Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/W-DPn4CF7e33NFhNvEJCQ4Qr2p4.roa
File: W-DPn4CF7e33NFhNvEJCQ4Qr2p4.roa (raw, json)
Hash identifier: HEMApUSaFamhtXNCuqsvMqzzW/0WvjIFZYrwA1banQE=
Subject key identifier: 5B:E0:CF:9F:80:85:ED:ED:F7:34:58:4D:BC:42:42:43:84:2B:DA:9E
Certificate issuer: /CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Certificate serial: 018572310ECAED4DBA46A7D9603CF0742797
Authority key identifier: D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/W-DPn4CF7e33NFhNvEJCQ4Qr2p4.roa
Signing time: Mon 02 Jan 2023 11:14:55 +0000
ROA not before: Mon 02 Jan 2023 11:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51782
IP address blocks: 185.66.204.0/22 maxlen: 24
149.255.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:0e:ca:ed:4d:ba:46:a7:d9:60:3c:f0:74:27:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Validity
Not Before: Jan 2 11:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5be0cf9f8085ededf734584dbc424243842bda9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ab:a4:39:6d:a4:c5:ef:48:68:42:67:76:46:
45:d7:85:94:82:4e:47:e6:e3:b4:32:89:7b:2c:07:
99:08:10:e5:11:90:fd:e2:0f:71:c7:40:6a:03:76:
ae:98:20:f5:a0:15:7d:ab:c0:fc:b5:64:f5:2c:5c:
44:a3:f0:81:2d:86:c3:43:b1:19:2e:3c:55:b1:a5:
84:9d:09:5d:68:7a:7a:8c:ee:b7:2d:64:c7:af:56:
d8:02:4d:7e:9b:e4:8f:f1:43:2a:62:1a:59:0b:a9:
04:16:6e:70:80:2a:2d:48:43:f4:6c:e2:1a:fd:f7:
52:60:76:65:7c:29:14:95:4b:10:84:9b:6a:04:5c:
a9:69:6b:d2:31:86:f0:c7:a3:bb:fc:49:a0:84:e9:
8c:62:2c:a4:ca:66:50:d0:07:bd:18:52:e8:a2:2f:
e5:4e:62:3c:f8:28:af:05:84:95:68:6c:a5:d2:5e:
1b:49:fc:aa:f8:d6:06:98:97:09:e2:9e:3e:19:64:
73:e7:dd:6e:f8:f1:1f:68:84:30:d2:d6:5b:55:75:
56:e6:1e:29:25:d4:8f:4d:10:08:d5:50:27:9f:de:
36:e8:93:f0:2c:61:36:b9:e2:d0:e8:7c:a5:12:2c:
25:75:bb:00:f0:22:a2:f7:96:0e:d3:cd:69:ed:05:
33:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E0:CF:9F:80:85:ED:ED:F7:34:58:4D:BC:42:42:43:84:2B:DA:9E
X509v3 Authority Key Identifier:
keyid:D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/W-DPn4CF7e33NFhNvEJCQ4Qr2p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.255.168.0/21
185.66.204.0/22
Signature Algorithm: sha256WithRSAEncryption
65:95:b3:d5:8c:fb:42:1d:70:e0:76:83:09:29:b1:0e:82:af:
af:00:ad:14:71:e1:9f:71:04:0b:04:c7:7c:80:5c:59:42:ed:
22:5f:a3:53:11:08:25:6a:0d:98:41:58:74:de:94:9e:9b:d3:
2d:ee:8d:a6:42:84:59:25:ac:c1:79:4c:3b:2f:d3:17:8b:8d:
c7:ba:55:a6:b6:5d:93:7d:dc:64:e4:de:02:c5:6e:eb:9d:4d:
eb:70:61:6c:c2:b4:d0:40:45:2f:9d:c1:e6:89:6d:f5:d8:52:
ea:fe:a2:52:4b:50:cb:20:0b:92:e5:27:ca:f3:e1:17:2e:c1:
81:9b:f9:28:c2:e0:8c:c4:59:64:32:df:a0:a9:61:9f:7d:b3:
35:90:63:fe:a9:42:ff:ac:d2:d8:0d:1b:f6:4e:94:ec:3b:fb:
0e:a3:a6:4b:8e:be:1e:db:42:26:e3:0e:40:b9:d9:66:a3:26:
7e:93:e2:d0:4f:d6:0f:7d:fa:7e:91:56:7a:50:70:b0:d7:a0:
5d:89:f7:2d:a6:31:8f:28:29:23:8e:99:39:2e:24:e5:08:94:
34:8c:a6:70:e3:a3:ab:84:43:45:1f:44:99:b7:08:25:b7:8f:
89:aa:5b:a6:4b:0e:8f:d2:02:6f:b8:55:a7:85:80:1c:26:4f:
01:82:83:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyMQ7K7U26RqfZYDzwdCeXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDA3OWJiNzA3MGVkMGVlZWEzYTFhNDY3Yzc5NDYyYmNj
NTQ1NWYwHhcNMjMwMTAyMTExNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmUwY2Y5ZjgwODVlZGVkZjczNDU4NGRiYzQyNDI0Mzg0MmJkYTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6ukOW2kxe9IaEJndkZF14WUgk5H
5uO0Mol7LAeZCBDlEZD94g9xx0BqA3aumCD1oBV9q8D8tWT1LFxEo/CBLYbDQ7EZ
LjxVsaWEnQldaHp6jO63LWTHr1bYAk1+m+SP8UMqYhpZC6kEFm5wgCotSEP0bOIa
/fdSYHZlfCkUlUsQhJtqBFypaWvSMYbwx6O7/EmghOmMYiykymZQ0Ae9GFLooi/l
TmI8+CivBYSVaGyl0l4bSfyq+NYGmJcJ4p4+GWRz591u+PEfaIQw0tZbVXVW5h4p
JdSPTRAI1VAnn9426JPwLGE2ueLQ6HylEiwldbsA8CKi95YO081p7QUz6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFvgz5+Ahe3t9zRYTbxCQkOEK9qeMB8GA1UdIwQY
MBaAFNBAebtwcO0O7qOhpGfHlGK8xUVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTkt
NjIwOThkMWVjMWU2LzEvVy1EUG40Q0Y3ZTMzTkZoTnZFSkNRNFFyMnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTktNjIwOThkMWVjMWU2
LzEvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDlf+oAwQC
uULMMA0GCSqGSIb3DQEBCwUAA4IBAQBllbPVjPtCHXDgdoMJKbEOgq+vAK0UceGf
cQQLBMd8gFxZQu0iX6NTEQglag2YQVh03pSem9Mt7o2mQoRZJazBeUw7L9MXi43H
ulWmtl2Tfdxk5N4CxW7rnU3rcGFswrTQQEUvncHmiW312FLq/qJSS1DLIAuS5SfK
8+EXLsGBm/kowuCMxFlkMt+gqWGffbM1kGP+qUL/rNLYDRv2TpTsO/sOo6ZLjr4e
20Im4w5AudlmoyZ+k+LQT9YPffp+kVZ6UHCw16BdifctpjGPKCkjjpk5LiTlCJQ0
jKZw46OrhENFH0SZtwglt4+JqlumSw6P0gJvuFWnhYAcJk8BgoOm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:18 2024 by rpki-client on console-ams.rpki-client.org