Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/wNEqt_OnSeq8MdisPZdnfxq6zOM.roa
File: wNEqt_OnSeq8MdisPZdnfxq6zOM.roa (raw, json)
Hash identifier: txc2Hm/4On0sfuL4WwNWF4dxXUXeuGeRLFWao3eVBl4=
Subject key identifier: C0:D1:2A:B7:F3:A7:49:EA:BC:31:D8:AC:3D:97:67:7F:1A:BA:CC:E3
Certificate issuer: /CN=2b976275547b75df2b04c4f9b291c0710c507740
Certificate serial: 018CC94E2C3730FE69BFE23F32E3C08053EC
Authority key identifier: 2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/wNEqt_OnSeq8MdisPZdnfxq6zOM.roa
Signing time: Tue 02 Jan 2024 08:33:12 +0000
ROA not before: Tue 02 Jan 2024 08:33:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202975
IP address blocks: 185.135.100.0/23 maxlen: 23
185.135.102.0/24 maxlen: 24
85.116.132.0/22 maxlen: 22
89.105.88.0/24 maxlen: 24
185.89.222.0/23 maxlen: 23
2a06:f2c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 16 Jan 2024 15:43:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:2c:37:30:fe:69:bf:e2:3f:32:e3:c0:80:53:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b976275547b75df2b04c4f9b291c0710c507740
Validity
Not Before: Jan 2 08:33:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0d12ab7f3a749eabc31d8ac3d97677f1abacce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1e:1c:1d:26:e6:5d:d8:25:b4:2b:16:a6:20:
11:b8:ab:a8:6a:4a:15:56:ee:ea:88:f7:85:c8:bd:
b5:8d:d8:03:06:10:f5:0b:83:5a:cf:0c:0f:ae:40:
b9:09:05:98:55:11:30:8e:cd:93:b4:d9:b1:96:a0:
db:7f:3a:5b:40:0a:78:09:08:58:25:8c:13:17:d8:
82:40:5c:3b:84:6d:02:7d:fb:ed:2c:aa:92:f4:71:
5c:48:2b:07:19:48:de:ab:30:c5:bd:b7:14:76:f9:
4e:90:64:59:bc:31:60:c5:e8:08:c4:c2:82:a1:4f:
70:af:49:43:5f:5b:99:77:9b:8b:4d:75:7e:5d:64:
20:50:d8:1c:02:27:14:de:fc:55:0b:2f:42:d9:a7:
77:92:5a:81:be:fd:1b:c0:65:38:b9:80:04:32:73:
38:19:cf:f3:f4:78:2a:b1:34:e5:dc:c7:27:ed:12:
b1:98:a3:7a:46:98:bb:21:74:23:91:51:7a:9d:99:
76:86:c0:0d:34:f2:3c:4b:7a:8e:5d:34:e7:19:18:
97:e2:f8:3e:e7:51:c5:d5:d4:6d:03:df:9e:e5:78:
17:3b:13:0a:c5:44:75:af:43:76:8b:e7:39:72:f3:
7c:c8:e0:2e:4f:52:72:80:19:8d:16:d4:4d:37:4f:
3b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:D1:2A:B7:F3:A7:49:EA:BC:31:D8:AC:3D:97:67:7F:1A:BA:CC:E3
X509v3 Authority Key Identifier:
keyid:2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/wNEqt_OnSeq8MdisPZdnfxq6zOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.132.0/22
89.105.88.0/24
185.89.222.0/23
185.135.100.0-185.135.102.255
IPv6:
2a06:f2c0::/29
Signature Algorithm: sha256WithRSAEncryption
32:c9:6c:e7:56:26:62:37:a6:79:a4:f6:56:2a:13:a0:3f:16:
c9:62:2b:76:0b:e9:8e:6c:ae:a7:36:9f:7e:75:79:29:30:74:
52:36:79:b8:56:23:01:42:8d:4e:8c:d1:bf:f5:2b:2f:58:2d:
f5:8e:45:13:71:8d:54:b0:49:af:f7:11:42:ef:42:30:e6:c6:
37:d6:65:a9:5a:a8:7a:df:7d:8f:0c:7b:07:1a:12:4c:8b:17:
eb:b6:3a:fa:38:25:2d:ad:bc:ad:73:20:08:b8:dd:55:42:77:
36:c0:43:ae:99:93:20:23:bd:1b:d6:b5:34:ab:15:ad:3a:a6:
2e:0c:7c:d4:72:30:ee:88:f8:22:84:be:a5:80:d4:ed:67:f9:
e0:61:24:c9:d1:7c:c9:e6:dd:1f:d4:c3:7f:d7:bd:3c:e7:70:
21:19:88:bf:ee:42:de:88:63:dd:6f:e7:23:04:a1:9b:0f:8a:
d1:a0:9f:92:5e:eb:8f:09:d6:da:c7:a1:5f:11:29:4a:74:50:
41:f3:5e:17:d9:4d:49:f5:b2:e3:24:b4:38:ee:8c:be:55:e3:
d1:fd:b9:9b:85:a8:02:db:f5:82:cf:ad:69:b1:f9:3c:f9:30:
e7:ac:0e:6f:a9:bb:f5:82:4a:3d:8f:13:73:ee:64:96:b9:f9:
18:b7:fb:f9
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzJTiw3MP5pv+I/MuPAgFPsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTc2Mjc1NTQ3Yjc1ZGYyYjA0YzRmOWIyOTFjMDcxMGM1
MDc3NDAwHhcNMjQwMTAyMDgzMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGQxMmFiN2YzYTc0OWVhYmMzMWQ4YWMzZDk3Njc3ZjFhYmFjY2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgB4cHSbmXdgltCsWpiARuKuoakoV
Vu7qiPeFyL21jdgDBhD1C4NazwwPrkC5CQWYVREwjs2TtNmxlqDbfzpbQAp4CQhY
JYwTF9iCQFw7hG0CffvtLKqS9HFcSCsHGUjeqzDFvbcUdvlOkGRZvDFgxegIxMKC
oU9wr0lDX1uZd5uLTXV+XWQgUNgcAicU3vxVCy9C2ad3klqBvv0bwGU4uYAEMnM4
Gc/z9HgqsTTl3Mcn7RKxmKN6Rpi7IXQjkVF6nZl2hsANNPI8S3qOXTTnGRiX4vg+
51HF1dRtA9+e5XgXOxMKxUR1r0N2i+c5cvN8yOAuT1JygBmNFtRNN087swIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFMDRKrfzp0nqvDHYrD2XZ38auszjMB8GA1UdIwQY
MBaAFCuXYnVUe3XfKwTE+bKRwHEMUHdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgt
ZDViMGY5MWQ5N2MyLzEvd05FcXRfT25TZXE4TWRpc1BaZG5meHE2ek9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgtZDViMGY5MWQ5N2My
LzEvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCVXSEAwQA
WWlYAwQBuVneMAwDBAK5h2QDBAC5h2YwDQQCAAIwBwMFAyoG8sAwDQYJKoZIhvcN
AQELBQADggEBADLJbOdWJmI3pnmk9lYqE6A/FsliK3YL6Y5srqc2n351eSkwdFI2
ebhWIwFCjU6M0b/1Ky9YLfWORRNxjVSwSa/3EULvQjDmxjfWZalaqHrffY8Mewca
EkyLF+u2Ovo4JS2tvK1zIAi43VVCdzbAQ66ZkyAjvRvWtTSrFa06pi4MfNRyMO6I
+CKEvqWA1O1n+eBhJMnRfMnm3R/Uw3/XvTzncCEZiL/uQt6IY91v5yMEoZsPitGg
n5Je648J1trHoV8RKUp0UEHzXhfZTUn1suMktDjujL5V49H9uZuFqALb9YLPrWmx
+Tz5MOesDm+pu/WCSj2PE3PuZJa5+Ri3+/k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:25 2024 by rpki-client on console-ams.rpki-client.org