Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/whhgUvdY7cboHVSVXD0GuLQ0QJw.roa
File: whhgUvdY7cboHVSVXD0GuLQ0QJw.roa (raw, json)
Hash identifier: 0yAUeSAsdR4Xs3nSQ5+YYe5e297ZXelqvbEYxOfEzuU=
Subject key identifier: C2:18:60:52:F7:58:ED:C6:E8:1D:54:95:5C:3D:06:B8:B4:34:40:9C
Certificate issuer: /CN=586936266e980dd203b2cbeb1c9c4570604b911b
Certificate serial: 018CC5DC38AF461B8663D7CC8B007A041EEB
Authority key identifier: 58:69:36:26:6E:98:0D:D2:03:B2:CB:EB:1C:9C:45:70:60:4B:91:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGk2Jm6YDdIDssvrHJxFcGBLkRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/whhgUvdY7cboHVSVXD0GuLQ0QJw.roa
Signing time: Mon 01 Jan 2024 16:29:53 +0000
ROA not before: Mon 01 Jan 2024 16:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49628
IP address blocks: 185.46.176.0/22 maxlen: 22
193.176.215.0/24 maxlen: 24
78.40.106.0/24 maxlen: 24
78.40.107.0/24 maxlen: 24
193.176.214.0/24 maxlen: 24
5.187.9.0/24 maxlen: 24
5.187.10.0/24 maxlen: 24
5.187.8.0/24 maxlen: 24
5.187.8.0/21 maxlen: 21
5.187.11.0/24 maxlen: 24
5.187.12.0/24 maxlen: 24
193.176.212.0/24 maxlen: 24
193.176.212.0/22 maxlen: 22
78.40.104.0/24 maxlen: 24
78.40.104.0/22 maxlen: 22
193.176.213.0/24 maxlen: 24
78.40.105.0/24 maxlen: 24
185.168.224.0/24 maxlen: 24
185.168.224.0/22 maxlen: 22
185.168.225.0/24 maxlen: 24
185.168.226.0/24 maxlen: 24
185.168.227.0/24 maxlen: 24
37.75.128.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 04 Jan 2024 11:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:38:af:46:1b:86:63:d7:cc:8b:00:7a:04:1e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=586936266e980dd203b2cbeb1c9c4570604b911b
Validity
Not Before: Jan 1 16:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2186052f758edc6e81d54955c3d06b8b434409c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d4:36:3e:88:a7:51:d3:77:01:79:37:8b:5d:
17:c4:32:5f:d3:85:87:e9:86:03:71:d5:3d:52:c7:
e7:14:91:f0:e8:9a:35:9f:f3:b7:21:25:32:40:da:
c4:ce:0c:89:27:e0:85:2f:23:d5:a3:ea:9b:ce:59:
a3:11:03:82:41:ec:a5:01:46:32:7f:10:d8:a0:8b:
54:a6:fd:90:b3:e2:f5:f1:41:43:c8:7f:e5:4b:8f:
8f:5a:70:2f:8c:72:c6:b9:9c:86:b3:36:2f:e6:cb:
73:fb:ac:20:e2:9b:a9:7b:0b:54:7f:4b:f6:0e:83:
c7:83:26:00:f8:94:15:b1:0a:c6:ea:0b:09:c6:a6:
4d:b8:e1:ef:37:a1:29:3b:38:1a:43:86:df:ca:bd:
f1:6b:6e:38:a3:4a:97:c1:e2:1e:91:c8:17:28:ae:
36:ac:29:de:cf:64:8b:c9:a3:84:58:87:99:e6:34:
f7:a5:b2:83:53:36:6d:3c:2a:06:69:f2:b8:92:c7:
a8:a1:f8:23:1a:d0:08:73:9e:53:bd:36:a5:8c:e5:
18:53:11:6a:b0:a4:53:34:3f:dd:51:04:67:00:23:
ad:ce:3d:98:20:62:55:a5:b7:f6:fa:56:3b:0b:f7:
b9:c1:d7:a4:dd:96:5f:5b:6f:fe:11:46:5b:eb:54:
c8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:18:60:52:F7:58:ED:C6:E8:1D:54:95:5C:3D:06:B8:B4:34:40:9C
X509v3 Authority Key Identifier:
keyid:58:69:36:26:6E:98:0D:D2:03:B2:CB:EB:1C:9C:45:70:60:4B:91:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGk2Jm6YDdIDssvrHJxFcGBLkRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/whhgUvdY7cboHVSVXD0GuLQ0QJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/WGk2Jm6YDdIDssvrHJxFcGBLkRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.8.0/21
37.75.128.0/21
78.40.104.0/22
185.46.176.0/22
185.168.224.0/22
193.176.212.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:81:a7:6e:85:f3:13:a8:42:2e:41:a7:9a:5d:c4:1c:ff:02:
c8:14:05:91:cd:8a:67:70:d3:63:7d:b9:33:c4:0e:d5:21:a3:
68:34:2c:ad:0a:19:6f:82:3e:a3:4f:c7:9d:e3:d4:be:3f:38:
b1:7b:c2:13:06:c2:53:d7:49:38:c3:c2:a0:3c:f7:27:1b:92:
91:ca:db:c7:1a:d5:e8:48:04:53:16:d3:8d:3f:26:77:c8:08:
c2:5b:8e:a1:ec:7e:70:a1:72:e0:55:b1:5a:7c:ef:de:6b:38:
8c:3d:87:14:57:23:00:40:46:8e:08:f9:5d:50:d6:d4:10:e2:
ed:1e:43:b8:84:2b:07:ad:55:c5:8c:68:0d:b1:85:8d:62:fd:
08:57:61:59:3d:1f:d5:a4:11:f0:c6:a5:ce:69:3a:18:3c:e0:
6f:18:62:e1:15:b3:cb:1a:12:67:f7:0f:a1:fc:6c:06:20:b5:
99:e5:62:88:6a:8a:26:6f:99:f2:14:b8:c6:88:01:3c:bf:e8:
69:75:6c:0a:ab:8f:b1:06:d8:77:55:b5:43:cd:31:d2:6d:96:
bf:bb:17:63:f6:5b:55:8c:76:13:0f:2b:4d:1c:47:3d:49:14:
52:4e:8a:19:ac:b6:96:05:49:13:f1:69:ec:d2:02:fe:3c:e6:
24:08:e4:dc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzF3DivRhuGY9fMiwB6BB7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NjkzNjI2NmU5ODBkZDIwM2IyY2JlYjFjOWM0NTcwNjA0
YjkxMWIwHhcNMjQwMTAxMTYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjE4NjA1MmY3NThlZGM2ZTgxZDU0OTU1YzNkMDZiOGI0MzQ0MDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNQ2PoinUdN3AXk3i10XxDJf04WH
6YYDcdU9UsfnFJHw6Jo1n/O3ISUyQNrEzgyJJ+CFLyPVo+qbzlmjEQOCQeylAUYy
fxDYoItUpv2Qs+L18UFDyH/lS4+PWnAvjHLGuZyGszYv5stz+6wg4pupewtUf0v2
DoPHgyYA+JQVsQrG6gsJxqZNuOHvN6EpOzgaQ4bfyr3xa244o0qXweIekcgXKK42
rCnez2SLyaOEWIeZ5jT3pbKDUzZtPCoGafK4kseoofgjGtAIc55TvTaljOUYUxFq
sKRTND/dUQRnACOtzj2YIGJVpbf2+lY7C/e5wdek3ZZfW2/+EUZb61TICQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMIYYFL3WO3G6B1UlVw9Bri0NECcMB8GA1UdIwQY
MBaAFFhpNiZumA3SA7LL6xycRXBgS5EbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0drMkptNllEZElEc3N2ckhKeEZjR0JMa1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80YzY2Y2MtZmE5YS00ZjU4LWFkMjEt
N2RhMTgzZWZmMTE1LzEvd2hoZ1V2ZFk3Y2JvSFZTVlhEMEd1TFEwUUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80YzY2Y2MtZmE5YS00ZjU4LWFkMjEtN2RhMTgzZWZmMTE1
LzEvV0drMkptNllEZElEc3N2ckhKeEZjR0JMa1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDBbsIAwQD
JUuAAwQCTihoAwQCuS6wAwQCuajgAwQCwbDUMA0GCSqGSIb3DQEBCwUAA4IBAQBK
gaduhfMTqEIuQaeaXcQc/wLIFAWRzYpncNNjfbkzxA7VIaNoNCytChlvgj6jT8ed
49S+Pzixe8ITBsJT10k4w8KgPPcnG5KRytvHGtXoSARTFtONPyZ3yAjCW46h7H5w
oXLgVbFafO/eaziMPYcUVyMAQEaOCPldUNbUEOLtHkO4hCsHrVXFjGgNsYWNYv0I
V2FZPR/VpBHwxqXOaToYPOBvGGLhFbPLGhJn9w+h/GwGILWZ5WKIaoomb5nyFLjG
iAE8v+hpdWwKq4+xBth3VbVDzTHSbZa/uxdj9ltVjHYTDytNHEc9SRRSTooZrLaW
BUkT8Wns0gL+POYkCOTc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:59 2025 by rpki-client