Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/WpOm3HaK9-mKGBabVi7BZZigLV0.roa
File: WpOm3HaK9-mKGBabVi7BZZigLV0.roa (raw, json)
Hash identifier: T1O4FAj47pfsOg08hybvcwjpglgbQzb8l4iE03PVMrY=
Subject key identifier: 5A:93:A6:DC:76:8A:F7:E9:8A:18:16:9B:56:2E:C1:65:98:A0:2D:5D
Certificate issuer: /CN=7d02fa2c5ba2892045e7cd50a5adfd54d6dbb8c2
Certificate serial: 018D2193338EBFD869D7F6E102EDDC6FE3EF
Authority key identifier: 7D:02:FA:2C:5B:A2:89:20:45:E7:CD:50:A5:AD:FD:54:D6:DB:B8:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQL6LFuiiSBF581Qpa39VNbbuMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/WpOm3HaK9-mKGBabVi7BZZigLV0.roa
Signing time: Fri 19 Jan 2024 11:55:11 +0000
ROA not before: Fri 19 Jan 2024 11:55:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201205
IP address blocks: 37.230.120.0/21 maxlen: 21
78.24.168.0/21 maxlen: 21
147.12.64.0/19 maxlen: 24
176.62.136.0/21 maxlen: 21
185.29.4.0/22 maxlen: 22
193.53.101.0/24 maxlen: 24
193.53.102.0/24 maxlen: 24
2a01:5c00::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 16 Mar 2024 13:33:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:21:93:33:8e:bf:d8:69:d7:f6:e1:02:ed:dc:6f:e3:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d02fa2c5ba2892045e7cd50a5adfd54d6dbb8c2
Validity
Not Before: Jan 19 11:55:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a93a6dc768af7e98a18169b562ec16598a02d5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ce:35:10:f8:8b:1e:e4:72:68:24:9b:aa:b6:
5e:9f:28:b2:f5:33:a5:ba:95:4d:0c:1b:d1:c8:19:
e9:45:29:7b:7c:c3:8f:25:a1:2d:fb:75:49:fb:b9:
85:09:7f:17:c8:f3:31:75:46:73:84:b6:a7:51:14:
48:e2:e1:bb:69:ac:90:2e:2e:d9:bd:74:50:21:60:
d9:a5:cd:e4:9f:0f:d2:1e:64:90:64:f9:f0:e3:20:
70:a7:1f:0e:bd:6d:aa:f3:23:ee:15:30:43:6a:0b:
e3:0c:fe:77:33:e1:07:27:37:6d:63:ee:ff:65:7d:
e0:0f:c3:61:5d:c2:d0:ae:f4:4b:e5:fb:f5:49:39:
5e:53:34:2c:e1:50:20:b7:46:45:51:0e:bf:9d:b1:
af:91:52:99:85:f8:30:02:20:c3:0e:f3:fd:6e:0b:
be:49:af:99:0b:ff:c3:d5:45:4e:ac:0a:84:54:8b:
d9:bd:28:59:7d:e7:ae:1c:34:1a:c2:20:6a:6c:2f:
77:53:25:76:e9:8e:ce:01:b4:22:e7:93:c3:d0:b4:
ab:7f:b2:a1:8d:0d:1c:fa:bb:f1:72:3b:a5:79:f6:
45:48:ba:2c:7d:ff:97:b2:a6:59:3b:7d:b9:84:1c:
42:38:37:c6:b1:94:64:df:58:ea:18:27:c2:c9:5f:
91:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:93:A6:DC:76:8A:F7:E9:8A:18:16:9B:56:2E:C1:65:98:A0:2D:5D
X509v3 Authority Key Identifier:
keyid:7D:02:FA:2C:5B:A2:89:20:45:E7:CD:50:A5:AD:FD:54:D6:DB:B8:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQL6LFuiiSBF581Qpa39VNbbuMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/WpOm3HaK9-mKGBabVi7BZZigLV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/fQL6LFuiiSBF581Qpa39VNbbuMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.120.0/21
78.24.168.0/21
147.12.64.0/19
176.62.136.0/21
185.29.4.0/22
193.53.101.0-193.53.102.255
IPv6:
2a01:5c00::/32
Signature Algorithm: sha256WithRSAEncryption
1b:c1:b7:df:aa:55:77:d2:72:2e:82:9f:bf:c9:69:4f:c5:f0:
00:93:9e:ef:16:1b:60:4f:73:7a:e5:08:1e:ad:88:de:71:30:
18:e2:8e:ac:63:01:cd:cd:97:19:57:02:39:28:75:ee:d3:6c:
26:06:2f:ca:8a:86:f4:b6:b6:9f:4f:96:79:f9:62:d5:15:44:
13:29:4d:56:0d:06:56:1d:a1:c1:9c:01:82:ee:b5:62:df:e2:
77:d1:58:2f:0d:fa:e2:04:2e:58:c0:e5:4d:b6:48:ae:16:0d:
7d:49:80:12:f7:67:36:f7:71:7a:0d:61:96:48:c2:3c:4d:99:
06:ef:dd:32:30:77:f6:db:35:7e:da:8a:59:31:17:88:bf:c8:
dd:fe:00:a9:65:df:12:b9:47:14:34:c3:f6:07:82:f8:d2:a2:
7b:a3:8c:cb:ef:b6:84:3b:7c:33:39:78:dd:f0:ee:3c:34:4a:
0f:28:e4:c3:d7:7d:c1:66:59:34:ed:84:d9:d2:be:a1:a6:2a:
ca:91:37:00:90:fc:e2:e9:3b:6f:6a:07:47:46:54:bc:6a:f4:
12:01:16:a5:06:3b:ae:1b:fe:6d:65:c5:55:ac:32:6e:ce:fa:
14:51:b9:c4:3e:4c:d9:29:3c:eb:f4:1c:97:be:58:b6:1d:12:
6e:98:39:40
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAY0hkzOOv9hp1/bhAu3cb+PvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDJmYTJjNWJhMjg5MjA0NWU3Y2Q1MGE1YWRmZDU0ZDZk
YmI4YzIwHhcNMjQwMTE5MTE1NTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTkzYTZkYzc2OGFmN2U5OGExODE2OWI1NjJlYzE2NTk4YTAyZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAic41EPiLHuRyaCSbqrZenyiy9TOl
upVNDBvRyBnpRSl7fMOPJaEt+3VJ+7mFCX8XyPMxdUZzhLanURRI4uG7aayQLi7Z
vXRQIWDZpc3knw/SHmSQZPnw4yBwpx8OvW2q8yPuFTBDagvjDP53M+EHJzdtY+7/
ZX3gD8NhXcLQrvRL5fv1STleUzQs4VAgt0ZFUQ6/nbGvkVKZhfgwAiDDDvP9bgu+
Sa+ZC//D1UVOrAqEVIvZvShZfeeuHDQawiBqbC93UyV26Y7OAbQi55PD0LSrf7Kh
jQ0c+rvxcjulefZFSLosff+XsqZZO325hBxCODfGsZRk31jqGCfCyV+RDQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFFqTptx2ivfpihgWm1YuwWWYoC1dMB8GA1UdIwQY
MBaAFH0C+ixbookgRefNUKWt/VTW27jCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFMNkxGdWlpU0JGNTgxUXBhMzlWTmJidU1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jY2UyMGItNGQ1YS00OGY4LWI4OGUt
ODEwMzlmM2NmM2ZkLzEvV3BPbTNIYUs5LW1LR0JhYlZpN0JaWmlnTFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jY2UyMGItNGQ1YS00OGY4LWI4OGUtODEwMzlmM2NmM2Zk
LzEvZlFMNkxGdWlpU0JGNTgxUXBhMzlWTmJidU1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQDJeZ4AwQD
ThioAwQFkwxAAwQDsD6IAwQCuR0EMAwDBADBNWUDBADBNWYwDQQCAAIwBwMFACoB
XAAwDQYJKoZIhvcNAQELBQADggEBABvBt9+qVXfSci6Cn7/JaU/F8ACTnu8WG2BP
c3rlCB6tiN5xMBjijqxjAc3NlxlXAjkode7TbCYGL8qKhvS2tp9Plnn5YtUVRBMp
TVYNBlYdocGcAYLutWLf4nfRWC8N+uIELljA5U22SK4WDX1JgBL3Zzb3cXoNYZZI
wjxNmQbv3TIwd/bbNX7ailkxF4i/yN3+AKll3xK5RxQ0w/YHgvjSonujjMvvtoQ7
fDM5eN3w7jw0Sg8o5MPXfcFmWTTthNnSvqGmKsqRNwCQ/OLpO29qB0dGVLxq9BIB
FqUGO64b/m1lxVWsMm7O+hRRucQ+TNkpPOv0HJe+WLYdEm6YOUA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:06 2024 by rpki-client on console-ams.rpki-client.org