Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/WNapH2rCLgfK-aXi7thWoukMN9k.roa
File: WNapH2rCLgfK-aXi7thWoukMN9k.roa (raw, json)
Hash identifier: ljd1JXGpDc4zZZELdEbmtqGH1Oop1kSxdGURN1nM6Hw=
Subject key identifier: 58:D6:A9:1F:6A:C2:2E:07:CA:F9:A5:E2:EE:D8:56:A2:E9:0C:37:D9
Certificate issuer: /CN=97bd9b86531e544afa0309d8be2a7ba69163f9ad
Certificate serial: 0191D10E53882BD48A625DFA66F6E894CE2F
Authority key identifier: 97:BD:9B:86:53:1E:54:4A:FA:03:09:D8:BE:2A:7B:A6:91:63:F9:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l72bhlMeVEr6AwnYvip7ppFj-a0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/WNapH2rCLgfK-aXi7thWoukMN9k.roa
Signing time: Sun 08 Sep 2024 09:54:22 +0000
ROA not before: Sun 08 Sep 2024 09:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48851
IP address blocks: 141.226.110.0/24 maxlen: 24
141.226.252.0/22 maxlen: 24
185.139.240.0/22 maxlen: 24
2a07:1980::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 16 Sep 2024 09:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d1:0e:53:88:2b:d4:8a:62:5d:fa:66:f6:e8:94:ce:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97bd9b86531e544afa0309d8be2a7ba69163f9ad
Validity
Not Before: Sep 8 09:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58d6a91f6ac22e07caf9a5e2eed856a2e90c37d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:9a:2b:a3:92:8e:e1:e5:fd:2c:4e:0f:17:54:
0e:60:eb:51:d2:75:cc:47:bd:13:4a:fe:3c:78:97:
4b:c8:55:6b:6d:25:51:5d:07:af:44:c1:72:22:8e:
c6:6a:9e:01:72:57:11:2a:b3:3c:9c:64:2c:0e:7f:
2a:36:b7:e5:d8:5d:f1:f1:9b:85:73:ca:5f:d4:56:
dd:37:2f:b1:3d:fd:90:9a:70:30:1c:af:c0:d5:68:
65:33:72:b6:aa:be:54:39:00:41:30:c2:8a:90:5e:
8c:fe:8d:44:32:ee:cc:0a:36:76:da:ca:0c:19:ce:
4f:cb:4c:b4:b7:9d:f7:d2:7e:6b:25:97:d1:65:14:
65:46:7e:79:be:d7:f7:11:69:7d:6b:b9:a0:97:25:
91:71:37:d6:26:3f:ee:04:35:0a:a6:fa:05:ac:9e:
39:a6:e5:b0:ce:43:36:b2:44:f5:7e:42:d7:d1:1f:
3f:4e:ec:7b:d5:44:26:b6:87:3b:79:06:07:4b:1c:
f7:ad:01:bc:62:ad:6a:ae:5e:c1:9d:e7:d6:01:e0:
74:44:dc:20:94:37:1c:a0:e2:d0:a1:01:a4:19:08:
7a:ea:5e:e9:42:d2:04:31:23:e5:12:2b:ee:64:0a:
12:13:6a:bd:af:76:ce:82:18:23:ce:6e:45:bd:ce:
57:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:D6:A9:1F:6A:C2:2E:07:CA:F9:A5:E2:EE:D8:56:A2:E9:0C:37:D9
X509v3 Authority Key Identifier:
keyid:97:BD:9B:86:53:1E:54:4A:FA:03:09:D8:BE:2A:7B:A6:91:63:F9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l72bhlMeVEr6AwnYvip7ppFj-a0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/WNapH2rCLgfK-aXi7thWoukMN9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/l72bhlMeVEr6AwnYvip7ppFj-a0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.110.0/24
141.226.252.0/22
185.139.240.0/22
IPv6:
2a07:1980::/29
Signature Algorithm: sha256WithRSAEncryption
51:8c:11:21:84:03:12:cb:3c:70:c5:cd:2b:87:cc:b3:a7:87:
0d:d6:8c:fa:e0:3f:65:3f:3f:07:ee:7f:44:86:b0:39:72:1e:
8f:a5:e0:a2:83:9b:da:03:e4:16:8b:30:28:e8:1e:0c:fd:28:
ae:2a:ff:99:27:bf:27:d9:a0:f0:2d:01:46:de:6c:e1:a0:72:
a9:fc:00:92:25:d2:a8:da:3a:5f:60:24:97:eb:4e:1d:1c:a8:
2b:b7:c0:0e:d1:da:aa:65:2c:16:a6:50:2b:48:bd:98:a7:df:
54:9f:97:83:fe:f4:1e:7c:28:3c:60:32:90:d4:2d:53:4c:c8:
c1:d8:68:aa:8b:7e:b2:33:15:a3:78:40:7e:49:7e:43:3c:91:
da:ce:2c:a5:99:d9:2d:9e:46:18:83:37:2b:86:78:82:45:b0:
d6:85:f0:5e:cd:8e:82:6c:3a:e9:d2:a7:a7:54:c4:c0:b6:06:
f9:ab:8d:ae:5d:e4:a9:8b:7e:36:cd:38:68:b5:2c:d2:18:75:
ef:05:a5:47:9f:0b:e8:82:ca:72:f8:69:ea:83:91:3e:bc:cc:
d7:50:13:fe:3a:9b:82:c3:3f:c0:67:a2:c6:ad:e2:eb:e8:ff:
e8:05:c7:7e:17:dd:12:7b:8c:fe:e9:10:c5:8c:b7:a0:b2:70:
6d:e4:4e:78
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZHRDlOIK9SKYl36ZvbolM4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YmQ5Yjg2NTMxZTU0NGFmYTAzMDlkOGJlMmE3YmE2OTE2
M2Y5YWQwHhcNMjQwOTA4MDk1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGQ2YTkxZjZhYzIyZTA3Y2FmOWE1ZTJlZWQ4NTZhMmU5MGMzN2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Joro5KO4eX9LE4PF1QOYOtR0nXM
R70TSv48eJdLyFVrbSVRXQevRMFyIo7Gap4BclcRKrM8nGQsDn8qNrfl2F3x8ZuF
c8pf1FbdNy+xPf2QmnAwHK/A1WhlM3K2qr5UOQBBMMKKkF6M/o1EMu7MCjZ22soM
Gc5Py0y0t5330n5rJZfRZRRlRn55vtf3EWl9a7mglyWRcTfWJj/uBDUKpvoFrJ45
puWwzkM2skT1fkLX0R8/Tux71UQmtoc7eQYHSxz3rQG8Yq1qrl7BnefWAeB0RNwg
lDccoOLQoQGkGQh66l7pQtIEMSPlEivuZAoSE2q9r3bOghgjzm5Fvc5XqQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFjWqR9qwi4Hyvml4u7YVqLpDDfZMB8GA1UdIwQY
MBaAFJe9m4ZTHlRK+gMJ2L4qe6aRY/mtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDcyYmhsTWVWRXI2QXduWXZpcDdwcEZqLWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kNGJkOGItNTVmNC00NzY1LWFkMjIt
MzQ2MGNjMjY0ODBiLzEvV05hcEgyckNMZ2ZLLWFYaTd0aFdvdWtNTjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kNGJkOGItNTVmNC00NzY1LWFkMjItMzQ2MGNjMjY0ODBi
LzEvbDcyYmhsTWVWRXI2QXduWXZpcDdwcEZqLWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAjeJuAwQC
jeL8AwQCuYvwMA0EAgACMAcDBQMqBxmAMA0GCSqGSIb3DQEBCwUAA4IBAQBRjBEh
hAMSyzxwxc0rh8yzp4cN1oz64D9lPz8H7n9EhrA5ch6PpeCig5vaA+QWizAo6B4M
/SiuKv+ZJ78n2aDwLQFG3mzhoHKp/ACSJdKo2jpfYCSX604dHKgrt8AO0dqqZSwW
plArSL2Yp99Un5eD/vQefCg8YDKQ1C1TTMjB2Giqi36yMxWjeEB+SX5DPJHaziyl
mdktnkYYgzcrhniCRbDWhfBezY6CbDrp0qenVMTAtgb5q42uXeSpi342zThotSzS
GHXvBaVHnwvogspy+Gnqg5E+vMzXUBP+OpuCwz/AZ6LGreLr6P/oBcd+F90Se4z+
6RDFjLegsnBt5E54
-----END CERTIFICATE-----
Generated at Mon Sep 16 10:47:33 2024 by rpki-client on console-fra.rpki-client.org