Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/wqrVeWoOYcOu5vGgnGIX-af6ky8.roa
File: wqrVeWoOYcOu5vGgnGIX-af6ky8.roa (raw, json)
Hash identifier: LsjODU6QgR0v0uut+umbZGOxLKoUefoEhbj6ENyFBq0=
Subject key identifier: C2:AA:D5:79:6A:0E:61:C3:AE:E6:F1:A0:9C:62:17:F9:A7:FA:93:2F
Certificate issuer: /CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
Certificate serial: 018CC94D6B33CA696217EFEEF35F678DE84F
Authority key identifier: 54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/wqrVeWoOYcOu5vGgnGIX-af6ky8.roa
Signing time: Tue 02 Jan 2024 08:32:23 +0000
ROA not before: Tue 02 Jan 2024 08:32:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49544
IP address blocks: 185.189.181.0/24 maxlen: 24
185.189.180.0/24 maxlen: 24
185.189.183.0/24 maxlen: 24
185.189.182.0/24 maxlen: 24
2a0b:f380:3e8::/48 maxlen: 48
2a0b:f380::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 12 Jan 2024 10:54:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:6b:33:ca:69:62:17:ef:ee:f3:5f:67:8d:e8:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
Validity
Not Before: Jan 2 08:32:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2aad5796a0e61c3aee6f1a09c6217f9a7fa932f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ab:8c:f6:65:4e:2f:6b:0d:bc:a4:8b:61:c6:
a8:f4:49:15:3d:ff:51:96:f2:81:da:6b:fa:61:60:
38:d0:37:d5:6f:09:01:e2:92:72:21:ef:6e:a8:a1:
23:ee:f4:5d:a6:17:f0:06:bf:89:21:38:76:08:6d:
99:fe:47:b0:2c:57:6c:1e:f0:fc:97:d3:82:c7:9d:
ea:cb:85:8f:9c:3b:b5:d6:4d:f1:6f:a2:0a:ee:00:
a5:67:b8:27:d2:cf:c6:73:53:43:ed:63:01:ce:41:
87:04:4b:1e:0f:4d:10:ff:1b:5f:22:c1:d2:7a:ef:
69:5a:14:29:6e:c4:2b:bb:f5:67:b0:5c:47:dc:30:
2a:c6:e6:83:7e:fe:33:61:f5:b5:3d:60:c4:21:2e:
7a:98:d1:3c:c8:64:ef:10:90:28:47:a7:40:c1:36:
b9:63:7a:7a:2f:2b:cd:cf:54:ff:92:95:3d:6c:a9:
24:4e:ed:40:a1:18:5c:00:e7:70:e6:d8:1d:a4:b0:
e6:a5:f5:cb:65:fb:93:f6:09:53:29:ab:40:c8:3d:
c8:8f:0b:21:61:89:ea:21:75:65:90:76:7a:ba:4b:
d0:9a:80:10:52:c2:c9:a1:5f:2b:82:67:9a:17:ab:
fc:f9:91:46:fd:38:46:a4:05:0d:96:ea:91:a2:ac:
06:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:AA:D5:79:6A:0E:61:C3:AE:E6:F1:A0:9C:62:17:F9:A7:FA:93:2F
X509v3 Authority Key Identifier:
keyid:54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/wqrVeWoOYcOu5vGgnGIX-af6ky8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/VAPl-EBdYIW430v84d2bs-eMIZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.180.0/22
IPv6:
2a0b:f380::/48
2a0b:f380:3e8::/48
Signature Algorithm: sha256WithRSAEncryption
32:63:71:93:97:6b:c6:96:1a:cd:3d:64:a0:22:a9:82:75:9a:
2a:11:47:75:50:db:96:df:60:0f:c1:cb:d7:c3:58:5d:c1:e6:
e3:e2:53:16:a8:3f:24:8b:d7:6a:21:ba:2c:5c:2a:82:da:02:
94:75:e1:7a:d0:11:17:ae:e9:f3:b1:c4:f9:d4:d9:68:12:2f:
c4:b1:5f:8d:87:e8:fd:c6:ea:f4:95:1e:0a:c5:f2:9b:45:f6:
9e:f0:d4:4c:7c:43:f7:0b:d1:20:f6:f9:fe:ea:24:31:87:ff:
cf:a9:a5:20:b1:45:11:c6:f5:11:e9:ea:3a:3f:82:ec:12:6c:
6b:a5:ea:b4:b6:08:b2:66:e3:23:00:e4:09:9e:8b:39:98:0e:
24:b9:99:2b:8f:a8:24:3f:a4:8c:2f:fd:90:6e:91:4c:d5:66:
8f:fb:56:a8:74:f1:b9:6f:7a:03:be:ee:dc:a5:32:da:da:cf:
e3:d8:6b:7b:ac:8f:95:6b:7d:b0:b2:c0:93:c6:7f:86:82:d8:
2f:88:c9:38:9b:06:e6:ba:9a:6a:cd:f6:fd:1c:3f:d1:82:d2:
2a:c4:85:48:48:74:84:90:4b:fb:b0:08:1b:49:60:03:e8:dc:
3f:0c:d9:de:33:f6:03:e5:75:f2:6d:a2:68:92:9b:7b:8a:bf:
a1:99:29:29
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzJTWszymliF+/u819njehPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MDNlNWY4NDA1ZDYwODViOGRmNGJmY2UxZGQ5YmIzZTc4
YzIxOTkwHhcNMjQwMTAyMDgzMjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmFhZDU3OTZhMGU2MWMzYWVlNmYxYTA5YzYyMTdmOWE3ZmE5MzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KuM9mVOL2sNvKSLYcao9EkVPf9R
lvKB2mv6YWA40DfVbwkB4pJyIe9uqKEj7vRdphfwBr+JITh2CG2Z/kewLFdsHvD8
l9OCx53qy4WPnDu11k3xb6IK7gClZ7gn0s/Gc1ND7WMBzkGHBEseD00Q/xtfIsHS
eu9pWhQpbsQru/VnsFxH3DAqxuaDfv4zYfW1PWDEIS56mNE8yGTvEJAoR6dAwTa5
Y3p6LyvNz1T/kpU9bKkkTu1AoRhcAOdw5tgdpLDmpfXLZfuT9glTKatAyD3Ijwsh
YYnqIXVlkHZ6ukvQmoAQUsLJoV8rgmeaF6v8+ZFG/ThGpAUNluqRoqwGBQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMKq1XlqDmHDrubxoJxiF/mn+pMvMB8GA1UdIwQY
MBaAFFQD5fhAXWCFuN9L/OHdm7PnjCGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkFQbC1FQmRZSVc0MzB2ODRkMmJzLWVNSVprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hZWU4ZDktMjFlZC00ZGI3LWJkNzAt
MTVhNDJhYzllZmE4LzEvd3FyVmVXb09ZY091NXZHZ25HSVgtYWY2a3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hZWU4ZDktMjFlZC00ZGI3LWJkNzAtMTVhNDJhYzllZmE4
LzEvVkFQbC1FQmRZSVc0MzB2ODRkMmJzLWVNSVprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCub20MBgE
AgACMBIDBwAqC/OAAAADBwAqC/OAA+gwDQYJKoZIhvcNAQELBQADggEBADJjcZOX
a8aWGs09ZKAiqYJ1mioRR3VQ25bfYA/By9fDWF3B5uPiUxaoPySL12ohuixcKoLa
ApR14XrQEReu6fOxxPnU2WgSL8SxX42H6P3G6vSVHgrF8ptF9p7w1Ex8Q/cL0SD2
+f7qJDGH/8+ppSCxRRHG9RHp6jo/guwSbGul6rS2CLJm4yMA5AmeizmYDiS5mSuP
qCQ/pIwv/ZBukUzVZo/7Vqh08blvegO+7tylMtraz+PYa3usj5VrfbCywJPGf4aC
2C+IyTibBua6mmrN9v0cP9GC0irEhUhIdISQS/uwCBtJYAPo3D8M2d4z9gPldfJt
omiSm3uKv6GZKSk=
-----END CERTIFICATE-----
Generated at Fri Jan 12 14:08:53 2024 by rpki-client on console-fra.rpki-client.org