Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/wpOZDghMtFSqZEFFsnx25-CSfM4.roa
File: wpOZDghMtFSqZEFFsnx25-CSfM4.roa (raw, json)
Hash identifier: kZVysvamkeRLxcGn0MrMMEkxrIozdVqXZWqS43Tgcr0=
Subject key identifier: C2:93:99:0E:08:4C:B4:54:AA:64:41:45:B2:7C:76:E7:E0:92:7C:CE
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 01872D6D92768361BB84F8FC3742FAE07316
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/wpOZDghMtFSqZEFFsnx25-CSfM4.roa
Signing time: Wed 29 Mar 2023 12:52:48 +0000
ROA not before: Wed 29 Mar 2023 12:52:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209408
IP address blocks: 80.71.225.0/24 maxlen: 24
80.71.228.0/24 maxlen: 24
45.66.224.0/22 maxlen: 22
80.71.237.0/24 maxlen: 24
81.29.145.0/24 maxlen: 24
81.29.146.0/24 maxlen: 24
81.29.149.0/24 maxlen: 24
81.29.148.0/24 maxlen: 24
81.29.147.0/24 maxlen: 24
81.29.156.0/24 maxlen: 24
81.29.158.0/24 maxlen: 24
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 06 Apr 2023 12:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:6d:92:76:83:61:bb:84:f8:fc:37:42:fa:e0:73:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Mar 29 12:52:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c293990e084cb454aa644145b27c76e7e0927cce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b9:ec:bb:48:fe:6e:23:9a:31:0c:43:ad:fc:
41:33:66:26:25:aa:a1:18:fd:6f:a3:fe:0a:59:a6:
d7:fb:e6:f8:71:40:f9:d3:85:1e:ca:a0:d4:e3:2c:
82:00:33:a5:d2:d1:1d:7c:e7:31:6c:ae:56:22:58:
7e:a0:ae:3a:15:d7:c1:33:69:0a:cb:fd:5f:24:d6:
71:7e:61:2f:bc:e5:a6:5b:b6:c0:4e:4d:a1:93:2a:
21:97:88:59:ff:7b:f3:af:e0:3b:45:f9:e4:e6:67:
8b:93:ef:04:31:14:59:8d:e1:b8:67:52:74:e7:d0:
f4:40:34:79:d9:cc:f0:64:43:db:c8:b2:60:27:b1:
47:25:63:3d:84:4c:f0:fd:fb:3b:ee:0e:ff:c4:3c:
40:82:86:f3:96:00:25:df:43:f5:4c:a2:96:d4:aa:
1c:9a:88:4f:60:16:b5:50:8a:d4:57:0e:06:66:c3:
fb:f7:0d:92:d2:75:09:e5:f2:fc:dd:40:ef:08:ba:
24:46:50:dc:e4:8e:9b:b6:4d:69:f4:95:4a:a0:ae:
66:d5:09:35:14:1c:23:c9:aa:8c:5e:31:9d:cc:21:
cb:37:dc:88:1c:22:90:68:6d:8b:f7:e0:11:e9:8b:
91:f5:f9:68:eb:80:be:ac:11:02:f1:7c:4e:8b:eb:
43:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:93:99:0E:08:4C:B4:54:AA:64:41:45:B2:7C:76:E7:E0:92:7C:CE
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/wpOZDghMtFSqZEFFsnx25-CSfM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
80.71.225.0/24
80.71.228.0/24
80.71.237.0/24
81.29.145.0-81.29.149.255
81.29.156.0/24
81.29.158.0/24
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
a5:21:27:ed:91:69:39:e9:eb:c3:6c:7d:ac:ae:2e:4d:27:87:
a8:1e:5a:d9:f7:00:e3:9b:0c:f2:3e:86:44:5a:38:82:c9:bd:
0c:67:42:0e:75:da:b7:51:ee:e9:24:25:62:f2:09:5c:82:df:
ca:77:a4:bd:3d:25:cc:00:aa:28:23:3a:71:38:cf:88:95:68:
d2:d6:77:37:f8:21:c7:a6:f1:a9:73:d3:22:9f:4b:a8:32:00:
79:75:44:ce:d4:b1:78:0a:98:82:e2:f3:1a:82:75:90:3f:e6:
cc:14:7c:24:f2:1d:a7:54:c3:64:95:60:3b:68:0f:a2:55:51:
94:14:fe:10:9b:39:ce:dc:f4:ef:d2:fe:69:4e:be:8a:37:1b:
6b:52:ef:97:ad:f9:99:1c:a9:bc:05:2b:1a:2e:18:67:62:cb:
74:83:cd:15:b3:5f:cb:68:35:2f:78:fe:b1:b7:c7:0a:fd:0f:
4a:68:8e:29:d0:5a:c7:d2:6a:09:07:4e:2b:32:c2:d3:fa:5b:
78:02:27:5d:4a:07:93:26:46:28:3d:33:be:ba:cb:dc:7b:fb:
fe:4b:d1:5c:fb:e3:88:f3:7f:08:00:3a:74:d9:00:d8:dc:ae:
4c:95:5c:99:52:b9:1b:7f:c2:4a:23:c3:dd:1e:3d:57:04:99:
db:f3:24:0e
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYctbZJ2g2G7hPj8N0L64HMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMzI5MTI1MjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjkzOTkwZTA4NGNiNDU0YWE2NDQxNDViMjdjNzZlN2UwOTI3Y2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7nsu0j+biOaMQxDrfxBM2YmJaqh
GP1vo/4KWabX++b4cUD504UeyqDU4yyCADOl0tEdfOcxbK5WIlh+oK46FdfBM2kK
y/1fJNZxfmEvvOWmW7bATk2hkyohl4hZ/3vzr+A7Rfnk5meLk+8EMRRZjeG4Z1J0
59D0QDR52czwZEPbyLJgJ7FHJWM9hEzw/fs77g7/xDxAgobzlgAl30P1TKKW1Koc
mohPYBa1UIrUVw4GZsP79w2S0nUJ5fL83UDvCLokRlDc5I6btk1p9JVKoK5m1Qk1
FBwjyaqMXjGdzCHLN9yIHCKQaG2L9+AR6YuR9flo64C+rBEC8XxOi+tDEwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFMKTmQ4ITLRUqmRBRbJ8dufgknzOMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvd3BPWkRnaE10RlNxWkVGRnNueDI1LUNTZk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQCLULgAwQA
UEfhAwQAUEfkAwQAUEftMAwDBABRHZEDBAFRHZQDBABRHZwDBABRHZ4wDQQCAAIw
BwMFAyoJbEAwDQYJKoZIhvcNAQELBQADggEBAKUhJ+2RaTnp68NsfayuLk0nh6ge
Wtn3AOObDPI+hkRaOILJvQxnQg512rdR7ukkJWLyCVyC38p3pL09JcwAqigjOnE4
z4iVaNLWdzf4Icem8alz0yKfS6gyAHl1RM7UsXgKmILi8xqCdZA/5swUfCTyHadU
w2SVYDtoD6JVUZQU/hCbOc7c9O/S/mlOvoo3G2tS75et+ZkcqbwFKxouGGdiy3SD
zRWzX8toNS94/rG3xwr9D0pojinQWsfSagkHTisywtP6W3gCJ11KB5MmRig9M766
y9x7+/5L0Vz744jzfwgAOnTZANjcrkyVXJlSuRt/wkojw90ePVcEmdvzJA4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:40 2024 by rpki-client on console-fra.rpki-client.org