Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/WSOgy0nOJySh4JpB0pUCxxudibc.roa
File: WSOgy0nOJySh4JpB0pUCxxudibc.roa (raw, json)
Hash identifier: kj8jkBNLLzj9G8ZYpjLiCy5jtAaijpwdMG/p2cTXX7E=
Subject key identifier: 59:23:A0:CB:49:CE:27:24:A1:E0:9A:41:D2:95:02:C7:1B:9D:89:B7
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 018C87A73BB1E1AEE4AF4966F87755E6F4E3
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/WSOgy0nOJySh4JpB0pUCxxudibc.roa
Signing time: Wed 20 Dec 2023 14:35:33 +0000
ROA not before: Wed 20 Dec 2023 14:35:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 192.6.252.0/22 maxlen: 22
192.6.64.0/22 maxlen: 22
158.120.58.0/24 maxlen: 24
158.120.56.0/24 maxlen: 24
192.25.232.0/22 maxlen: 22
158.120.54.0/24 maxlen: 24
158.120.52.0/24 maxlen: 24
158.120.62.0/24 maxlen: 24
158.120.60.0/24 maxlen: 24
192.137.24.0/22 maxlen: 22
192.25.244.0/22 maxlen: 22
192.6.172.0/22 maxlen: 22
192.25.180.0/22 maxlen: 22
192.25.200.0/22 maxlen: 22
192.25.208.0/22 maxlen: 22
158.120.48.0/24 maxlen: 24
158.120.50.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:87:a7:3b:b1:e1:ae:e4:af:49:66:f8:77:55:e6:f4:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Dec 20 14:35:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5923a0cb49ce2724a1e09a41d29502c71b9d89b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e4:2c:53:e2:6f:f4:3e:c5:02:71:49:4e:e9:
a6:ef:ce:05:c2:63:49:66:9c:df:a5:c9:38:53:1f:
3d:b7:17:b4:18:e4:4e:67:68:b8:bb:ed:f1:09:5a:
08:0e:9d:00:45:6d:0f:91:1d:ec:20:55:44:30:5e:
c0:f8:31:57:11:c7:19:55:67:bc:f8:c6:a4:94:ba:
33:8b:af:dc:32:6c:30:62:ce:b6:aa:7d:78:dd:bc:
a5:fe:92:98:06:57:40:95:2f:75:a3:07:9c:fc:7c:
5d:62:88:3f:16:84:4b:2d:60:7b:de:8c:b2:da:f1:
e3:60:0e:4c:de:d7:11:a3:e6:c6:e6:e4:db:61:ad:
5a:aa:32:4b:87:a9:3b:79:25:7a:68:5b:97:0b:11:
88:38:0a:95:c8:e1:10:17:ec:a8:fd:5f:f0:65:e5:
90:21:6e:ac:99:97:4f:44:5b:ea:fb:14:8a:b8:ac:
79:b2:15:df:ff:23:37:0b:bb:39:08:b2:32:07:bb:
a6:80:90:9c:e5:6f:5c:bb:43:b5:2f:a8:53:aa:a8:
4d:8c:f0:a1:36:04:d3:c5:51:44:89:60:1d:60:f9:
31:67:fe:82:e9:d8:19:75:82:2d:7a:b4:35:0b:09:
77:fe:a1:71:9d:e0:a2:45:05:01:7b:99:82:d0:f7:
d4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:23:A0:CB:49:CE:27:24:A1:E0:9A:41:D2:95:02:C7:1B:9D:89:B7
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/WSOgy0nOJySh4JpB0pUCxxudibc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.120.48.0/24
158.120.50.0/24
158.120.52.0/24
158.120.54.0/24
158.120.56.0/24
158.120.58.0/24
158.120.60.0/24
158.120.62.0/24
192.6.64.0/22
192.6.172.0/22
192.6.252.0/22
192.25.180.0/22
192.25.200.0/22
192.25.208.0/22
192.25.232.0/22
192.25.244.0/22
192.137.24.0/22
Signature Algorithm: sha256WithRSAEncryption
37:64:b1:5a:2f:7d:42:e3:cf:5d:45:43:61:a5:44:a4:24:74:
31:33:75:b4:80:dc:2d:2a:68:18:8e:65:fe:85:87:67:44:b7:
85:a0:f1:44:d6:07:99:34:07:3a:fb:97:7e:cf:3d:dd:20:9d:
4d:5a:bc:00:6f:12:40:e0:90:56:76:21:65:38:4e:cb:4d:92:
9e:12:9e:d5:c9:7f:61:0d:4a:1e:7c:94:5d:02:9a:e4:e8:36:
b4:fd:49:36:97:7f:f6:c7:ba:b6:3b:bc:c9:49:1f:14:47:6c:
aa:27:fc:d3:f5:3d:9b:b6:ff:d0:33:f1:17:ff:09:2b:7a:fd:
08:d8:fa:85:7b:c5:a5:4e:f6:5a:d9:1f:66:73:e3:a9:aa:b6:
3c:4a:e6:89:0f:8d:56:10:20:40:5b:1b:bf:94:da:90:5d:0a:
d5:d2:6e:62:7e:11:ca:18:f3:2e:ae:5d:7a:15:38:c2:bd:8b:
6c:df:37:0c:11:cd:ac:ed:c5:f8:a9:d1:63:70:20:71:a3:cb:
65:cf:4d:97:21:48:d7:9b:2b:e9:90:85:72:fc:68:5f:e2:57:
69:65:46:2b:4a:37:05:3e:e6:39:61:31:f9:d2:64:09:f3:86:
39:3f:df:1d:04:10:c6:dc:51:36:7e:de:14:f2:ac:0e:c2:fc:
82:4e:bc:d3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYyHpzux4a7kr0lm+HdV5vTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjMxMjIwMTQzNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTIzYTBjYjQ5Y2UyNzI0YTFlMDlhNDFkMjk1MDJjNzFiOWQ4OWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOQsU+Jv9D7FAnFJTumm784FwmNJ
Zpzfpck4Ux89txe0GOROZ2i4u+3xCVoIDp0ARW0PkR3sIFVEMF7A+DFXEccZVWe8
+MaklLozi6/cMmwwYs62qn143byl/pKYBldAlS91owec/HxdYog/FoRLLWB73oyy
2vHjYA5M3tcRo+bG5uTbYa1aqjJLh6k7eSV6aFuXCxGIOAqVyOEQF+yo/V/wZeWQ
IW6smZdPRFvq+xSKuKx5shXf/yM3C7s5CLIyB7umgJCc5W9cu0O1L6hTqqhNjPCh
NgTTxVFEiWAdYPkxZ/6C6dgZdYIterQ1Cwl3/qFxneCiRQUBe5mC0PfUKwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFFkjoMtJzickoeCaQdKVAscbnYm3MB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvV1NPZ3kwbk9KeVNoNEpwQjBwVUN4eHVkaWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAnngwAwQA
nngyAwQAnng0AwQAnng2AwQAnng4AwQAnng6AwQAnng8AwQAnng+AwQCwAZAAwQC
wAasAwQCwAb8AwQCwBm0AwQCwBnIAwQCwBnQAwQCwBnoAwQCwBn0AwQCwIkYMA0G
CSqGSIb3DQEBCwUAA4IBAQA3ZLFaL31C489dRUNhpUSkJHQxM3W0gNwtKmgYjmX+
hYdnRLeFoPFE1geZNAc6+5d+zz3dIJ1NWrwAbxJA4JBWdiFlOE7LTZKeEp7VyX9h
DUoefJRdAprk6Da0/Uk2l3/2x7q2O7zJSR8UR2yqJ/zT9T2btv/QM/EX/wkrev0I
2PqFe8WlTvZa2R9mc+OpqrY8SuaJD41WECBAWxu/lNqQXQrV0m5ifhHKGPMurl16
FTjCvYts3zcMEc2s7cX4qdFjcCBxo8tlz02XIUjXmyvpkIVy/Ghf4ldpZUYrSjcF
PuY5YTH50mQJ84Y5P98dBBDG3FE2ft4U8qwOwvyCTrzT
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:16 2024 by rpki-client on console-fra.rpki-client.org