Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/WntD_8sK4p4ZaOwNQ6DpmP7BGSc.roa
File: WntD_8sK4p4ZaOwNQ6DpmP7BGSc.roa (raw, json)
Hash identifier: JN5ogebc011w9mmJM8JXuHW1wTGUAasH0FDBpjazCSM=
Subject key identifier: 5A:7B:43:FF:CB:0A:E2:9E:19:68:EC:0D:43:A0:E9:98:FE:C1:19:27
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB842E092AE508BF15BA65F89A1ABAE
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/WntD_8sK4p4ZaOwNQ6DpmP7BGSc.roa
Signing time: Sun 01 Jan 2023 09:44:53 +0000
ROA not before: Sun 01 Jan 2023 09:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24600
IP address blocks: 193.252.117.0/24 maxlen: 24
193.252.118.0/24 maxlen: 24
193.252.123.0/24 maxlen: 24
193.252.121.0/24 maxlen: 24
193.252.122.0/24 maxlen: 24
2a01:c9c0:b0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:42:e0:92:ae:50:8b:f1:5b:a6:5f:89:a1:ab:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a7b43ffcb0ae29e1968ec0d43a0e998fec11927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b9:29:38:15:94:49:f8:36:be:03:8f:48:42:
66:4a:92:2d:55:40:23:f7:bc:89:fa:0f:f3:29:b3:
df:f2:5e:21:24:31:0a:b2:58:b9:84:33:a5:f9:ad:
41:2e:43:28:e1:9b:70:9e:85:d4:84:16:a1:dc:7d:
49:c9:37:3c:0f:f8:0e:d2:27:a4:fa:11:a4:b6:9a:
a1:c1:03:f5:54:bd:b8:1f:b0:cc:2b:1b:41:9c:24:
eb:86:70:ac:37:1d:33:a6:8d:e9:00:0b:dd:3d:d3:
71:ad:56:15:50:52:de:c6:df:43:f0:76:14:e9:be:
24:bc:55:e5:46:2e:13:a1:ec:45:30:63:85:16:93:
04:3d:a6:0e:53:da:3d:b8:2c:c2:dd:4f:df:e0:33:
1a:70:e7:22:a7:4b:bd:7f:df:14:69:51:a2:b6:72:
1e:7f:34:2e:e4:c6:e0:51:aa:be:7f:c8:88:d3:12:
bf:f1:89:e7:6e:c9:2e:21:06:67:03:10:ab:83:32:
22:67:b2:38:67:ed:fa:84:cf:d9:41:c1:3c:70:5b:
93:4d:e6:b8:56:1b:26:2e:3e:26:ec:7b:f6:3d:b8:
57:2b:e8:d9:7f:a9:67:0b:4a:da:47:78:37:a4:7f:
45:b9:73:48:3b:11:05:de:bb:a7:71:4a:ed:0b:20:
83:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:7B:43:FF:CB:0A:E2:9E:19:68:EC:0D:43:A0:E9:98:FE:C1:19:27
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/WntD_8sK4p4ZaOwNQ6DpmP7BGSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.252.117.0-193.252.118.255
193.252.121.0-193.252.123.255
IPv6:
2a01:c9c0:b0::/44
Signature Algorithm: sha256WithRSAEncryption
8c:02:84:1f:88:fb:13:de:19:5f:c7:df:19:f5:a0:07:a4:c8:
ff:40:44:dc:5b:01:d2:7e:38:1a:82:d5:a4:43:f4:6d:02:ae:
97:4c:f6:f8:2f:30:c9:8c:89:09:43:95:52:c2:5b:53:9a:10:
88:6b:75:5c:61:6e:0d:17:ce:a8:69:8f:ce:a2:67:e7:e1:bb:
a3:cd:50:4f:3f:72:69:fe:84:54:55:de:45:57:b0:21:52:31:
15:94:c1:1c:9f:73:4f:47:8b:ac:18:bd:ae:c0:c1:13:89:86:
93:4e:58:1f:f1:16:6d:ad:00:0e:d7:bb:f3:8c:a2:29:55:30:
4e:f1:34:22:7d:ca:7b:29:ce:1a:1d:b2:25:39:21:d0:77:d8:
6f:fb:28:52:9b:96:2e:a6:9c:f5:38:cb:a3:03:fc:77:13:64:
d6:7d:d2:0e:43:3e:a9:56:0b:35:c2:3f:50:d1:e9:38:4a:21:
50:57:b8:9d:07:34:e0:21:af:1a:60:6e:9d:5d:9d:81:cc:13:
1c:23:f4:fb:2a:80:88:d9:06:a0:07:b7:ca:f6:03:9c:6b:13:
36:c7:d0:6a:77:b3:e4:94:e7:91:a3:7f:9b:72:48:7b:54:06:
d1:c9:b1:ff:9d:bc:0d:cc:c5:44:46:97:a8:a2:8c:80:b9:e7:
0c:c7:08:e3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVsuELgkq5Qi/Fbpl+JoauuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTdiNDNmZmNiMGFlMjllMTk2OGVjMGQ0M2EwZTk5OGZlYzExOTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37kpOBWUSfg2vgOPSEJmSpItVUAj
97yJ+g/zKbPf8l4hJDEKsli5hDOl+a1BLkMo4ZtwnoXUhBah3H1JyTc8D/gO0iek
+hGktpqhwQP1VL24H7DMKxtBnCTrhnCsNx0zpo3pAAvdPdNxrVYVUFLext9D8HYU
6b4kvFXlRi4ToexFMGOFFpMEPaYOU9o9uCzC3U/f4DMacOcip0u9f98UaVGitnIe
fzQu5MbgUaq+f8iI0xK/8YnnbskuIQZnAxCrgzIiZ7I4Z+36hM/ZQcE8cFuTTea4
VhsmLj4m7Hv2PbhXK+jZf6lnC0raR3g3pH9FuXNIOxEF3runcUrtCyCDOwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFp7Q//LCuKeGWjsDUOg6Zj+wRknMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvV250RF84c0s0cDRaYU93TlE2RHBtUDdCR1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAiBAIAATAcMAwDBADB/HUD
BADB/HYwDAMEAMH8eQMEAsH8eDAPBAIAAjAJAwcEKgHJwACwMA0GCSqGSIb3DQEB
CwUAA4IBAQCMAoQfiPsT3hlfx98Z9aAHpMj/QETcWwHSfjgagtWkQ/RtAq6XTPb4
LzDJjIkJQ5VSwltTmhCIa3VcYW4NF86oaY/Oomfn4bujzVBPP3Jp/oRUVd5FV7Ah
UjEVlMEcn3NPR4usGL2uwMETiYaTTlgf8RZtrQAO17vzjKIpVTBO8TQifcp7Kc4a
HbIlOSHQd9hv+yhSm5Yuppz1OMujA/x3E2TWfdIOQz6pVgs1wj9Q0ek4SiFQV7id
BzTgIa8aYG6dXZ2BzBMcI/T7KoCI2QagB7fK9gOcaxM2x9Bqd7PklOeRo3+bckh7
VAbRybH/nbwNzMVERpeoooyAuecMxwjj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org