Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/WbhpQ2Ja5jwzhVRpGtB1tlaS5mI.roa
File: WbhpQ2Ja5jwzhVRpGtB1tlaS5mI.roa (raw, json)
Hash identifier: hxs6A+Epvjrf9XZjLWQAarneEePD1/qX0Nb5p0TdGP8=
Subject key identifier: 59:B8:69:43:62:5A:E6:3C:33:85:54:69:1A:D0:75:B6:56:92:E6:62
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018571F0FDEB6F98B4CEE53A099D6F324BEC
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/WbhpQ2Ja5jwzhVRpGtB1tlaS5mI.roa
Signing time: Mon 02 Jan 2023 10:04:57 +0000
ROA not before: Mon 02 Jan 2023 10:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199853
IP address blocks: 178.156.32.0/24 maxlen: 24
88.148.58.0/23 maxlen: 23
84.232.106.0/23 maxlen: 23
37.72.8.0/24 maxlen: 24
94.76.176.0/24 maxlen: 24
185.27.126.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:fd:eb:6f:98:b4:ce:e5:3a:09:9d:6f:32:4b:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 10:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59b86943625ae63c338554691ad075b65692e662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b7:7c:41:05:06:b6:02:61:53:04:67:0c:fd:
9c:fe:65:30:36:c1:03:b2:be:f7:fb:ea:66:42:28:
14:cb:44:6d:3d:0c:07:8f:3f:47:8d:e5:38:62:4a:
dd:c6:d9:dc:02:d0:df:c9:15:01:fe:84:d5:4d:b7:
05:7d:cc:88:93:78:ed:22:cd:52:e8:88:c4:0a:7e:
dc:14:20:04:e6:9c:0d:70:04:a8:c4:fb:39:87:27:
25:9c:fc:66:40:c1:61:9b:87:70:ba:46:b1:42:68:
26:cd:31:7b:60:55:03:4d:55:c6:80:17:0d:c0:01:
3c:1d:5b:b6:52:1c:43:1d:24:db:36:84:9e:3a:a0:
cd:6b:24:e7:7b:ca:ba:8e:32:42:7b:72:34:69:16:
fa:44:6f:74:b9:94:6b:f4:44:c0:fe:e9:35:50:be:
d1:8c:5f:2c:8d:e9:6c:9a:5b:54:b3:8e:f9:44:cb:
cf:07:45:04:2d:70:b1:04:00:1a:88:91:ca:95:e4:
4d:72:e0:0c:91:9a:69:b6:03:b8:84:85:d6:7a:26:
cf:dd:a2:ca:37:88:50:6f:0b:3c:74:8a:f4:a9:a5:
df:0a:03:9c:85:72:96:ee:11:95:a4:ba:91:26:6a:
ce:c6:ad:62:71:5e:c5:42:d4:f4:0e:1d:a7:91:3b:
cc:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:B8:69:43:62:5A:E6:3C:33:85:54:69:1A:D0:75:B6:56:92:E6:62
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/WbhpQ2Ja5jwzhVRpGtB1tlaS5mI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.8.0/24
84.232.106.0/23
88.148.58.0/23
94.76.176.0/24
178.156.32.0/24
185.27.126.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:03:25:ed:fa:e5:a0:2d:a5:52:3f:d6:01:69:11:d4:04:e4:
f6:60:80:e2:b1:ea:9d:34:d1:4a:d8:c1:02:9a:e3:90:c9:3e:
2e:9f:d5:4f:d6:9c:0a:12:2d:39:86:84:9e:e5:d8:0b:28:0e:
62:9c:cd:64:20:0c:3a:d7:52:9e:15:b5:fd:e4:70:ad:07:c4:
47:12:39:21:ec:33:3f:26:f9:3b:00:4f:38:78:8c:fb:d3:27:
77:b9:81:1b:76:ba:73:30:6f:de:ac:50:40:35:48:6d:33:17:
d1:b6:e8:b7:1e:ea:d7:75:91:2a:b4:da:86:6e:37:a7:c9:1c:
93:a9:b0:d5:4b:d7:e7:8d:95:41:67:66:8e:21:43:91:66:14:
2a:fb:d9:84:b4:0b:66:3a:74:d1:1d:1b:12:9f:01:df:39:53:
c4:db:60:ac:6a:e0:78:70:46:79:e2:72:3c:53:71:6d:9b:b8:
9c:9c:90:83:38:07:ae:f0:6b:3c:b0:c7:8f:98:2d:78:6b:1f:
c6:6a:ec:d4:c2:ec:1a:68:48:b9:29:f7:e0:08:2b:d0:0d:7a:
96:76:8e:e8:ff:cc:5c:93:55:12:51:8b:f7:f0:5f:1a:81:68:
5f:38:2a:ed:e0:6d:d8:79:80:bc:cd:49:5e:20:0e:de:03:f0:
58:a0:a7:3b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVx8P3rb5i0zuU6CZ1vMkvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWI4Njk0MzYyNWFlNjNjMzM4NTU0NjkxYWQwNzViNjU2OTJlNjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibd8QQUGtgJhUwRnDP2c/mUwNsED
sr73++pmQigUy0RtPQwHjz9HjeU4YkrdxtncAtDfyRUB/oTVTbcFfcyIk3jtIs1S
6IjECn7cFCAE5pwNcASoxPs5hyclnPxmQMFhm4dwukaxQmgmzTF7YFUDTVXGgBcN
wAE8HVu2UhxDHSTbNoSeOqDNayTne8q6jjJCe3I0aRb6RG90uZRr9ETA/uk1UL7R
jF8sjelsmltUs475RMvPB0UELXCxBAAaiJHKleRNcuAMkZpptgO4hIXWeibP3aLK
N4hQbws8dIr0qaXfCgOchXKW7hGVpLqRJmrOxq1icV7FQtT0Dh2nkTvMwwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFm4aUNiWuY8M4VUaRrQdbZWkuZiMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvV2JocFEySmE1and6aFZScEd0QjF0bGFTNW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAJUgIAwQB
VOhqAwQBWJQ6AwQAXkywAwQAspwgAwQAuRt+MA0GCSqGSIb3DQEBCwUAA4IBAQCN
AyXt+uWgLaVSP9YBaRHUBOT2YIDiseqdNNFK2MECmuOQyT4un9VP1pwKEi05hoSe
5dgLKA5inM1kIAw611KeFbX95HCtB8RHEjkh7DM/Jvk7AE84eIz70yd3uYEbdrpz
MG/erFBANUhtMxfRtui3HurXdZEqtNqGbjenyRyTqbDVS9fnjZVBZ2aOIUORZhQq
+9mEtAtmOnTRHRsSnwHfOVPE22CsauB4cEZ54nI8U3Ftm7icnJCDOAeu8Gs8sMeP
mC14ax/GauzUwuwaaEi5KffgCCvQDXqWdo7o/8xck1USUYv38F8agWhfOCrt4G3Y
eYC8zUleIA7eA/BYoKc7
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:46 2024 by rpki-client on console-ams.rpki-client.org