Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/74bf41-d6a7-4fb5-801c-33cc3adb1e78/1/wmQ4stPvxL-Rx9bNCPCrO00dXUY.roa
File: wmQ4stPvxL-Rx9bNCPCrO00dXUY.roa (raw, json)
Hash identifier: PB0f+NZ/wAtQkxyUJvB62TWRlDgP2kRQzCSlRvfwS6w=
Subject key identifier: C2:64:38:B2:D3:EF:C4:BF:91:C7:D6:CD:08:F0:AB:3B:4D:1D:5D:46
Certificate issuer: /CN=61e6ea83926bc478c785471d805a5c1210a8c993
Certificate serial: 018CC3B71F9812F8C5A42DC79AFE628D7F7A
Authority key identifier: 61:E6:EA:83:92:6B:C4:78:C7:85:47:1D:80:5A:5C:12:10:A8:C9:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yebqg5JrxHjHhUcdgFpcEhCoyZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/74bf41-d6a7-4fb5-801c-33cc3adb1e78/1/wmQ4stPvxL-Rx9bNCPCrO00dXUY.roa
Signing time: Mon 01 Jan 2024 06:30:07 +0000
ROA not before: Mon 01 Jan 2024 06:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57460
IP address blocks: 195.238.112.0/22 maxlen: 22
195.238.112.0/24 maxlen: 24
195.238.115.0/24 maxlen: 24
195.238.113.0/24 maxlen: 24
195.238.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 11:51:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:1f:98:12:f8:c5:a4:2d:c7:9a:fe:62:8d:7f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61e6ea83926bc478c785471d805a5c1210a8c993
Validity
Not Before: Jan 1 06:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c26438b2d3efc4bf91c7d6cd08f0ab3b4d1d5d46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7a:b2:3c:ef:50:77:cc:24:93:01:81:b0:a0:
73:37:c4:bb:79:f9:83:99:7a:2f:a9:e2:19:43:35:
12:81:f0:d4:01:f6:c6:19:d3:da:5b:b8:21:ef:5e:
32:07:53:fc:51:66:5d:4b:78:93:9e:ad:5c:ca:9b:
1b:45:ce:7b:1d:6b:5c:e4:29:0f:9b:45:83:91:ca:
bc:26:4f:c9:33:8f:1c:13:9e:79:06:d8:bd:a3:3d:
4e:d6:a6:d0:7a:fb:08:5c:23:cd:f3:95:e3:64:bf:
96:0c:48:d9:36:b0:fc:3f:94:d1:af:65:18:90:62:
ab:f4:93:3b:71:6f:2a:c2:f7:c0:af:9a:e5:20:59:
18:6b:36:b5:07:20:26:3c:a6:71:58:87:c2:34:c6:
a7:bd:14:48:93:af:f3:31:05:e2:8d:bb:e3:75:aa:
30:09:05:8d:aa:b8:f3:0c:b7:60:38:f1:24:6c:9d:
fc:d4:54:be:53:e7:a7:05:02:01:28:ba:a9:94:a4:
e3:81:1c:dd:db:fb:f0:b1:96:ff:ff:70:98:13:77:
f6:7e:9a:e4:37:65:6a:9d:58:34:db:25:6c:78:20:
05:5c:92:98:0d:36:0a:ef:04:75:2e:9d:c3:0d:9f:
6a:d0:ae:5e:a2:b7:f9:44:b1:f9:49:2e:ac:65:17:
60:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:64:38:B2:D3:EF:C4:BF:91:C7:D6:CD:08:F0:AB:3B:4D:1D:5D:46
X509v3 Authority Key Identifier:
keyid:61:E6:EA:83:92:6B:C4:78:C7:85:47:1D:80:5A:5C:12:10:A8:C9:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yebqg5JrxHjHhUcdgFpcEhCoyZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/74bf41-d6a7-4fb5-801c-33cc3adb1e78/1/wmQ4stPvxL-Rx9bNCPCrO00dXUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/74bf41-d6a7-4fb5-801c-33cc3adb1e78/1/Yebqg5JrxHjHhUcdgFpcEhCoyZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.112.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:b0:d0:43:ec:cb:60:79:46:ab:16:c9:27:9d:0c:b7:b7:29:
27:86:a5:ef:cc:f6:b1:00:03:e4:3e:9a:e2:e1:e6:73:0e:1b:
86:8e:88:71:d5:fc:fc:ce:93:a6:cc:5c:f3:13:3d:e8:70:52:
ec:60:51:fa:3b:1f:63:1f:31:74:e1:14:af:0d:86:e0:da:55:
90:81:46:cf:bf:f9:87:08:b0:f5:db:b9:60:02:5c:88:60:6e:
b7:19:0c:90:d9:c4:5a:dc:5c:52:46:a7:24:7d:a6:5a:34:99:
d3:95:fe:87:3e:1b:b9:a7:33:0d:e5:79:e6:f7:f0:82:c0:47:
87:be:96:81:ec:9e:5d:7a:13:ab:ef:25:59:13:74:94:ad:1f:
8d:a2:91:44:e4:22:4a:62:8f:b6:13:5d:41:07:1f:5c:bd:c3:
ce:be:14:cc:41:a5:f9:2c:a1:39:a3:df:4a:38:09:cf:9d:93:
6a:5d:f6:59:8c:23:c5:31:0e:48:9e:55:bf:61:cd:f5:5c:c2:
6d:c0:51:f9:4a:8e:72:55:39:3c:ad:8f:5a:cc:4d:c7:4f:e3:
e3:1a:45:fc:af:7b:52:31:a9:09:0b:31:26:54:a9:03:ca:51:
2e:85:81:ba:25:3e:39:bf:67:c8:53:71:67:3e:87:30:1e:14:
ef:66:65:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtx+YEvjFpC3Hmv5ijX96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZTZlYTgzOTI2YmM0NzhjNzg1NDcxZDgwNWE1YzEyMTBh
OGM5OTMwHhcNMjQwMTAxMDYzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjY0MzhiMmQzZWZjNGJmOTFjN2Q2Y2QwOGYwYWIzYjRkMWQ1ZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinqyPO9Qd8wkkwGBsKBzN8S7efmD
mXovqeIZQzUSgfDUAfbGGdPaW7gh714yB1P8UWZdS3iTnq1cypsbRc57HWtc5CkP
m0WDkcq8Jk/JM48cE555Bti9oz1O1qbQevsIXCPN85XjZL+WDEjZNrD8P5TRr2UY
kGKr9JM7cW8qwvfAr5rlIFkYaza1ByAmPKZxWIfCNManvRRIk6/zMQXijbvjdaow
CQWNqrjzDLdgOPEkbJ381FS+U+enBQIBKLqplKTjgRzd2/vwsZb//3CYE3f2fprk
N2VqnVg02yVseCAFXJKYDTYK7wR1Lp3DDZ9q0K5eorf5RLH5SS6sZRdgQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMJkOLLT78S/kcfWzQjwqztNHV1GMB8GA1UdIwQY
MBaAFGHm6oOSa8R4x4VHHYBaXBIQqMmTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWVicWc1SnJ4SGpIaFVjZGdGcGNFaENveVpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83NGJmNDEtZDZhNy00ZmI1LTgwMWMt
MzNjYzNhZGIxZTc4LzEvd21RNHN0UHZ4TC1SeDliTkNQQ3JPMDBkWFVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83NGJmNDEtZDZhNy00ZmI1LTgwMWMtMzNjYzNhZGIxZTc4
LzEvWWVicWc1SnJ4SGpIaFVjZGdGcGNFaENveVpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw+5wMA0G
CSqGSIb3DQEBCwUAA4IBAQBasNBD7MtgeUarFsknnQy3tyknhqXvzPaxAAPkPpri
4eZzDhuGjohx1fz8zpOmzFzzEz3ocFLsYFH6Ox9jHzF04RSvDYbg2lWQgUbPv/mH
CLD127lgAlyIYG63GQyQ2cRa3FxSRqckfaZaNJnTlf6HPhu5pzMN5Xnm9/CCwEeH
vpaB7J5dehOr7yVZE3SUrR+NopFE5CJKYo+2E11BBx9cvcPOvhTMQaX5LKE5o99K
OAnPnZNqXfZZjCPFMQ5InlW/Yc31XMJtwFH5So5yVTk8rY9azE3HT+PjGkX8r3tS
MakJCzEmVKkDylEuhYG6JT45v2fIU3FnPocwHhTvZmUR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:26 2025 by rpki-client