Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WMqy3eNP1ZamAxm_45tPhaDurwI.roa
File: WMqy3eNP1ZamAxm_45tPhaDurwI.roa (raw, json)
Hash identifier: uhLffxFrHO1xhfgyCJDZPY+X8PR8/Wh6K2m6Rn+7+jM=
Subject key identifier: 58:CA:B2:DD:E3:4F:D5:96:A6:03:19:BF:E3:9B:4F:85:A0:EE:AF:02
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0190BF9E338B60C4FA732ED21C2B0A77D9A9
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WMqy3eNP1ZamAxm_45tPhaDurwI.roa
Signing time: Wed 17 Jul 2024 07:35:34 +0000
ROA not before: Wed 17 Jul 2024 07:35:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152179
IP address blocks: 82.163.52.0/23 maxlen: 24
149.126.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Sep 2024 09:10:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:9e:33:8b:60:c4:fa:73:2e:d2:1c:2b:0a:77:d9:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 17 07:35:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58cab2dde34fd596a60319bfe39b4f85a0eeaf02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d2:f4:18:20:fb:e7:df:75:7a:e1:0d:bc:44:
df:4e:ee:4f:99:51:a8:9f:2e:72:35:11:16:27:08:
85:13:cb:85:03:b7:02:18:37:55:8b:e0:11:00:4d:
44:fd:cf:99:8d:06:2d:cf:5f:9c:b2:ed:bf:3e:86:
62:95:ad:eb:8c:a1:4d:ce:c9:95:45:8b:5a:74:5a:
14:05:c2:14:c3:02:80:b6:9b:04:02:4f:62:d8:ed:
d4:c2:0d:5a:ac:1e:74:df:11:9b:2a:04:78:97:b8:
7c:fd:19:8d:45:e4:64:88:48:42:da:0d:cf:c5:31:
07:b9:2b:fd:c4:9e:c0:a0:1c:68:54:9d:4a:39:3f:
03:66:ef:85:f3:0b:db:76:fe:7a:d5:53:f8:48:77:
93:40:ad:d5:11:d7:54:cc:0b:f3:a6:b7:34:81:9c:
1e:89:1e:46:d2:fa:7b:09:6f:02:7e:8c:fe:57:82:
fc:99:b9:9b:22:32:7a:41:2c:90:e0:05:7d:db:58:
66:19:73:ca:9a:28:03:15:91:d1:ad:6e:f5:c8:04:
b7:79:1f:6a:e1:f2:f0:61:14:dc:b5:a6:ab:d5:bd:
9a:26:50:67:e3:88:45:ce:b0:c0:a4:af:83:5a:b7:
15:46:c5:b3:4f:4d:ca:84:35:78:af:5d:0a:45:9b:
c4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:CA:B2:DD:E3:4F:D5:96:A6:03:19:BF:E3:9B:4F:85:A0:EE:AF:02
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WMqy3eNP1ZamAxm_45tPhaDurwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.52.0/23
149.126.92.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:00:eb:a7:b8:cb:b3:05:e4:76:1c:b2:21:0d:36:27:38:9d:
f1:25:93:2c:f3:77:26:38:ba:c0:08:03:e4:ee:23:b9:71:b4:
80:cf:04:71:71:a1:49:a9:ff:04:31:9c:b0:0f:24:e9:28:db:
d8:cd:6a:af:a8:2a:9d:e1:79:1b:62:0d:73:33:1a:ab:68:7f:
37:b4:21:c2:67:60:3e:b1:eb:62:7d:e4:22:40:b7:92:0f:59:
69:b1:db:f6:8a:8b:30:c1:32:87:93:60:d8:07:5c:8a:71:07:
ee:dc:96:54:61:8b:a3:c6:a5:82:79:2b:7c:1d:04:d6:d6:1d:
52:b9:cf:da:43:ac:9e:17:e5:70:7b:fe:3f:ef:53:2a:e0:e7:
fb:fe:c8:62:20:92:3a:c7:6f:4a:41:4c:6c:e0:00:2f:82:3c:
cb:cd:07:3b:58:02:77:31:47:af:83:13:64:71:e1:4a:bb:34:
88:71:ee:27:b8:59:2c:92:d7:5c:30:89:0c:00:cf:d6:a2:ae:
b3:ca:f0:34:bb:76:32:a1:df:bd:e2:7e:b4:db:ee:93:52:b3:
9a:6d:27:cc:f1:f9:9d:dc:a7:9e:12:34:7a:ce:28:c8:e6:c2:
c0:30:8f:01:5f:30:8d:41:c5:6f:11:d1:bb:96:46:fe:f0:51:
76:5c:a2:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZC/njOLYMT6cy7SHCsKd9mpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNzE3MDczNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGNhYjJkZGUzNGZkNTk2YTYwMzE5YmZlMzliNGY4NWEwZWVhZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitL0GCD75991euENvETfTu5PmVGo
ny5yNREWJwiFE8uFA7cCGDdVi+ARAE1E/c+ZjQYtz1+csu2/PoZila3rjKFNzsmV
RYtadFoUBcIUwwKAtpsEAk9i2O3Uwg1arB503xGbKgR4l7h8/RmNReRkiEhC2g3P
xTEHuSv9xJ7AoBxoVJ1KOT8DZu+F8wvbdv561VP4SHeTQK3VEddUzAvzprc0gZwe
iR5G0vp7CW8Cfoz+V4L8mbmbIjJ6QSyQ4AV921hmGXPKmigDFZHRrW71yAS3eR9q
4fLwYRTctaar1b2aJlBn44hFzrDApK+DWrcVRsWzT03KhDV4r10KRZvEnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFjKst3jT9WWpgMZv+ObT4Wg7q8CMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvV01xeTNlTlAxWmFtQXhtXzQ1dFBoYUR1cndJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUqM0AwQC
lX5cMA0GCSqGSIb3DQEBCwUAA4IBAQBrAOunuMuzBeR2HLIhDTYnOJ3xJZMs83cm
OLrACAPk7iO5cbSAzwRxcaFJqf8EMZywDyTpKNvYzWqvqCqd4XkbYg1zMxqraH83
tCHCZ2A+setifeQiQLeSD1lpsdv2ioswwTKHk2DYB1yKcQfu3JZUYYujxqWCeSt8
HQTW1h1Suc/aQ6yeF+Vwe/4/71Mq4Of7/shiIJI6x29KQUxs4AAvgjzLzQc7WAJ3
MUevgxNkceFKuzSIce4nuFksktdcMIkMAM/Woq6zyvA0u3Yyod+94n602+6TUrOa
bSfM8fmd3KeeEjR6zijI5sLAMI8BXzCNQcVvEdG7lkb+8FF2XKJO
-----END CERTIFICATE-----
Generated at Sun Sep 15 11:19:27 2024 by rpki-client on console-ams.rpki-client.org