Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/wCQkWQIek-fWz5fAtsCDXmF9nWE.roa
File: wCQkWQIek-fWz5fAtsCDXmF9nWE.roa (raw, json)
Hash identifier: rQmf4EavTtZBTY7JMTIRaLgA2EDBe6BcAdiQFyRUwsI=
Subject key identifier: C0:24:24:59:02:1E:93:E7:D6:CF:97:C0:B6:C0:83:5E:61:7D:9D:61
Certificate issuer: /CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Certificate serial: 018CC86F74CC25B5D1150415B19D45A1B219
Authority key identifier: 11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/wCQkWQIek-fWz5fAtsCDXmF9nWE.roa
Signing time: Tue 02 Jan 2024 04:29:56 +0000
ROA not before: Tue 02 Jan 2024 04:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 178.236.246.0/23 maxlen: 23
94.228.162.0/23 maxlen: 23
94.228.164.0/23 maxlen: 23
94.228.168.0/24 maxlen: 24
94.228.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Aug 2024 06:45:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:74:cc:25:b5:d1:15:04:15:b1:9d:45:a1:b2:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Validity
Not Before: Jan 2 04:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0242459021e93e7d6cf97c0b6c0835e617d9d61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2c:ba:9a:3e:28:82:06:88:34:18:31:2d:cf:
6c:ec:60:ec:d2:67:5f:63:8c:be:e3:5a:9a:db:e4:
5c:a9:49:f3:2f:37:00:b4:e4:76:d5:8d:1a:e4:c1:
b1:9f:8f:7a:25:19:83:d6:7e:c1:6d:f8:08:7d:58:
df:85:89:4e:c5:25:52:fb:bc:0c:b0:e7:23:8c:de:
44:92:29:43:94:d4:46:87:96:9a:c3:e9:3b:93:7f:
5a:97:5d:3d:cb:97:ce:9b:7e:63:6d:ab:9f:8a:72:
bb:b0:d0:9f:f4:d1:99:5e:f6:c2:d9:07:dc:12:52:
60:0b:07:46:00:9e:22:7f:af:29:cf:90:d8:a9:14:
9c:63:cd:78:e5:ef:8e:86:b2:1e:b5:df:11:ab:70:
5d:55:4c:42:f1:23:e0:e7:8b:d6:d8:0d:d7:ab:db:
f9:a9:72:d4:4d:b8:42:45:26:3e:b7:82:78:35:50:
63:dd:77:55:01:f6:ed:05:21:f0:ee:63:8b:46:b1:
7b:8b:96:48:d3:be:09:24:72:bc:66:07:7f:cd:1f:
0b:f3:80:68:69:ec:95:fa:9e:3e:f3:3b:6a:f6:9e:
d7:f0:2b:1b:da:2d:dc:09:9a:fd:41:f7:32:46:a7:
4c:59:93:51:a6:25:93:47:68:3c:18:f3:5c:50:1f:
0d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:24:24:59:02:1E:93:E7:D6:CF:97:C0:B6:C0:83:5E:61:7D:9D:61
X509v3 Authority Key Identifier:
keyid:11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/wCQkWQIek-fWz5fAtsCDXmF9nWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.162.0-94.228.165.255
94.228.168.0/23
178.236.246.0/23
Signature Algorithm: sha256WithRSAEncryption
50:89:d1:20:dd:7d:dc:bd:9d:f1:f5:e1:0e:21:37:ab:52:a8:
5f:ce:0e:d1:c9:6b:5e:79:e2:2e:68:a0:59:0b:f7:36:ad:b3:
1e:cc:20:ca:d2:88:82:2b:dc:bd:c6:31:61:05:8d:60:ec:d1:
13:28:a9:b2:10:53:83:4a:91:6a:0f:08:ed:e4:5a:f0:8e:15:
8a:3b:79:14:f2:fd:7e:dc:71:ea:3e:f3:28:f0:43:6a:ee:0a:
14:42:ad:9e:37:4b:fd:e7:82:77:1c:88:c4:72:b0:74:d6:bd:
fb:4f:16:a3:e6:f0:3b:21:cf:c8:95:f8:27:ac:bd:f8:71:aa:
ef:de:37:ba:c5:68:3c:f3:02:bc:2b:2d:8c:21:a0:dc:b5:36:
03:55:0c:4b:ca:46:9d:d6:96:2b:19:c7:9c:40:11:72:5c:42:
44:a6:f7:42:6e:c5:44:fb:23:2a:5c:5e:52:82:c5:c7:63:55:
60:20:b6:3e:ea:5f:0a:56:df:93:db:1f:9f:ed:9b:00:ce:e3:
6f:94:a7:db:60:6c:65:3b:ae:09:3c:29:95:9f:e1:99:f8:70:
1e:29:98:6b:18:ea:bb:47:53:5c:8c:6f:3c:f0:b0:05:39:6f:
ca:ca:2f:18:63:8a:19:e6:2c:6b:e5:d9:01:50:ee:a8:23:11:
2d:81:aa:44
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzIb3TMJbXRFQQVsZ1FobIZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2Y5ZDU1ODI2YjQyNDg2ZGZjODRkMzVjMWE2M2E1Y2U4
NzUwN2MwHhcNMjQwMTAyMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDI0MjQ1OTAyMWU5M2U3ZDZjZjk3YzBiNmMwODM1ZTYxN2Q5ZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyy6mj4oggaINBgxLc9s7GDs0mdf
Y4y+41qa2+RcqUnzLzcAtOR21Y0a5MGxn496JRmD1n7BbfgIfVjfhYlOxSVS+7wM
sOcjjN5EkilDlNRGh5aaw+k7k39al109y5fOm35jbaufinK7sNCf9NGZXvbC2Qfc
ElJgCwdGAJ4if68pz5DYqRScY8145e+OhrIetd8Rq3BdVUxC8SPg54vW2A3Xq9v5
qXLUTbhCRSY+t4J4NVBj3XdVAfbtBSHw7mOLRrF7i5ZI074JJHK8Zgd/zR8L84Bo
aeyV+p4+8ztq9p7X8Csb2i3cCZr9QfcyRqdMWZNRpiWTR2g8GPNcUB8NewIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMAkJFkCHpPn1s+XwLbAg15hfZ1hMB8GA1UdIwQY
MBaAFBF/nVWCa0JIbfyE01waY6XOh1B8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMt
M2ZiYmJhOTI0OWNkLzEvd0NRa1dRSWVrLWZXejVmQXRzQ0RYbUY5bldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMtM2ZiYmJhOTI0OWNk
LzEvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFe5KID
BAFe5KQDBAFe5KgDBAGy7PYwDQYJKoZIhvcNAQELBQADggEBAFCJ0SDdfdy9nfH1
4Q4hN6tSqF/ODtHJa1554i5ooFkL9zatsx7MIMrSiIIr3L3GMWEFjWDs0RMoqbIQ
U4NKkWoPCO3kWvCOFYo7eRTy/X7cceo+8yjwQ2ruChRCrZ43S/3ngncciMRysHTW
vftPFqPm8Dshz8iV+Cesvfhxqu/eN7rFaDzzArwrLYwhoNy1NgNVDEvKRp3WlisZ
x5xAEXJcQkSm90JuxUT7IypcXlKCxcdjVWAgtj7qXwpW35PbH5/tmwDO42+Up9tg
bGU7rgk8KZWf4Zn4cB4pmGsY6rtHU1yMbzzwsAU5b8rKLxhjihnmLGvl2QFQ7qgj
ES2BqkQ=
-----END CERTIFICATE-----
Generated at Thu Aug 1 08:26:23 2024 by rpki-client on console-ams.rpki-client.org