Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/wwFcLyKhAdBHfZtyhJJ3xXiYiwo.roa
File: wwFcLyKhAdBHfZtyhJJ3xXiYiwo.roa (raw, json)
Hash identifier: 6hWGX8CppigHgoucrbMbtfPgxKXz7rxjOY8zCZlFIYQ=
Subject key identifier: C3:01:5C:2F:22:A1:01:D0:47:7D:9B:72:84:92:77:C5:78:98:8B:0A
Certificate issuer: /CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Certificate serial: 018CC2DADF2931CFB01BCCD2753AB4FB7109
Authority key identifier: A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/wwFcLyKhAdBHfZtyhJJ3xXiYiwo.roa
Signing time: Mon 01 Jan 2024 02:29:33 +0000
ROA not before: Mon 01 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39704
IP address blocks: 5.22.248.0/21 maxlen: 24
185.103.16.0/22 maxlen: 24
185.94.168.0/24 maxlen: 24
194.50.163.0/24 maxlen: 24
213.132.192.0/19 maxlen: 24
46.182.216.0/21 maxlen: 24
91.192.36.0/22 maxlen: 24
94.124.88.0/21 maxlen: 24
2a00:1bd0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 26 Feb 2024 17:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:df:29:31:cf:b0:1b:cc:d2:75:3a:b4:fb:71:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Validity
Not Before: Jan 1 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3015c2f22a101d0477d9b72849277c578988b0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0e:c3:95:b0:55:db:72:79:74:e3:f2:f1:76:
bc:b9:01:0b:9f:22:c9:6c:2a:20:c8:b0:60:b3:81:
dd:64:48:c0:57:00:0b:d9:17:87:cf:a9:c3:d6:3d:
04:f6:a1:02:50:45:37:3d:8a:b7:5a:78:1e:20:43:
26:55:b0:65:92:8b:fb:a7:dc:17:df:eb:29:91:c4:
13:fe:05:61:21:bc:1c:06:cd:55:81:26:a9:84:23:
2c:8a:28:04:00:27:c9:9e:7a:bb:62:5a:d6:38:82:
14:0a:62:3d:3f:5b:20:22:48:2b:e2:3c:44:5c:d1:
59:cd:70:93:61:39:d6:60:9a:0e:ed:8b:70:d5:05:
d6:23:28:d2:c9:27:e5:85:cd:93:30:81:49:52:8f:
a0:fb:09:a6:31:3e:0f:e2:db:31:4c:1a:f2:17:a8:
62:94:18:6c:a7:8b:3c:19:6f:27:1c:15:b7:a3:9c:
82:06:7d:b9:c5:40:ce:37:f5:be:6b:dc:f9:60:0c:
cd:8d:1c:b4:e9:99:9a:1b:6f:86:88:30:9c:20:0d:
0b:04:24:f6:52:98:88:10:68:3d:3d:6e:37:10:0d:
d5:e9:3a:3c:60:72:b0:81:ee:f8:48:96:7f:e0:f2:
dd:b7:99:d1:28:f0:8b:30:50:f5:bd:31:33:47:d1:
b4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:01:5C:2F:22:A1:01:D0:47:7D:9B:72:84:92:77:C5:78:98:8B:0A
X509v3 Authority Key Identifier:
keyid:A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/wwFcLyKhAdBHfZtyhJJ3xXiYiwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/oktI7cejJdfxrg8lfA4oNRcbya4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.248.0/21
46.182.216.0/21
91.192.36.0/22
94.124.88.0/21
185.94.168.0/24
185.103.16.0/22
194.50.163.0/24
213.132.192.0/19
IPv6:
2a00:1bd0::/32
Signature Algorithm: sha256WithRSAEncryption
86:62:6c:f0:53:6d:bb:41:9c:d9:69:80:06:08:80:44:d6:dd:
f4:c5:08:57:c7:44:61:74:a3:d1:2a:68:bf:c5:75:24:f6:1d:
ed:d8:e2:bc:0a:9e:02:f5:b9:21:95:de:f4:02:04:00:b8:03:
b2:ea:d7:85:a7:43:6d:dd:06:15:ae:a3:b3:25:7c:9c:11:2c:
a9:8f:e8:62:d7:33:b9:a8:95:4a:9b:a1:c4:f7:ec:3b:0e:54:
67:0a:92:fc:de:41:e4:32:00:ba:aa:fe:3a:34:b4:09:49:b8:
9e:23:06:b4:fd:22:ac:21:ef:52:10:44:da:79:39:d1:3e:42:
46:b3:91:1d:d5:9e:3f:c5:e0:a2:61:ef:2d:f0:66:09:78:23:
1d:dd:52:0c:6b:36:69:29:e5:d2:59:14:50:3c:6d:a1:bb:5e:
78:e3:fa:3a:d0:89:7f:18:f7:ba:86:87:ef:f4:ad:0b:c6:ff:
b9:31:bc:a1:3a:01:40:df:ab:db:f8:db:e6:3d:32:b2:58:ed:
dc:57:8b:86:95:97:3d:f5:8e:5f:9c:af:c0:a7:fa:4e:29:0f:
19:21:e6:49:e8:2a:bd:a9:77:f4:db:90:79:60:ae:db:c2:c0:
3a:3c:0c:fd:01:d6:29:eb:cf:2c:50:02:7e:ec:b1:b5:33:c0:
b7:94:40:26
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzC2t8pMc+wG8zSdTq0+3EJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGI0OGVkYzdhMzI1ZDdmMWFlMGYyNTdjMGUyODM1MTcx
YmM5YWUwHhcNMjQwMTAxMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzAxNWMyZjIyYTEwMWQwNDc3ZDliNzI4NDkyNzdjNTc4OTg4YjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw7DlbBV23J5dOPy8Xa8uQELnyLJ
bCogyLBgs4HdZEjAVwAL2ReHz6nD1j0E9qECUEU3PYq3WngeIEMmVbBlkov7p9wX
3+spkcQT/gVhIbwcBs1VgSaphCMsiigEACfJnnq7YlrWOIIUCmI9P1sgIkgr4jxE
XNFZzXCTYTnWYJoO7Ytw1QXWIyjSySflhc2TMIFJUo+g+wmmMT4P4tsxTBryF6hi
lBhsp4s8GW8nHBW3o5yCBn25xUDON/W+a9z5YAzNjRy06ZmaG2+GiDCcIA0LBCT2
UpiIEGg9PW43EA3V6To8YHKwge74SJZ/4PLdt5nRKPCLMFD1vTEzR9G0dwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFMMBXC8ioQHQR32bcoSSd8V4mIsKMB8GA1UdIwQY
MBaAFKJLSO3HoyXX8a4PJXwOKDUXG8muMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYt
N2YxZTU3NDg3YzFhLzEvd3dGY0x5S2hBZEJIZlp0eWhKSjN4WGlZaXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYtN2YxZTU3NDg3YzFh
LzEvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDBRb4AwQD
LrbYAwQCW8AkAwQDXnxYAwQAuV6oAwQCuWcQAwQAwjKjAwQF1YTAMA0EAgACMAcD
BQAqABvQMA0GCSqGSIb3DQEBCwUAA4IBAQCGYmzwU227QZzZaYAGCIBE1t30xQhX
x0RhdKPRKmi/xXUk9h3t2OK8Cp4C9bkhld70AgQAuAOy6teFp0Nt3QYVrqOzJXyc
ESypj+hi1zO5qJVKm6HE9+w7DlRnCpL83kHkMgC6qv46NLQJSbieIwa0/SKsIe9S
EETaeTnRPkJGs5Ed1Z4/xeCiYe8t8GYJeCMd3VIMazZpKeXSWRRQPG2hu1544/o6
0Il/GPe6hofv9K0Lxv+5MbyhOgFA36vb+NvmPTKyWO3cV4uGlZc99Y5fnK/Ap/pO
KQ8ZIeZJ6Cq9qXf025B5YK7bwsA6PAz9AdYp688sUAJ+7LG1M8C3lEAm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:25 2024 by rpki-client on console-ams.rpki-client.org