Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/w45fo_rT-Ocy4tTEsMWhufPydtM.roa
File: w45fo_rT-Ocy4tTEsMWhufPydtM.roa (raw, json)
Hash identifier: LLEAeThTSRk7h+kfYHw4BFn/ha7Fq1I/lfN8Q1jSNpI=
Subject key identifier: C3:8E:5F:A3:FA:D3:F8:E7:32:E2:D4:C4:B0:C5:A1:B9:F3:F2:76:D3
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018EC97FE968E5B22A135A632A9A9DF911DF
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/w45fo_rT-Ocy4tTEsMWhufPydtM.roa
Signing time: Wed 10 Apr 2024 19:33:07 +0000
ROA not before: Wed 10 Apr 2024 19:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 31.41.253.0/24 maxlen: 24
45.87.255.0/24 maxlen: 24
45.95.28.0/24 maxlen: 24
45.128.129.0/24 maxlen: 24
45.131.160.0/24 maxlen: 24
45.131.161.0/24 maxlen: 24
91.190.158.0/24 maxlen: 24
94.154.188.0/24 maxlen: 24
94.154.189.0/24 maxlen: 24
94.154.191.0/24 maxlen: 24
176.116.17.0/24 maxlen: 24
176.126.102.0/24 maxlen: 24
185.222.214.0/24 maxlen: 24
193.187.106.0/24 maxlen: 24
194.104.232.0/24 maxlen: 24
212.60.7.0/24 maxlen: 24
217.8.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Apr 2024 08:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c9:7f:e9:68:e5:b2:2a:13:5a:63:2a:9a:9d:f9:11:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 10 19:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c38e5fa3fad3f8e732e2d4c4b0c5a1b9f3f276d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d0:b1:c0:ce:d5:98:a1:5d:5c:e1:f1:5d:ff:
33:47:5c:39:af:e7:80:60:9a:99:8a:79:e5:3c:92:
7f:2d:83:e4:69:31:84:66:b3:19:eb:73:33:48:8f:
22:b0:14:ac:7d:57:f0:b2:08:a1:9d:5e:bf:95:4a:
b3:1c:e1:bb:fd:c6:e3:30:78:1d:ae:8e:68:5f:71:
cb:b9:03:f2:85:1d:1c:65:dd:0f:9d:c4:15:20:ee:
18:1d:e8:75:00:f4:ba:be:1d:7a:37:f3:1a:bf:da:
79:93:a0:ce:02:ba:23:4c:29:b4:48:7d:26:0a:35:
93:91:24:73:c5:4e:6e:4a:5a:83:50:0c:9d:79:27:
b5:44:bc:39:4e:b9:d2:1a:bd:b9:35:7a:5d:ec:e1:
94:75:aa:00:72:6b:cd:ec:2a:a9:ef:6f:f1:67:bc:
ce:5d:53:4d:e0:94:5d:d0:8a:df:b5:02:c4:42:fc:
67:68:a9:90:9a:00:ab:8a:52:d1:17:19:a2:94:e9:
91:cb:81:b9:69:5b:a6:fd:cd:21:90:00:4b:10:78:
fb:17:38:10:76:66:6c:8d:f9:3e:e7:05:60:42:e4:
8f:eb:73:80:a1:da:19:ea:e1:86:9b:6c:cf:b6:3f:
aa:4b:57:7c:2c:db:5f:ab:a3:b5:b9:7e:d3:a0:94:
26:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:8E:5F:A3:FA:D3:F8:E7:32:E2:D4:C4:B0:C5:A1:B9:F3:F2:76:D3
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/w45fo_rT-Ocy4tTEsMWhufPydtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.253.0/24
45.87.255.0/24
45.95.28.0/24
45.128.129.0/24
45.131.160.0/23
91.190.158.0/24
94.154.188.0/23
94.154.191.0/24
176.116.17.0/24
176.126.102.0/24
185.222.214.0/24
193.187.106.0/24
194.104.232.0/24
212.60.7.0/24
217.8.117.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:57:3c:8f:31:bc:16:ae:b4:96:30:43:e7:31:d2:fd:5b:b2:
b7:86:8e:47:9b:8a:18:1a:1e:35:46:79:a4:b3:e4:84:4e:be:
4f:43:4c:df:46:1a:36:93:60:2e:7a:bf:d1:ae:09:eb:fe:58:
25:cd:36:ce:b3:c4:00:6f:0c:90:e8:40:d0:dd:26:a3:f1:66:
a9:5e:1d:68:1d:07:1f:49:45:95:6b:f6:f1:7c:d5:56:0a:29:
5e:e5:a9:b7:ca:2c:5a:55:a0:7a:b4:13:6d:7e:30:ca:dd:5b:
d9:e7:7f:3d:e0:1a:fd:a7:cd:e1:a8:e0:df:37:9d:52:67:dd:
9e:8a:9a:52:53:98:da:d9:26:a9:2d:2a:24:2f:d8:b1:c2:a0:
1a:99:19:25:fc:f6:bc:88:f8:e3:c4:7a:ac:ef:30:9f:30:2b:
1d:7e:7c:a4:0c:df:07:24:6d:9d:a7:c3:0b:2b:73:8c:23:a1:
e5:23:44:d6:4d:25:88:4a:ee:dc:b3:5e:c3:82:9b:ec:7d:d0:
2c:da:b3:f8:fe:7d:62:b4:42:18:a8:af:9e:43:37:cd:51:0b:
1b:91:7c:c7:e8:5a:31:f8:c4:cb:52:bc:e1:17:6b:14:22:1b:
0e:06:f9:7c:34:73:39:f1:0c:0d:c0:68:3e:3e:4d:bd:95:81:
e0:84:60:61
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY7Jf+lo5bIqE1pjKpqd+RHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDEwMTkzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzhlNWZhM2ZhZDNmOGU3MzJlMmQ0YzRiMGM1YTFiOWYzZjI3NmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNCxwM7VmKFdXOHxXf8zR1w5r+eA
YJqZinnlPJJ/LYPkaTGEZrMZ63MzSI8isBSsfVfwsgihnV6/lUqzHOG7/cbjMHgd
ro5oX3HLuQPyhR0cZd0PncQVIO4YHeh1APS6vh16N/Mav9p5k6DOArojTCm0SH0m
CjWTkSRzxU5uSlqDUAydeSe1RLw5TrnSGr25NXpd7OGUdaoAcmvN7Cqp72/xZ7zO
XVNN4JRd0IrftQLEQvxnaKmQmgCrilLRFxmilOmRy4G5aVum/c0hkABLEHj7FzgQ
dmZsjfk+5wVgQuSP63OAodoZ6uGGm2zPtj+qS1d8LNtfq6O1uX7ToJQm5wIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFMOOX6P60/jnMuLUxLDFobnz8nbTMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvdzQ1Zm9fclQtT2N5NHRURXNNV2h1ZlB5ZHRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAHyn9AwQA
LVf/AwQALV8cAwQALYCBAwQBLYOgAwQAW76eAwQBXpq8AwQAXpq/AwQAsHQRAwQA
sH5mAwQAud7WAwQAwbtqAwQAwmjoAwQA1DwHAwQA2Qh1MA0GCSqGSIb3DQEBCwUA
A4IBAQBOVzyPMbwWrrSWMEPnMdL9W7K3ho5Hm4oYGh41Rnmks+SETr5PQ0zfRho2
k2Auer/Rrgnr/lglzTbOs8QAbwyQ6EDQ3Saj8WapXh1oHQcfSUWVa/bxfNVWCile
5am3yixaVaB6tBNtfjDK3VvZ53894Br9p83hqODfN51SZ92eippSU5ja2SapLSok
L9ixwqAamRkl/Pa8iPjjxHqs7zCfMCsdfnykDN8HJG2dp8MLK3OMI6HlI0TWTSWI
Su7cs17DgpvsfdAs2rP4/n1itEIYqK+eQzfNUQsbkXzH6Fox+MTLUrzhF2sUIhsO
Bvl8NHM58QwNwGg+Pk29lYHghGBh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:08 2024 by rpki-client on console-fra.rpki-client.org