Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/15b16a-f76b-41a4-88bc-91cf616d2c52/1/99wxT_MidKPr-UiH_Dp3R2gFFAI.roa
File: 99wxT_MidKPr-UiH_Dp3R2gFFAI.roa (raw, json)
Hash identifier: Dv/tLp1hvtDSdyQtLB8vgVD5LpVypevuV3sSXAagtfA=
Subject key identifier: F7:DC:31:4F:F3:22:74:A3:EB:F9:48:87:FC:3A:77:47:68:05:14:02
Certificate issuer: /CN=4044fd1980ba01788a353a26fef8954ed7c11f96
Certificate serial: 01856BEEC5A7B3390C90941E331806540821
Authority key identifier: 40:44:FD:19:80:BA:01:78:8A:35:3A:26:FE:F8:95:4E:D7:C1:1F:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QET9GYC6AXiKNTom_viVTtfBH5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/15b16a-f76b-41a4-88bc-91cf616d2c52/1/99wxT_MidKPr-UiH_Dp3R2gFFAI.roa
Signing time: Sun 01 Jan 2023 06:04:48 +0000
ROA not before: Sun 01 Jan 2023 06:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62365
IP address blocks: 139.28.0.0/22 maxlen: 22
185.38.48.0/22 maxlen: 22
155.133.200.0/21 maxlen: 21
155.133.208.0/20 maxlen: 20
141.98.144.0/22 maxlen: 22
185.202.180.0/22 maxlen: 22
80.249.116.0/22 maxlen: 22
2a00:fda0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:c5:a7:b3:39:0c:90:94:1e:33:18:06:54:08:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4044fd1980ba01788a353a26fef8954ed7c11f96
Validity
Not Before: Jan 1 06:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7dc314ff32274a3ebf94887fc3a774768051402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:23:66:bd:a9:af:f3:fe:7c:dc:bb:35:10:82:
e1:9c:06:98:ea:0c:35:0e:c1:a0:81:89:78:40:76:
64:95:aa:9a:66:80:f5:2a:b5:a0:76:4e:2f:cf:a1:
10:97:d8:cb:27:93:f9:e9:0d:f8:3d:c3:14:c5:99:
3b:66:a8:a2:82:b1:be:68:79:f0:7e:ed:2f:7a:7d:
ac:a1:10:1a:c5:f8:03:89:17:f6:d2:ab:ec:5d:04:
65:6e:d7:b0:0f:b3:dd:8d:f5:7a:35:07:82:4c:ef:
44:b3:49:af:8a:03:d0:9f:2d:2b:a3:c1:51:5e:d7:
e0:b3:84:70:9a:43:f2:73:f0:e7:bb:72:00:98:65:
ed:a3:c8:74:94:bf:21:51:a5:eb:4d:50:47:d7:e6:
75:99:f6:99:45:40:a2:1b:26:ed:d9:7f:6f:a4:15:
cb:8d:ac:bd:b9:bd:64:22:10:f3:bb:e1:d9:68:f3:
62:fe:e2:68:af:aa:6e:08:19:06:54:8b:97:12:d3:
14:e4:61:35:92:f3:de:78:6d:02:46:d8:63:a0:d5:
ff:8d:60:d2:36:03:91:f9:69:03:68:2c:54:58:0a:
ba:35:d5:2c:e8:8e:29:72:6e:a9:04:c1:18:d1:2b:
b2:e0:7d:48:fc:a4:9b:da:8d:89:f2:93:04:68:39:
fe:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:DC:31:4F:F3:22:74:A3:EB:F9:48:87:FC:3A:77:47:68:05:14:02
X509v3 Authority Key Identifier:
keyid:40:44:FD:19:80:BA:01:78:8A:35:3A:26:FE:F8:95:4E:D7:C1:1F:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QET9GYC6AXiKNTom_viVTtfBH5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/15b16a-f76b-41a4-88bc-91cf616d2c52/1/99wxT_MidKPr-UiH_Dp3R2gFFAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/15b16a-f76b-41a4-88bc-91cf616d2c52/1/QET9GYC6AXiKNTom_viVTtfBH5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.116.0/22
139.28.0.0/22
141.98.144.0/22
155.133.200.0-155.133.223.255
185.38.48.0/22
185.202.180.0/22
IPv6:
2a00:fda0::/32
Signature Algorithm: sha256WithRSAEncryption
82:15:b2:2b:fd:80:cb:f2:a8:78:93:48:42:40:5b:10:bd:16:
ba:71:c6:81:83:99:25:41:a6:6f:f1:30:8d:ba:10:a0:8c:a9:
a7:fa:29:52:3a:3a:50:57:bb:c6:9a:9e:33:17:7a:21:3c:88:
b8:57:eb:2a:ae:dd:51:d3:20:b0:00:6b:d6:25:44:ca:38:38:
2e:ef:5a:f8:08:bd:e4:bd:bd:cd:eb:e8:01:18:f4:ee:e8:d1:
88:58:a8:3d:28:a0:65:d7:b7:3e:1e:37:dd:e5:aa:d4:d4:29:
02:83:4a:b7:aa:d2:be:25:62:de:db:10:79:cd:6c:b3:82:77:
3b:a7:44:5d:f6:2f:9a:a6:b2:d7:a3:ba:4f:1b:12:d5:63:9a:
4a:17:e3:89:4e:59:2c:c9:c9:5f:94:60:9c:53:d5:e2:37:12:
b0:24:ec:f2:af:cb:b3:58:4e:1b:6f:d1:ab:40:04:dd:f8:6c:
e6:54:cd:cd:9e:3f:62:e7:db:32:59:57:9b:82:09:58:f1:47:
a5:e9:af:5e:8e:38:e6:2b:e4:e4:60:21:8d:eb:94:b9:e6:05:
8d:db:6f:35:dc:86:4b:be:cd:47:3b:08:8e:fc:ae:ed:23:4e:
53:db:b4:0b:9b:bd:7d:c0:8e:48:05:79:25:0a:80:c6:0b:03:
6e:e6:9b:24
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYVr7sWnszkMkJQeMxgGVAghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDRmZDE5ODBiYTAxNzg4YTM1M2EyNmZlZjg5NTRlZDdj
MTFmOTYwHhcNMjMwMTAxMDYwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2RjMzE0ZmYzMjI3NGEzZWJmOTQ4ODdmYzNhNzc0NzY4MDUxNDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCNmvamv8/583Ls1EILhnAaY6gw1
DsGggYl4QHZklaqaZoD1KrWgdk4vz6EQl9jLJ5P56Q34PcMUxZk7ZqiigrG+aHnw
fu0ven2soRAaxfgDiRf20qvsXQRlbtewD7PdjfV6NQeCTO9Es0mvigPQny0ro8FR
Xtfgs4RwmkPyc/Dnu3IAmGXto8h0lL8hUaXrTVBH1+Z1mfaZRUCiGybt2X9vpBXL
jay9ub1kIhDzu+HZaPNi/uJor6puCBkGVIuXEtMU5GE1kvPeeG0CRthjoNX/jWDS
NgOR+WkDaCxUWAq6NdUs6I4pcm6pBMEY0Suy4H1I/KSb2o2J8pMEaDn+hwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFPfcMU/zInSj6/lIh/w6d0doBRQCMB8GA1UdIwQY
MBaAFEBE/RmAugF4ijU6Jv74lU7XwR+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVUOUdZQzZBWGlLTlRvbV92aVZUdGZCSDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNWIxNmEtZjc2Yi00MWE0LTg4YmMt
OTFjZjYxNmQyYzUyLzEvOTl3eFRfTWlkS1ByLVVpSF9EcDNSMmdGRkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNWIxNmEtZjc2Yi00MWE0LTg4YmMtOTFjZjYxNmQyYzUy
LzEvUUVUOUdZQzZBWGlLTlRvbV92aVZUdGZCSDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQCUPl0AwQC
ixwAAwQCjWKQMAwDBAObhcgDBAWbhcADBAK5JjADBAK5yrQwDQQCAAIwBwMFACoA
/aAwDQYJKoZIhvcNAQELBQADggEBAIIVsiv9gMvyqHiTSEJAWxC9FrpxxoGDmSVB
pm/xMI26EKCMqaf6KVI6OlBXu8aanjMXeiE8iLhX6yqu3VHTILAAa9YlRMo4OC7v
WvgIveS9vc3r6AEY9O7o0YhYqD0ooGXXtz4eN93lqtTUKQKDSreq0r4lYt7bEHnN
bLOCdzunRF32L5qmstejuk8bEtVjmkoX44lOWSzJyV+UYJxT1eI3ErAk7PKvy7NY
Thtv0atABN34bOZUzc2eP2Ln2zJZV5uCCVjxR6Xpr16OOOYr5ORgIY3rlLnmBY3b
bzXchku+zUc7CI78ru0jTlPbtAubvX3AjkgFeSUKgMYLA27mmyQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:17 2024 by rpki-client on console-fra.rpki-client.org