Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/WgdkkZ5-sWM4-nGFeuZSBlOi-mY.roa
File: WgdkkZ5-sWM4-nGFeuZSBlOi-mY.roa (raw, json)
Hash identifier: uOdRbEklAf8z+Bh5FQyKD62WOgkcmZXVIIuVf2fqu1U=
Subject key identifier: 5A:07:64:91:9E:7E:B1:63:38:FA:71:85:7A:E6:52:06:53:A2:FA:66
Certificate issuer: /CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Certificate serial: 01856EB9050C8A313209684360F56E2CBC88
Authority key identifier: B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/WgdkkZ5-sWM4-nGFeuZSBlOi-mY.roa
Signing time: Sun 01 Jan 2023 19:04:57 +0000
ROA not before: Sun 01 Jan 2023 19:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197033
IP address blocks: 46.18.224.0/21 maxlen: 21
185.33.88.0/22 maxlen: 22
91.216.43.0/24 maxlen: 24
185.24.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:05:0c:8a:31:32:09:68:43:60:f5:6e:2c:bc:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Validity
Not Before: Jan 1 19:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a0764919e7eb16338fa71857ae6520653a2fa66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:ab:16:34:a6:50:72:93:ec:ae:af:ee:ab:36:
12:fb:41:4a:f8:32:d6:08:01:b1:b0:cc:1f:bc:0e:
fd:77:2e:40:70:cf:b4:aa:2c:27:09:db:46:b8:8d:
07:6b:10:1a:df:46:94:74:4f:82:2c:69:69:a9:c8:
d1:e9:c9:5e:ca:51:b2:a6:76:ab:2f:6c:7d:0f:ef:
bd:c3:df:af:ff:a7:9a:60:ec:94:11:f7:fe:b1:73:
e6:dc:47:f4:a9:86:a1:d5:ba:af:c2:f6:d2:99:83:
5f:65:33:4d:ac:4d:99:c7:30:fe:2b:2c:56:e2:e2:
5d:7b:f1:69:21:88:fa:4e:70:49:c1:f4:c3:f2:d5:
02:11:0a:3a:bb:34:bf:07:ff:65:48:a2:b0:79:46:
5e:4e:a6:cf:c7:f2:4b:13:e8:61:5d:5b:69:76:3b:
76:0d:6c:84:d9:30:5b:24:db:bf:0a:fe:f1:62:b5:
42:f4:68:eb:27:0f:1f:bd:70:48:3c:26:61:d1:c1:
6b:4c:e5:37:0e:94:45:f7:21:0c:c9:0e:b2:20:16:
1c:74:03:7c:66:d2:f0:75:6b:2d:fe:fc:60:84:a0:
1f:34:d3:8b:5f:5a:61:26:28:39:75:4d:42:9e:8a:
80:c1:b6:ef:ff:4d:39:e2:6a:d6:d0:f4:1f:99:96:
6c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:07:64:91:9E:7E:B1:63:38:FA:71:85:7A:E6:52:06:53:A2:FA:66
X509v3 Authority Key Identifier:
keyid:B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/WgdkkZ5-sWM4-nGFeuZSBlOi-mY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.224.0/21
91.216.43.0/24
185.24.152.0/22
185.33.88.0/22
Signature Algorithm: sha256WithRSAEncryption
42:69:d2:7c:ae:27:23:9a:07:7a:49:98:ef:b6:c7:f5:f8:b1:
14:7a:1a:53:38:84:84:ce:f2:d0:4f:7d:ff:fd:77:cf:88:3f:
bc:fe:8e:0d:b1:92:51:2e:fd:fe:8f:be:13:f2:9b:1f:28:5b:
59:c2:05:3b:42:44:dd:90:c8:8f:ca:0b:a2:09:32:bb:59:c3:
65:6c:86:64:13:71:a4:8c:02:45:59:0a:9a:13:2d:ef:ae:81:
16:6b:33:9c:38:ea:db:77:bd:d7:39:db:65:c0:94:d1:0a:3a:
9b:59:d3:06:5f:9e:1f:8a:10:f1:f1:4b:86:22:5f:2e:46:a3:
fa:7a:a5:2b:5e:46:5d:31:26:22:2b:e8:24:05:d2:e9:04:7b:
d9:ff:3b:3b:61:a1:6c:d7:45:45:b6:19:d2:64:87:0a:00:cb:
22:6c:1b:5a:1a:a3:3e:7c:78:93:03:4b:a8:e6:51:56:32:12:
94:74:9b:da:9b:e5:6e:7b:2d:86:6b:b0:fe:c3:11:48:d0:70:
41:e8:07:d6:cc:c1:6d:39:8d:b4:84:19:ff:a6:61:9e:8c:34:
91:d0:28:31:fb:4e:9e:33:90:c1:4a:b2:ce:b0:ab:e7:74:fe:
b0:b7:72:df:c2:60:bf:f4:b2:f1:d4:6b:b6:fd:30:f5:3a:30:
e9:e4:b5:ca
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVuuQUMijEyCWhDYPVuLLyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDVlYzE1MTZlZTZkYzE5ZDFlNWMzOTk4Y2I3ZTdhNjQ2
ZjcxNWEwHhcNMjMwMTAxMTkwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTA3NjQ5MTllN2ViMTYzMzhmYTcxODU3YWU2NTIwNjUzYTJmYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9asWNKZQcpPsrq/uqzYS+0FK+DLW
CAGxsMwfvA79dy5AcM+0qiwnCdtGuI0HaxAa30aUdE+CLGlpqcjR6cleylGypnar
L2x9D++9w9+v/6eaYOyUEff+sXPm3Ef0qYah1bqvwvbSmYNfZTNNrE2ZxzD+KyxW
4uJde/FpIYj6TnBJwfTD8tUCEQo6uzS/B/9lSKKweUZeTqbPx/JLE+hhXVtpdjt2
DWyE2TBbJNu/Cv7xYrVC9GjrJw8fvXBIPCZh0cFrTOU3DpRF9yEMyQ6yIBYcdAN8
ZtLwdWst/vxghKAfNNOLX1phJig5dU1CnoqAwbbv/0054mrW0PQfmZZsMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFoHZJGefrFjOPpxhXrmUgZTovpmMB8GA1UdIwQY
MBaAFLPV7BUW7m3BnR5cOZjLfnpkb3FaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEt
NmMzMDVhNmRiYWI5LzEvV2dka2taNS1zV000LW5HRmV1WlNCbE9pLW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEtNmMzMDVhNmRiYWI5
LzEvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLhLgAwQA
W9grAwQCuRiYAwQCuSFYMA0GCSqGSIb3DQEBCwUAA4IBAQBCadJ8ricjmgd6SZjv
tsf1+LEUehpTOISEzvLQT33//XfPiD+8/o4NsZJRLv3+j74T8psfKFtZwgU7QkTd
kMiPyguiCTK7WcNlbIZkE3GkjAJFWQqaEy3vroEWazOcOOrbd73XOdtlwJTRCjqb
WdMGX54fihDx8UuGIl8uRqP6eqUrXkZdMSYiK+gkBdLpBHvZ/zs7YaFs10VFthnS
ZIcKAMsibBtaGqM+fHiTA0uo5lFWMhKUdJvam+Vuey2Ga7D+wxFI0HBB6AfWzMFt
OY20hBn/pmGejDSR0Cgx+06eM5DBSrLOsKvndP6wt3LfwmC/9LLx1Gu2/TD1OjDp
5LXK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:18 2024 by rpki-client on console-ams.rpki-client.org