Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/WkXpArqbJRiCNBdL9S2S9vAivW0.roa
File: WkXpArqbJRiCNBdL9S2S9vAivW0.roa (raw, json)
Hash identifier: bGCXzjKRSAtRlAdEEkfGJknJZ301iFkIkb9y1yPIB4U=
Subject key identifier: 5A:45:E9:02:BA:9B:25:18:82:34:17:4B:F5:2D:92:F6:F0:22:BD:6D
Certificate issuer: /CN=23394a125fa3ace0c47a6fe34f4086b4d3ba5588
Certificate serial: 01919D91E5A8A28832CDBE743A2A45629B7F
Authority key identifier: 23:39:4A:12:5F:A3:AC:E0:C4:7A:6F:E3:4F:40:86:B4:D3:BA:55:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzlKEl-jrODEem_jT0CGtNO6VYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/WkXpArqbJRiCNBdL9S2S9vAivW0.roa
Signing time: Thu 29 Aug 2024 09:57:49 +0000
ROA not before: Thu 29 Aug 2024 09:57:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197248
IP address blocks: 62.112.192.0/21 maxlen: 21
62.112.208.0/21 maxlen: 21
77.111.88.0/21 maxlen: 24
93.88.192.0/21 maxlen: 21
93.88.194.0/24 maxlen: 24
109.61.0.0/22 maxlen: 22
109.61.8.0/21 maxlen: 21
109.61.20.0/22 maxlen: 22
109.61.22.0/24 maxlen: 24
109.61.24.0/21 maxlen: 21
109.61.48.0/20 maxlen: 20
109.61.64.0/20 maxlen: 20
109.61.96.0/21 maxlen: 21
109.61.112.0/21 maxlen: 21
2a01:be00::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 31 Oct 2024 15:24:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9d:91:e5:a8:a2:88:32:cd:be:74:3a:2a:45:62:9b:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23394a125fa3ace0c47a6fe34f4086b4d3ba5588
Validity
Not Before: Aug 29 09:57:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a45e902ba9b25188234174bf52d92f6f022bd6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:57:42:a7:51:2d:98:2e:45:48:30:dd:22:41:
43:d2:5a:8f:33:ed:a9:d3:58:0c:1d:38:1d:36:57:
74:66:84:70:3e:e6:1a:38:38:91:bb:59:86:be:bd:
00:91:bc:50:f4:b3:fa:a6:e8:40:d8:e3:5b:a7:b6:
1a:e7:27:e1:b5:53:eb:ac:81:84:73:2d:8c:ba:87:
7e:e5:2b:9b:61:16:d6:05:03:46:88:04:9a:89:5d:
40:38:af:76:88:ac:83:96:d0:90:9b:d4:1d:73:a5:
3a:0f:48:63:fd:19:f1:9c:81:fb:06:ca:f3:5f:53:
07:58:8e:a4:c4:5b:50:2d:b7:b9:ce:8c:cb:1e:f4:
88:ec:37:d1:81:5e:de:21:b7:cf:2f:d3:ab:0f:c7:
92:91:4a:cc:fc:34:fa:cc:19:9a:0d:43:03:6b:9f:
09:db:42:e4:ba:30:25:01:65:ef:26:20:44:3a:d8:
a1:ea:b5:cf:92:75:6e:14:d3:a9:41:9f:04:4e:b4:
4c:5a:5c:33:24:05:89:d3:0b:d3:2c:f5:1f:15:81:
48:37:02:ab:76:65:16:5f:d8:95:7e:f0:af:ac:82:
8d:f1:33:f5:cd:4e:0b:e5:38:5a:ab:9a:4c:25:61:
7e:d3:1e:02:fc:c3:58:25:b7:16:ad:10:8b:7c:e8:
28:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:45:E9:02:BA:9B:25:18:82:34:17:4B:F5:2D:92:F6:F0:22:BD:6D
X509v3 Authority Key Identifier:
keyid:23:39:4A:12:5F:A3:AC:E0:C4:7A:6F:E3:4F:40:86:B4:D3:BA:55:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzlKEl-jrODEem_jT0CGtNO6VYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/WkXpArqbJRiCNBdL9S2S9vAivW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/IzlKEl-jrODEem_jT0CGtNO6VYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.192.0/21
62.112.208.0/21
77.111.88.0/21
93.88.192.0/21
109.61.0.0/22
109.61.8.0/21
109.61.20.0-109.61.31.255
109.61.48.0-109.61.79.255
109.61.96.0/21
109.61.112.0/21
IPv6:
2a01:be00::/32
Signature Algorithm: sha256WithRSAEncryption
81:76:c9:9e:76:8c:05:5b:a2:d7:c0:8e:70:30:d9:15:2d:77:
00:62:57:42:f1:8e:ab:56:a4:80:b6:b4:69:0e:4f:7f:52:14:
25:bc:f0:d2:ea:48:c1:a0:9b:71:75:1d:3d:b1:dc:cf:89:0d:
1a:7a:bc:14:af:a7:ce:02:af:d7:94:7f:4a:8d:16:42:24:7b:
27:6a:7e:b3:1c:a3:74:48:ef:9f:82:4f:5b:14:9f:7b:cf:10:
e7:3d:0e:86:c8:ee:96:f1:f5:60:81:bd:14:00:91:49:82:ac:
cd:c1:a4:4f:b0:6e:b0:d2:0d:e8:cf:70:48:c0:14:61:54:5a:
0b:bb:ec:5e:9a:14:83:1b:72:35:0a:e0:04:6e:f2:86:78:8a:
f5:14:d7:56:1b:48:ed:85:04:ea:92:3e:6b:05:22:da:4b:9b:
52:86:28:ea:02:d2:69:f7:b5:4f:bb:ec:07:24:39:3c:10:07:
75:d2:70:f5:fb:30:e3:41:ed:c8:50:f3:b6:4f:35:ea:ef:df:
84:30:88:91:d1:87:7a:18:6a:61:4a:af:60:87:a6:3a:30:5f:
6d:a2:bf:d4:c2:0d:8a:03:d9:66:91:c5:19:c7:bb:06:f1:4f:
9d:b4:f9:28:f5:e6:7c:c5:ca:93:db:a1:46:2e:d3:7e:87:fb:
95:01:34:0f
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZGdkeWooogyzb50OipFYpt/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMzk0YTEyNWZhM2FjZTBjNDdhNmZlMzRmNDA4NmI0ZDNi
YTU1ODgwHhcNMjQwODI5MDk1NzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTQ1ZTkwMmJhOWIyNTE4ODIzNDE3NGJmNTJkOTJmNmYwMjJiZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVdCp1EtmC5FSDDdIkFD0lqPM+2p
01gMHTgdNld0ZoRwPuYaODiRu1mGvr0AkbxQ9LP6puhA2ONbp7Ya5yfhtVPrrIGE
cy2Muod+5SubYRbWBQNGiASaiV1AOK92iKyDltCQm9Qdc6U6D0hj/RnxnIH7Bsrz
X1MHWI6kxFtQLbe5zozLHvSI7DfRgV7eIbfPL9OrD8eSkUrM/DT6zBmaDUMDa58J
20LkujAlAWXvJiBEOtih6rXPknVuFNOpQZ8ETrRMWlwzJAWJ0wvTLPUfFYFINwKr
dmUWX9iVfvCvrIKN8TP1zU4L5Thaq5pMJWF+0x4C/MNYJbcWrRCLfOgogQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFFpF6QK6myUYgjQXS/UtkvbwIr1tMB8GA1UdIwQY
MBaAFCM5ShJfo6zgxHpv409AhrTTulWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpsS0VsLWpyT0RFZW1falQwQ0d0Tk82VllnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hZmQ0MTUtMGE4Ni00MzFmLWJjM2Et
ZDQzMjA3ZDYyZGZlLzEvV2tYcEFycWJKUmlDTkJkTDlTMlM5dkFpdlcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9hZmQ0MTUtMGE4Ni00MzFmLWJjM2EtZDQzMjA3ZDYyZGZl
LzEvSXpsS0VsLWpyT0RFZW1falQwQ0d0Tk82VllnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwQDPnDAAwQD
PnDQAwQDTW9YAwQDXVjAAwQCbT0AAwQDbT0IMAwDBAJtPRQDBAVtPQAwDAMEBG09
MAMEBG09QAMEA209YAMEA209cDANBAIAAjAHAwUAKgG+ADANBgkqhkiG9w0BAQsF
AAOCAQEAgXbJnnaMBVui18COcDDZFS13AGJXQvGOq1akgLa0aQ5Pf1IUJbzw0upI
waCbcXUdPbHcz4kNGnq8FK+nzgKv15R/So0WQiR7J2p+sxyjdEjvn4JPWxSfe88Q
5z0OhsjulvH1YIG9FACRSYKszcGkT7BusNIN6M9wSMAUYVRaC7vsXpoUgxtyNQrg
BG7yhniK9RTXVhtI7YUE6pI+awUi2kubUoYo6gLSafe1T7vsByQ5PBAHddJw9fsw
40HtyFDztk816u/fhDCIkdGHehhqYUqvYIemOjBfbaK/1MINigPZZpHFGce7BvFP
nbT5KPXmfMXKk9uhRi7Tfof7lQE0Dw==
-----END CERTIFICATE-----
Generated at Thu Oct 31 19:17:34 2024 by rpki-client on console-ams.rpki-client.org