Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/W4Ehg2kCK4fipUgY7qnZBWG2xkk.roa
File: W4Ehg2kCK4fipUgY7qnZBWG2xkk.roa (raw, json)
Hash identifier: /ykAf0AM2sL9I2QVHFaq7POOTbk9X64B9ZFuVKk861k=
Subject key identifier: 5B:81:21:83:69:02:2B:87:E2:A5:48:18:EE:A9:D9:05:61:B6:C6:49
Certificate issuer: /CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Certificate serial: 01857079767A130A4B9159F393197B0BCD7C
Authority key identifier: 16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/W4Ehg2kCK4fipUgY7qnZBWG2xkk.roa
Signing time: Mon 02 Jan 2023 03:14:46 +0000
ROA not before: Mon 02 Jan 2023 03:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203576
IP address blocks: 89.252.188.0/24 maxlen: 32
185.126.218.0/24 maxlen: 32
185.126.217.0/24 maxlen: 32
185.126.216.0/24 maxlen: 32
89.252.191.0/24 maxlen: 32
89.252.190.0/24 maxlen: 32
89.252.189.0/24 maxlen: 32
185.126.219.0/24 maxlen: 32
185.165.46.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:76:7a:13:0a:4b:91:59:f3:93:19:7b:0b:cd:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Validity
Not Before: Jan 2 03:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b81218369022b87e2a54818eea9d90561b6c649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:2b:78:52:36:b7:50:2e:54:a9:02:f3:a6:12:
6a:d7:80:ff:49:db:97:ab:7a:02:c8:ec:cb:0e:a3:
91:ff:d9:95:b3:ad:e0:73:45:c8:55:7b:c3:08:73:
8a:22:59:4c:e8:3c:cc:27:ee:d9:ea:5c:16:3d:27:
39:0d:28:ce:79:84:5b:42:3c:d1:eb:ac:5d:6e:fe:
17:89:99:a8:c6:17:6d:4f:e7:57:59:4c:d8:48:de:
81:34:c0:04:dd:4b:19:47:34:d1:a0:36:91:a9:a9:
6e:ce:8c:77:4e:02:09:da:b2:52:4e:f1:9f:2a:fe:
b3:47:1d:01:3f:b7:ec:ac:21:bb:b7:73:ef:38:19:
5a:3d:78:ac:6a:e4:96:d5:67:bc:56:09:0f:3b:85:
8b:4c:51:c9:8c:5f:9b:57:df:e0:85:90:5b:ec:49:
4b:7f:b2:4d:8b:f4:19:ce:c4:32:00:85:0b:e0:04:
53:0a:92:59:ac:de:99:2d:c5:7f:c3:ed:a7:b2:06:
a8:8e:6e:42:e8:c8:22:fb:ca:7e:b6:12:2e:2b:ad:
a5:ce:8c:d7:d0:1d:4f:b2:1f:59:f6:bc:a5:5f:ce:
54:aa:3f:52:27:a8:4f:96:8d:5f:7e:2d:bc:3c:a4:
94:55:06:3f:74:b8:44:31:60:cf:f1:f8:be:9e:be:
5e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:81:21:83:69:02:2B:87:E2:A5:48:18:EE:A9:D9:05:61:B6:C6:49
X509v3 Authority Key Identifier:
keyid:16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/W4Ehg2kCK4fipUgY7qnZBWG2xkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.188.0/22
185.126.216.0/22
185.165.46.0/24
Signature Algorithm: sha256WithRSAEncryption
57:f3:ef:85:a8:5d:bc:38:19:55:7b:66:29:eb:99:a2:5f:55:
93:c2:a9:f0:98:f1:6a:ba:3d:d7:96:e9:78:e8:3e:c2:61:a1:
a1:2b:49:d5:f2:86:c3:be:5d:34:ec:e5:e8:6d:b3:31:2c:13:
15:86:9e:6f:b2:e9:71:a8:59:fb:cd:b0:41:99:2a:88:54:1f:
78:f3:c2:fa:35:9c:28:63:fc:c0:cb:ae:5c:12:0f:60:bc:c2:
dc:9f:bc:99:5a:f6:ac:a6:39:1b:af:e9:42:d6:90:d0:fe:3c:
c3:b8:5c:11:12:9b:dd:87:84:92:1e:cb:d6:ce:fe:45:07:bd:
0f:e4:9f:ca:e9:58:a3:7d:23:1a:53:79:5a:c9:ba:2e:78:e8:
8e:1b:e7:00:b8:1a:bd:cd:6a:c6:a4:89:d8:8c:36:10:b1:fc:
df:0f:2f:1f:c8:f4:27:05:fa:4f:18:b3:26:21:29:e6:cd:92:
38:4f:0c:b5:c8:55:f1:7f:8f:9b:97:aa:73:84:9c:93:d4:28:
c9:94:15:32:35:31:9e:db:e9:f5:73:f2:0c:4a:29:5e:e4:32:
bb:cb:fa:4b:9c:7d:aa:8e:b0:86:07:35:51:21:9d:fe:bc:c4:
33:df:1a:54:9c:3a:36:37:c2:91:79:44:79:66:a0:57:c8:97:
a2:17:77:0b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVweXZ6EwpLkVnzkxl7C818MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODYwMGRmYWM5ZDNkMWE3NWU2NjMwZDY5NzEwMmYyZjIx
MzJjNDgwHhcNMjMwMTAyMDMxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjgxMjE4MzY5MDIyYjg3ZTJhNTQ4MThlZWE5ZDkwNTYxYjZjNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ct4Uja3UC5UqQLzphJq14D/SduX
q3oCyOzLDqOR/9mVs63gc0XIVXvDCHOKIllM6DzMJ+7Z6lwWPSc5DSjOeYRbQjzR
66xdbv4XiZmoxhdtT+dXWUzYSN6BNMAE3UsZRzTRoDaRqaluzox3TgIJ2rJSTvGf
Kv6zRx0BP7fsrCG7t3PvOBlaPXisauSW1We8VgkPO4WLTFHJjF+bV9/ghZBb7ElL
f7JNi/QZzsQyAIUL4ARTCpJZrN6ZLcV/w+2nsgaojm5C6Mgi+8p+thIuK62lzozX
0B1Psh9Z9rylX85Uqj9SJ6hPlo1ffi28PKSUVQY/dLhEMWDP8fi+nr5e0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFuBIYNpAiuH4qVIGO6p2QVhtsZJMB8GA1UdIwQY
MBaAFBaGAN+snT0adeZjDWlxAvLyEyxIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEt
MThkYmU2NTA0YmI0LzEvVzRFaGcya0NLNGZpcFVnWTdxblpCV0cyeGtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEtMThkYmU2NTA0YmI0
LzEvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWfy8AwQC
uX7YAwQAuaUuMA0GCSqGSIb3DQEBCwUAA4IBAQBX8++FqF28OBlVe2Yp65miX1WT
wqnwmPFquj3Xlul46D7CYaGhK0nV8obDvl007OXobbMxLBMVhp5vsulxqFn7zbBB
mSqIVB9488L6NZwoY/zAy65cEg9gvMLcn7yZWvaspjkbr+lC1pDQ/jzDuFwREpvd
h4SSHsvWzv5FB70P5J/K6VijfSMaU3layboueOiOG+cAuBq9zWrGpInYjDYQsfzf
Dy8fyPQnBfpPGLMmISnmzZI4Twy1yFXxf4+bl6pzhJyT1CjJlBUyNTGe2+n1c/IM
Sile5DK7y/pLnH2qjrCGBzVRIZ3+vMQz3xpUnDo2N8KReUR5ZqBXyJeiF3cL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:56 2023 by rpki-client on console-fra.rpki-client.org