Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/wUnGRO1rZ2tBreP_ZkpFaMJdwag.roa
File: wUnGRO1rZ2tBreP_ZkpFaMJdwag.roa (raw, json)
Hash identifier: eqlkCaYl1SRIXz62XlzzPJNnMAq2BeMh+3rZOZRgWXw=
Subject key identifier: C1:49:C6:44:ED:6B:67:6B:41:AD:E3:FF:66:4A:45:68:C2:5D:C1:A8
Certificate issuer: /CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
Certificate serial: 018CC4253E828AA8A9A269B15A9D4C090253
Authority key identifier: A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/wUnGRO1rZ2tBreP_ZkpFaMJdwag.roa
Signing time: Mon 01 Jan 2024 08:30:24 +0000
ROA not before: Mon 01 Jan 2024 08:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21419
IP address blocks: 185.4.3.0/24 maxlen: 24
185.4.1.0/24 maxlen: 24
185.4.2.0/24 maxlen: 24
178.21.164.0/24 maxlen: 24
178.21.166.0/24 maxlen: 24
178.21.162.0/24 maxlen: 24
178.21.160.0/21 maxlen: 21
178.21.163.0/24 maxlen: 24
178.21.167.0/24 maxlen: 26
Validation: Failed, certificate revoked on Wed 28 Feb 2024 13:15:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3e:82:8a:a8:a9:a2:69:b1:5a:9d:4c:09:02:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
Validity
Not Before: Jan 1 08:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c149c644ed6b676b41ade3ff664a4568c25dc1a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f8:ed:2d:34:f2:94:64:2a:ec:dd:3e:7f:ee:
42:c6:ef:3a:ae:c0:b1:5a:fa:81:1a:ac:2d:73:e5:
09:11:b8:24:0d:a1:25:b3:95:5e:67:d2:73:8a:5e:
b8:a5:a7:d9:66:99:e0:bc:ae:ee:37:33:fa:a3:33:
3f:ed:75:a5:1b:3c:f3:34:94:27:9e:47:2f:fd:89:
5b:0f:29:1f:41:da:67:32:1f:dc:67:fd:fc:55:a7:
74:85:86:b7:4d:54:e9:89:d3:ef:75:6d:f6:a6:1b:
bf:77:cd:b6:16:63:d2:4a:15:74:41:10:e5:ff:b1:
9d:ea:d2:44:14:87:39:f0:d2:04:00:7c:03:6e:c7:
ba:ff:2f:76:a2:7d:10:fb:94:ed:7c:92:47:7d:8c:
6e:63:74:57:7a:f2:9f:49:97:39:ac:2e:79:72:70:
53:f9:8a:b3:2b:5c:b6:1e:a0:91:9e:90:04:f8:6e:
43:36:f3:23:c8:a9:1c:f5:7a:61:5a:ee:47:1d:fc:
99:7b:a9:5c:40:00:91:76:bc:f3:de:80:4a:4c:27:
bd:95:25:43:78:21:64:b5:80:e8:68:fe:e1:e1:cf:
a2:fd:9b:84:2f:9a:52:77:ce:7e:65:64:59:d7:eb:
de:ab:46:26:5e:a2:5e:93:68:12:e8:98:9b:eb:5a:
11:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:49:C6:44:ED:6B:67:6B:41:AD:E3:FF:66:4A:45:68:C2:5D:C1:A8
X509v3 Authority Key Identifier:
keyid:A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/wUnGRO1rZ2tBreP_ZkpFaMJdwag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/oJzYxxpuMygsBF2PiMOzeKz0G9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.160.0/21
185.4.1.0-185.4.3.255
Signature Algorithm: sha256WithRSAEncryption
57:b1:4c:fd:a5:1d:08:27:7d:70:da:bf:c5:1b:07:dc:d0:4f:
de:8b:c1:4a:e8:f3:b6:a0:ce:d5:9b:3e:22:13:95:ce:39:3e:
8e:18:aa:27:32:19:37:54:4a:62:9c:58:c7:b0:2c:10:a3:6d:
c3:99:a9:12:71:20:f3:f6:bd:42:15:bf:0f:ae:2a:20:89:2d:
59:04:d1:c5:1a:23:74:e4:02:ce:70:37:7d:42:9d:ce:37:f9:
e2:99:58:96:d3:74:c8:26:09:7d:d7:50:84:ab:64:58:02:df:
af:f1:f9:d7:a6:8b:8d:6f:94:bf:f4:3d:e0:c9:9d:de:26:08:
d1:da:34:c5:ae:2f:84:d5:14:41:8a:40:e0:d8:a8:cf:a7:d7:
08:0c:cf:b0:ab:c0:b1:35:42:7a:06:a3:eb:b2:6e:b0:ad:5c:
7c:d0:c7:05:98:3f:ce:9a:09:ce:98:5b:6f:ff:1c:95:0a:75:
b3:7b:6d:fc:9c:15:97:bd:09:75:da:6d:24:f4:b2:ed:92:85:
aa:ad:6d:36:2c:19:1e:28:6a:56:03:b2:ad:b3:01:ab:e4:0e:
c4:dc:1e:5d:b7:3d:bc:44:69:41:5d:75:9f:aa:7d:88:26:74:
55:64:74:8b:fb:0f:3f:a8:77:0f:66:df:79:44:2f:ee:d8:e3:
76:a8:51:0e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzEJT6CiqipommxWp1MCQJTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOWNkOGM3MWE2ZTMzMjgyYzA0NWQ4Zjg4YzNiMzc4YWNm
NDFiZDkwHhcNMjQwMTAxMDgzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTQ5YzY0NGVkNmI2NzZiNDFhZGUzZmY2NjRhNDU2OGMyNWRjMWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPjtLTTylGQq7N0+f+5Cxu86rsCx
WvqBGqwtc+UJEbgkDaEls5VeZ9Jzil64pafZZpngvK7uNzP6ozM/7XWlGzzzNJQn
nkcv/YlbDykfQdpnMh/cZ/38Vad0hYa3TVTpidPvdW32phu/d822FmPSShV0QRDl
/7Gd6tJEFIc58NIEAHwDbse6/y92on0Q+5TtfJJHfYxuY3RXevKfSZc5rC55cnBT
+YqzK1y2HqCRnpAE+G5DNvMjyKkc9XphWu5HHfyZe6lcQACRdrzz3oBKTCe9lSVD
eCFktYDoaP7h4c+i/ZuEL5pSd85+ZWRZ1+veq0YmXqJek2gS6Jib61oRCQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMFJxkTta2drQa3j/2ZKRWjCXcGoMB8GA1UdIwQY
MBaAFKCc2McabjMoLARdj4jDs3is9BvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0p6WXh4cHVNeWdzQkYyUGlNT3plS3owRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZDYzNzUtNDc2NS00ZTBlLTkzNjMt
NmU4ZTA3ZDY2YzliLzEvd1VuR1JPMXJaMnRCcmVQX1prcEZhTUpkd2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wZDYzNzUtNDc2NS00ZTBlLTkzNjMtNmU4ZTA3ZDY2Yzli
LzEvb0p6WXh4cHVNeWdzQkYyUGlNT3plS3owRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDshWgMAwD
BAC5BAEDBAK5BAAwDQYJKoZIhvcNAQELBQADggEBAFexTP2lHQgnfXDav8UbB9zQ
T96LwUro87agztWbPiITlc45Po4YqicyGTdUSmKcWMewLBCjbcOZqRJxIPP2vUIV
vw+uKiCJLVkE0cUaI3TkAs5wN31Cnc43+eKZWJbTdMgmCX3XUISrZFgC36/x+dem
i41vlL/0PeDJnd4mCNHaNMWuL4TVFEGKQODYqM+n1wgMz7CrwLE1QnoGo+uybrCt
XHzQxwWYP86aCc6YW2//HJUKdbN7bfycFZe9CXXabST0su2ShaqtbTYsGR4oalYD
sq2zAavkDsTcHl23PbxEaUFddZ+qfYgmdFVkdIv7Dz+odw9m33lEL+7Y43aoUQ4=
-----END CERTIFICATE-----
Generated at Wed Feb 28 17:27:43 2024 by rpki-client on console-fra.rpki-client.org