Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WKl-hRUM6pu68lyG_ikO8XhQ_aw.roa
File: WKl-hRUM6pu68lyG_ikO8XhQ_aw.roa (raw, json)
Hash identifier: MmpUIEjszspO4XuOz5F5JC1+6tduwsuuevTRIHevd+8=
Subject key identifier: 58:A9:7E:85:15:0C:EA:9B:BA:F2:5C:86:FE:29:0E:F1:78:50:FD:AC
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C299B6F435D50D21BB53050A01BE5B0A6
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WKl-hRUM6pu68lyG_ikO8XhQ_aw.roa
Signing time: Sat 02 Dec 2023 08:18:21 +0000
ROA not before: Sat 02 Dec 2023 08:18:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21859
IP address blocks: 37.218.208.0/21 maxlen: 24
149.126.88.0/22 maxlen: 24
5.102.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Dec 2023 13:46:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:29:9b:6f:43:5d:50:d2:1b:b5:30:50:a0:1b:e5:b0:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 2 08:18:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58a97e85150cea9bbaf25c86fe290ef17850fdac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a1:a2:fc:5f:e8:c8:ef:b0:2c:1f:b7:b4:d2:
c0:fa:59:d2:07:c4:8a:21:c2:ab:ac:db:0c:62:5d:
14:09:7a:22:e9:1a:f9:05:f5:a8:8b:aa:b8:df:15:
d4:9c:dd:0d:d9:aa:1a:fd:73:db:da:d1:36:b1:52:
ee:e2:b1:cd:34:f2:88:86:f0:0b:c6:44:1f:ea:61:
ff:c4:41:72:f6:e5:e9:bd:71:bc:a5:21:e4:8c:d6:
b0:6c:c1:fb:ac:90:ba:15:16:6b:c1:e4:3d:b8:10:
bf:a9:c7:ff:19:7d:c7:fc:50:bb:40:00:c6:08:a9:
1a:36:9b:d0:c4:53:35:9d:e8:27:a2:6f:0f:b7:3a:
32:d8:8a:63:41:e7:74:48:1d:f8:5a:9f:45:fb:65:
9c:0c:e2:db:79:b3:82:6e:50:65:d9:70:1d:57:ea:
7c:aa:a2:73:d0:b6:40:bb:8a:cd:09:b9:a9:ad:86:
6a:0e:3f:3e:cb:9c:f0:47:64:d1:ef:64:fa:86:c1:
df:86:67:71:dc:dd:7c:47:97:b1:08:db:0d:37:e0:
07:fd:b9:f6:a6:62:4b:32:44:b9:1b:73:3d:11:79:
76:79:8f:91:76:86:cc:f6:92:f4:0a:44:66:8a:23:
0e:bf:80:f4:36:4a:16:eb:60:79:a3:a8:df:19:11:
c7:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:A9:7E:85:15:0C:EA:9B:BA:F2:5C:86:FE:29:0E:F1:78:50:FD:AC
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WKl-hRUM6pu68lyG_ikO8XhQ_aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/21
37.218.208.0/21
149.126.88.0/22
Signature Algorithm: sha256WithRSAEncryption
49:db:3c:12:06:0b:c4:0a:ae:3b:c8:57:cc:0b:1a:6c:bf:cc:
38:32:da:09:31:39:20:63:b5:02:da:46:4b:f4:b9:3a:55:4a:
a2:99:bb:8c:05:09:30:2a:7d:5d:ad:28:8c:fb:39:08:81:1c:
30:db:10:73:63:14:09:d1:8e:af:87:10:5a:5b:57:f5:3d:c3:
fd:84:52:c1:a5:3b:c8:5b:97:7f:a4:3d:c1:b6:bc:08:68:c2:
86:56:db:87:63:0a:22:87:c4:df:10:c4:81:ac:a2:68:3a:8d:
2a:61:a1:68:08:3d:a1:26:46:db:09:89:1f:7f:5d:ff:4d:34:
c9:43:22:dc:fa:ae:ac:83:a4:50:fe:33:90:37:e7:8f:4e:c8:
a8:5e:cc:0e:40:87:ec:c5:8f:f7:e5:3b:5e:8a:38:22:36:00:
91:08:9c:db:9a:c1:27:8b:42:f7:9b:7b:70:86:22:a3:f8:f7:
00:d1:f4:56:eb:ca:1c:d7:28:98:45:4b:e5:cc:82:8e:a7:3c:
5e:48:93:b0:40:a2:d4:10:14:af:dc:f8:c9:8c:fc:b0:08:ad:
64:39:6a:f2:26:ce:c8:cb:62:60:be:5e:7d:be:e4:1e:b7:51:
07:ff:70:5c:2d:25:7c:b3:37:b5:cd:59:51:c0:9d:15:7b:a4:
b6:68:c5:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwpm29DXVDSG7UwUKAb5bCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjAyMDgxODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGE5N2U4NTE1MGNlYTliYmFmMjVjODZmZTI5MGVmMTc4NTBmZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6Gi/F/oyO+wLB+3tNLA+lnSB8SK
IcKrrNsMYl0UCXoi6Rr5BfWoi6q43xXUnN0N2aoa/XPb2tE2sVLu4rHNNPKIhvAL
xkQf6mH/xEFy9uXpvXG8pSHkjNawbMH7rJC6FRZrweQ9uBC/qcf/GX3H/FC7QADG
CKkaNpvQxFM1negnom8Ptzoy2IpjQed0SB34Wp9F+2WcDOLbebOCblBl2XAdV+p8
qqJz0LZAu4rNCbmprYZqDj8+y5zwR2TR72T6hsHfhmdx3N18R5exCNsNN+AH/bn2
pmJLMkS5G3M9EXl2eY+RdobM9pL0CkRmiiMOv4D0NkoW62B5o6jfGRHHDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFipfoUVDOqbuvJchv4pDvF4UP2sMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvV0tsLWhSVU02cHU2OGx5R19pa084WGhRX2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBWZgAwQD
JdrQAwQClX5YMA0GCSqGSIb3DQEBCwUAA4IBAQBJ2zwSBgvECq47yFfMCxpsv8w4
MtoJMTkgY7UC2kZL9Lk6VUqimbuMBQkwKn1drSiM+zkIgRww2xBzYxQJ0Y6vhxBa
W1f1PcP9hFLBpTvIW5d/pD3BtrwIaMKGVtuHYwoih8TfEMSBrKJoOo0qYaFoCD2h
JkbbCYkff13/TTTJQyLc+q6sg6RQ/jOQN+ePTsioXswOQIfsxY/35TteijgiNgCR
CJzbmsEni0L3m3twhiKj+PcA0fRW68oc1yiYRUvlzIKOpzxeSJOwQKLUEBSv3PjJ
jPywCK1kOWryJs7Iy2Jgvl59vuQet1EH/3BcLSV8sze1zVlRwJ0Ve6S2aMVV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org