Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/_wsiKRr9oYjc8xtyruPZfjmqeOY.roa
File: _wsiKRr9oYjc8xtyruPZfjmqeOY.roa (raw, json)
Hash identifier: 6qtnk0c7yiRvEFGGFTVia5T9AQaP/vVa672B8iQ55L0=
Subject key identifier: FF:0B:22:29:1A:FD:A1:88:DC:F3:1B:72:AE:E3:D9:7E:39:AA:78:E6
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018A72645BB633156D47B0A75F7A2489E615
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/_wsiKRr9oYjc8xtyruPZfjmqeOY.roa
Signing time: Fri 08 Sep 2023 01:24:54 +0000
ROA not before: Fri 08 Sep 2023 01:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55154
IP address blocks: 85.92.112.0/24 maxlen: 24
185.235.164.0/24 maxlen: 24
45.135.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Oct 2023 03:39:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:72:64:5b:b6:33:15:6d:47:b0:a7:5f:7a:24:89:e6:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Sep 8 01:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff0b22291afda188dcf31b72aee3d97e39aa78e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:98:5c:32:26:8a:8c:c6:27:b6:a0:67:91:d0:
c4:a4:9e:ef:76:5d:c5:fd:ee:78:48:a4:47:15:33:
ff:bb:35:e8:68:48:05:b4:9e:11:3e:44:e8:83:f7:
d3:81:b0:8e:f4:eb:f5:b8:fb:30:f8:29:05:a6:2e:
51:cb:83:f7:f3:74:65:84:83:02:84:63:c0:bb:72:
fa:18:7c:fe:8b:00:7b:51:2e:df:ac:6e:ea:0c:09:
e6:42:35:98:a4:2f:47:f2:4a:be:7b:53:ed:08:97:
36:f7:49:21:18:4b:b1:e6:43:a2:ea:29:15:52:f0:
44:77:ba:03:07:6a:36:0e:08:98:9f:48:92:e6:18:
52:4a:78:00:64:06:12:b5:aa:b5:3c:e2:3e:62:b0:
3c:6a:27:df:5f:31:61:ec:f6:0e:12:91:69:01:f7:
c3:ca:9a:d5:88:5d:88:de:26:da:e3:85:bc:cb:02:
7e:67:88:af:af:0a:ba:09:f3:7a:86:49:6b:af:b6:
b9:d9:c5:26:37:31:64:e9:03:38:b5:50:58:23:cb:
7e:d6:b3:9e:7e:e6:a4:10:f9:99:3d:8b:4e:8b:16:
ee:2d:bf:ae:d9:ab:8f:ab:3f:87:67:7e:08:ac:f2:
90:ca:ef:d7:6f:cf:57:13:09:c5:05:e0:1d:de:60:
07:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:0B:22:29:1A:FD:A1:88:DC:F3:1B:72:AE:E3:D9:7E:39:AA:78:E6
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/_wsiKRr9oYjc8xtyruPZfjmqeOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.238.0/24
85.92.112.0/24
185.235.164.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:f3:50:49:a5:b7:9d:52:d0:49:06:95:93:c4:f4:75:9b:38:
61:95:79:a2:88:9e:e5:af:33:58:16:20:da:ac:91:0c:5b:3c:
ff:75:a3:c1:7f:d9:e6:16:59:20:79:4a:d9:cd:5a:12:f7:e1:
59:d8:3f:bb:67:ed:15:6d:2a:d8:26:21:a3:78:eb:9c:45:a5:
4c:20:61:a0:16:32:d2:66:ef:b7:bd:76:f4:a9:d1:49:5f:8f:
ee:90:68:7d:e4:59:08:83:a5:79:90:8f:26:12:55:a5:e0:ab:
f6:97:81:5a:37:eb:bc:1d:42:cc:89:c0:32:c8:ad:87:7f:dd:
96:20:fc:8e:d1:fc:b7:53:1c:67:6a:00:92:c4:ac:04:bc:f1:
53:ca:78:5c:34:eb:c3:96:db:03:b2:c7:8a:ea:86:b1:80:23:
ae:f1:29:08:d0:64:79:e3:04:95:ff:df:31:e2:0d:27:62:88:
69:2d:a5:b6:32:c2:de:86:7a:11:90:a1:90:97:86:90:6b:90:
48:0e:e2:b3:13:53:42:81:f3:9a:7d:c6:a9:14:c9:74:55:20:
85:db:de:ce:2b:9a:7c:a5:45:a4:8d:3c:9c:b0:27:36:a4:60:
8b:5c:b7:e3:2c:a4:14:e5:bd:06:cc:1d:df:2c:7b:c1:df:de:
cc:43:74:54
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpyZFu2MxVtR7CnX3okieYVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMwOTA4MDEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjBiMjIyOTFhZmRhMTg4ZGNmMzFiNzJhZWUzZDk3ZTM5YWE3OGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZhcMiaKjMYntqBnkdDEpJ7vdl3F
/e54SKRHFTP/uzXoaEgFtJ4RPkTog/fTgbCO9Ov1uPsw+CkFpi5Ry4P383RlhIMC
hGPAu3L6GHz+iwB7US7frG7qDAnmQjWYpC9H8kq+e1PtCJc290khGEux5kOi6ikV
UvBEd7oDB2o2DgiYn0iS5hhSSngAZAYStaq1POI+YrA8aiffXzFh7PYOEpFpAffD
yprViF2I3iba44W8ywJ+Z4ivrwq6CfN6hklrr7a52cUmNzFk6QM4tVBYI8t+1rOe
fuakEPmZPYtOixbuLb+u2auPqz+HZ34IrPKQyu/Xb89XEwnFBeAd3mAH4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP8LIika/aGI3PMbcq7j2X45qnjmMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvX3dzaUtScjlvWWpjOHh0eXJ1UFpmam1xZU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYfuAwQA
VVxwAwQAueukMA0GCSqGSIb3DQEBCwUAA4IBAQB681BJpbedUtBJBpWTxPR1mzhh
lXmiiJ7lrzNYFiDarJEMWzz/daPBf9nmFlkgeUrZzVoS9+FZ2D+7Z+0VbSrYJiGj
eOucRaVMIGGgFjLSZu+3vXb0qdFJX4/ukGh95FkIg6V5kI8mElWl4Kv2l4FaN+u8
HULMicAyyK2Hf92WIPyO0fy3UxxnagCSxKwEvPFTynhcNOvDltsDsseK6oaxgCOu
8SkI0GR54wSV/98x4g0nYohpLaW2MsLehnoRkKGQl4aQa5BIDuKzE1NCgfOafcap
FMl0VSCF297OK5p8pUWkjTycsCc2pGCLXLfjLKQU5b0GzB3fLHvB397MQ3RU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:04 2024 by rpki-client on console-ams.rpki-client.org