc:bc:06:ea:9d:d2:6d:0b:
b4:a7:da:9f:17:36:9f:1b:03:d1:ba:c5:94:7c:ca:4d:b9:f2:
a3:41:c5:31:15:88:27:3e:b1:17:57:82:e5:1b:02:7d:79:9e:
e8:0d:33:0e:6c:90:09:53:cb:34:e6:df:19:ff:26:87:21:f7:
40:1b:d9:bd:44:40:ab:32:0e:f8:c2:5d:78:7d:78:24:7e:7c:
bc:73:a5:e7:b2:2f:56:e3:27:c0:32:0e:be:78:e1:d3:fe:b4:
0a:67:ec:46:e7:fe:4c:66:4f:76:76:c7:9f:a1:55:78:ec:93:
4e:d1:3a:89:da:c2:9a:51:7f:00:ba:9e:52:04:23:9d:57:ef:
48:ef:ff:94:be:ab:6b:6f:6b:26:ce:8e:7d:f3:b7:77:75:75:
8b:bf:7f:63:75:ee:7c:69:5f:7b:47:12:3a:68:c9:3b:71:aa:
2d:3e:38:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbvkJ9zwdrrdLwjyyZFC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZjczNTJkMDcxMzU2MjNlMzNmNWE3ZTYyOTI1ZDRiYWI3
MjJmYzYwHhcNMjQwMTAxMTQzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTQ4MDEzNmQ1ZTVhMzU4NmQ2YTYyMTRmYjY3MWFkMDBlMDQ2OGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZe7Lwp6gVH27qTlPw8HNcxLDXTJ
H3z8KGtrg5F+AhHlJVyXC1cumBBQrdWFAxt3rOPoK+aZ+wY53wFphQWOUCSLrCvP
agp2WWMVhOABR02V9xrjbZoNbnm1HwTAsMEGboOLvzXTVUSQbVOVstE4sdV2TTbE
BTvDQkW+8ZPGy+V6La7tQHDRLxQrXfc8o1kLG+UDCaIcZKfdt0vQRe2qIGJLjMw1
/8dQiq6fKyMYigczE2Wzn1gfvfwXnKWppuvp9RWQ2kCv2wXP9Pe8eBgVC/dFYb20
vfLMQB0pbkMDfxJfAZDQZ2MLmyNZCf18tCuG7okWMC0uYqBC3iZNZRwlrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFpIATbV5aNYbWpiFPtnGtAOBGjlMB8GA1UdIwQY
MBaAFGn3NS0HE1Yj4z9afmKSXUurci/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWZjMUxRY1RWaVBqUDFwLVlwSmRTNnR5TDhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xMThlMjQtNzQyYi00MzkyLThkZmEt
MDcxNTE4ZTA1NzNlLzEvV2tnQk50WGxvMWh0YW1JVS0yY2EwQTRFYU9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xMThlMjQtNzQyYi00MzkyLThkZmEtMDcxNTE4ZTA1NzNl
LzEvYWZjMUxRY1RWaVBqUDFwLVlwSmRTNnR5TDhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCsvsUMA0E
AgACMAcDBQAqDV1AMA0GCSqGSIb3DQEBCwUAA4IBAQAkeSf3RWiXyPN/h/skCyJ8
ntPgezYLxhIIPzWL1WMQg3eUb6AUuteGd6cy/XDAlErDjRzXJ7K4xtDQ31V50RmW
OFEw7YYmnoJy62TaYFFEP+XfvLwG6p3SbQu0p9qfFzafGwPRusWUfMpNufKjQcUx
FYgnPrEXV4LlGwJ9eZ7oDTMObJAJU8s05t8Z/yaHIfdAG9m9RECrMg74wl14fXgk
fny8c6Xnsi9W4yfAMg6+eOHT/rQKZ+xG5/5MZk92dsefoVV47JNO0TqJ2sKaUX8A
up5SBCOdV+9I7/+Uvqtrb2smzo5987d3dXWLv39jde58aV97RxI6aMk7caotPjjA
-----END CERTIFICATE-----
Generated at Fri Aug 9 10:08:30 2024 by rpki-client on console-fra.rpki-client.org