Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/wbD4-ymV2Kd725lx0OKfdiwLoxE.roa
File: wbD4-ymV2Kd725lx0OKfdiwLoxE.roa (raw, json)
Hash identifier: Ne72RcjZaNrEf9LtphKbg5VcSwTGlRoCk11txbm7Gm8=
Subject key identifier: C1:B0:F8:FB:29:95:D8:A7:7B:DB:99:71:D0:E2:9F:76:2C:0B:A3:11
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01856ED4CD1923BFB90CEA828BBDEC805D23
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/wbD4-ymV2Kd725lx0OKfdiwLoxE.roa
Signing time: Sun 01 Jan 2023 19:35:17 +0000
ROA not before: Sun 01 Jan 2023 19:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.28.51.0/24 maxlen: 24
185.231.186.0/24 maxlen: 24
185.231.187.0/24 maxlen: 24
31.15.7.0/24 maxlen: 24
31.15.6.0/24 maxlen: 24
31.15.5.0/24 maxlen: 24
89.190.152.0/24 maxlen: 24
89.190.152.0/22 maxlen: 22
185.225.246.0/24 maxlen: 24
185.225.245.0/24 maxlen: 24
185.225.244.0/22 maxlen: 22
185.225.244.0/24 maxlen: 24
89.190.154.0/24 maxlen: 24
89.190.153.0/24 maxlen: 24
89.190.155.0/24 maxlen: 24
185.225.247.0/24 maxlen: 24
185.246.15.0/24 maxlen: 24
185.246.14.0/24 maxlen: 24
185.246.13.0/24 maxlen: 24
185.246.12.0/24 maxlen: 24
185.244.231.0/24 maxlen: 24
185.244.230.0/24 maxlen: 24
185.244.229.0/24 maxlen: 24
185.244.228.0/24 maxlen: 24
80.66.122.0/24 maxlen: 24
194.32.112.0/22 maxlen: 22
194.32.112.0/24 maxlen: 24
194.32.115.0/24 maxlen: 24
194.32.114.0/24 maxlen: 24
194.32.113.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:cd:19:23:bf:b9:0c:ea:82:8b:bd:ec:80:5d:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 19:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1b0f8fb2995d8a77bdb9971d0e29f762c0ba311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d1:0d:05:7b:55:7c:ba:22:80:48:ae:0c:e0:
ee:67:9d:40:18:5d:10:0a:85:90:e5:5a:f3:9a:0b:
9e:2e:26:75:a8:08:aa:7d:a8:91:7e:bf:98:33:31:
12:69:fb:c0:b6:fd:e1:87:27:05:38:42:72:96:e7:
bc:19:96:f0:5b:5e:26:2c:a6:f6:79:72:55:f3:4a:
4d:dc:85:4c:eb:3e:fa:73:9e:b6:eb:ff:9c:8b:72:
08:43:cd:7a:8e:96:5a:1f:0f:8b:3e:dd:ff:7f:c3:
49:4c:d9:19:94:a1:36:1a:9d:38:35:65:46:f6:05:
e1:70:ff:6a:e9:93:4d:80:22:13:cf:1b:90:4c:66:
e1:76:2c:c5:b0:c8:70:90:62:c3:9f:ae:66:9b:d0:
ea:16:fa:b9:a2:d2:3a:e1:55:a1:86:54:cc:c0:83:
70:36:1c:82:a8:77:b0:36:bc:80:9f:8d:b6:27:c1:
43:b0:ea:7c:67:26:4c:8a:dd:6a:94:66:00:41:e5:
b6:49:12:a5:44:cf:b1:b4:fc:08:0a:e5:3f:80:86:
cc:da:cf:c0:6e:3f:f7:c8:7b:da:70:1a:11:37:74:
8d:47:69:af:28:a4:99:8c:ad:40:75:dc:d8:f5:0d:
0c:27:f9:64:ee:93:43:54:84:3f:ae:8a:d1:dc:0c:
1d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:B0:F8:FB:29:95:D8:A7:7B:DB:99:71:D0:E2:9F:76:2C:0B:A3:11
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/wbD4-ymV2Kd725lx0OKfdiwLoxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.5.0-31.15.7.255
80.66.122.0/24
89.190.152.0/22
185.28.51.0/24
185.225.244.0/22
185.231.186.0/23
185.244.228.0/22
185.246.12.0/22
194.32.112.0/22
Signature Algorithm: sha256WithRSAEncryption
27:92:e4:03:36:60:b3:8f:86:d8:4a:71:00:6c:70:7b:36:b0:
86:ca:eb:b8:d3:e9:74:db:62:d8:0a:9f:a1:07:f3:82:b2:fe:
ba:4a:a6:ad:31:52:2f:cf:1f:bc:8f:52:8c:e8:a8:91:4f:a0:
e0:70:29:c9:56:f7:f6:3b:3b:26:66:2c:77:18:53:84:c2:14:
e3:90:b7:0a:bb:32:70:21:0d:a9:74:3f:50:53:a1:59:42:9c:
e4:c6:c8:a9:e4:e5:d2:9b:8b:f0:c0:b4:3e:0c:e1:f2:6e:23:
09:bd:f4:6d:86:71:2d:4c:bc:2f:88:3d:7e:29:5e:b9:c0:5f:
63:7b:04:4c:b6:92:9b:04:fd:6a:14:96:fc:0e:6a:d5:b4:6e:
64:6d:2a:99:41:9e:ea:00:31:cf:02:9a:73:43:50:fb:87:91:
f9:16:70:8d:55:f8:0b:d7:04:e3:01:c5:4d:55:22:9f:20:7d:
4c:a5:ae:e4:a1:f4:34:15:2b:9e:e7:da:00:ab:db:e0:ac:c9:
be:82:9e:89:33:31:6f:54:54:c6:27:67:9b:dd:e1:c6:da:ad:
31:7a:ec:8f:69:99:a3:5f:9a:b2:11:f7:6e:46:0b:37:36:c2:
4f:9d:38:86:0f:cc:45:d5:d9:68:27:75:5a:c4:b0:d8:fd:ab:
63:88:bd:77
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYVu1M0ZI7+5DOqCi73sgF0jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWIwZjhmYjI5OTVkOGE3N2JkYjk5NzFkMGUyOWY3NjJjMGJhMzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotENBXtVfLoigEiuDODuZ51AGF0Q
CoWQ5VrzmgueLiZ1qAiqfaiRfr+YMzESafvAtv3hhycFOEJylue8GZbwW14mLKb2
eXJV80pN3IVM6z76c5626/+ci3IIQ816jpZaHw+LPt3/f8NJTNkZlKE2Gp04NWVG
9gXhcP9q6ZNNgCITzxuQTGbhdizFsMhwkGLDn65mm9DqFvq5otI64VWhhlTMwINw
NhyCqHewNryAn422J8FDsOp8ZyZMit1qlGYAQeW2SRKlRM+xtPwICuU/gIbM2s/A
bj/3yHvacBoRN3SNR2mvKKSZjK1AddzY9Q0MJ/lk7pNDVIQ/rorR3AwdwwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFMGw+Pspldine9uZcdDin3YsC6MRMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvd2JENC15bVYyS2Q3MjVseDBPS2ZkaXdMb3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBAAfDwUD
BAMfDwADBABQQnoDBAJZvpgDBAC5HDMDBAK54fQDBAG557oDBAK59OQDBAK59gwD
BALCIHAwDQYJKoZIhvcNAQELBQADggEBACeS5AM2YLOPhthKcQBscHs2sIbK67jT
6XTbYtgKn6EH84Ky/rpKpq0xUi/PH7yPUozoqJFPoOBwKclW9/Y7OyZmLHcYU4TC
FOOQtwq7MnAhDal0P1BToVlCnOTGyKnk5dKbi/DAtD4M4fJuIwm99G2GcS1MvC+I
PX4pXrnAX2N7BEy2kpsE/WoUlvwOatW0bmRtKplBnuoAMc8CmnNDUPuHkfkWcI1V
+AvXBOMBxU1VIp8gfUylruSh9DQVK57n2gCr2+Csyb6CnokzMW9UVMYnZ5vd4cba
rTF67I9pmaNfmrIR925GCzc2wk+dOIYPzEXV2WgndVrEsNj9q2OIvXc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:54 2023 by rpki-client on console-fra.rpki-client.org