Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/WZCuFjBoFppm72QCn3Nq-YWGj_U.roa
File: WZCuFjBoFppm72QCn3Nq-YWGj_U.roa (raw, json)
Hash identifier: SoDw6KRF02qJ34w3NK8Gxcmt1V0YmPMGTLd905CIod0=
Subject key identifier: 59:90:AE:16:30:68:16:9A:66:EF:64:02:9F:73:6A:F9:85:86:8F:F5
Certificate issuer: /CN=a088b0547f09fe9224050d70a523da5bedbe0738
Certificate serial: 018CC4255CA86362276E909017B1CF7F916F
Authority key identifier: A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/WZCuFjBoFppm72QCn3Nq-YWGj_U.roa
Signing time: Mon 01 Jan 2024 08:30:32 +0000
ROA not before: Mon 01 Jan 2024 08:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 37.230.138.0/24 maxlen: 24
81.16.176.0/24 maxlen: 24
81.16.177.0/24 maxlen: 24
91.208.92.0/24 maxlen: 24
194.213.3.0/24 maxlen: 24
213.170.135.0/24 maxlen: 24
188.64.33.0/24 maxlen: 24
45.143.196.0/22 maxlen: 24
2a10:e780::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 22 Mar 2024 14:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5c:a8:63:62:27:6e:90:90:17:b1:cf:7f:91:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a088b0547f09fe9224050d70a523da5bedbe0738
Validity
Not Before: Jan 1 08:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5990ae163068169a66ef64029f736af985868ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c6:73:b9:0d:a5:01:3a:31:24:ed:fb:55:69:
f9:f7:d2:e3:d4:30:3e:e1:fe:2b:51:3d:2f:af:a8:
c1:f6:87:a3:4a:fd:64:0d:fe:70:ad:c5:fd:1b:34:
8e:6f:bf:7f:6a:d0:f9:32:65:17:f9:b1:be:68:84:
e0:33:4b:72:53:96:fc:14:63:bd:8c:7c:43:9d:91:
6b:62:bd:1c:0e:18:45:96:1a:21:20:60:4f:ba:5c:
c2:00:8f:7d:0b:71:13:d2:83:f3:09:d9:ef:e7:3f:
4d:94:d0:50:55:99:86:d3:06:e6:da:c9:de:f1:f6:
aa:cd:ce:40:26:a0:c2:46:6e:c6:7e:f9:07:ef:e2:
06:fb:95:40:43:72:70:72:1b:6c:62:74:95:15:67:
ce:c9:15:b1:05:93:78:c3:31:2e:eb:45:51:d0:a5:
e2:f2:0d:9c:e3:7a:76:05:b5:21:50:e7:26:5d:69:
e7:e7:30:54:b5:52:ba:14:92:72:df:91:3f:3a:29:
1c:26:cd:34:8c:6d:95:30:c6:58:06:90:b8:ef:de:
ef:7d:73:a2:a4:95:6c:b8:b7:ab:ca:9b:79:8c:10:
64:b7:1e:7a:41:7a:f8:c6:49:d3:66:42:2a:39:36:
e9:1d:b3:08:c3:5a:7e:af:23:c8:73:1f:43:13:30:
47:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:90:AE:16:30:68:16:9A:66:EF:64:02:9F:73:6A:F9:85:86:8F:F5
X509v3 Authority Key Identifier:
keyid:A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/WZCuFjBoFppm72QCn3Nq-YWGj_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.138.0/24
45.143.196.0/22
81.16.176.0/23
91.208.92.0/24
188.64.33.0/24
194.213.3.0/24
213.170.135.0/24
IPv6:
2a10:e780::/40
Signature Algorithm: sha256WithRSAEncryption
58:21:2f:ec:7b:a1:36:da:e0:f4:03:6f:4f:1a:db:41:90:37:
03:27:38:24:41:64:39:64:00:bf:3d:3a:b5:69:ed:16:27:5d:
f2:c6:d5:7f:60:55:93:f4:da:27:d1:c4:4b:b5:e3:97:a4:db:
32:f4:be:a4:4c:a8:47:92:f3:78:d0:52:3c:ec:4a:4b:70:d0:
69:2d:de:19:f0:c7:1a:97:2a:8a:99:f7:d9:aa:db:cb:da:ca:
62:5e:91:78:dd:b7:7a:ab:d1:4b:e7:b5:af:23:66:68:fd:f9:
59:2e:eb:1b:bb:be:8a:8a:12:95:73:82:2d:5b:a2:be:7e:06:
76:3e:0e:35:03:e5:34:e8:b3:77:78:5a:42:ca:c5:bc:68:e9:
86:51:be:97:f1:15:eb:57:9d:27:f3:a6:23:22:4e:52:09:73:
d9:b9:80:5b:ac:02:40:4d:99:6c:9c:54:bf:6b:59:2b:cf:66:
75:e0:ed:09:56:37:95:d3:22:4d:58:47:3c:67:05:4f:5e:91:
c6:b0:86:07:a8:4e:ef:fa:13:73:c5:e5:1e:b7:3a:67:b4:ed:
50:a6:be:25:16:da:5e:d2:0c:b1:6d:49:76:61:98:ee:f6:b2:
24:58:ec:6b:74:37:1d:89:0b:cf:1c:1e:fb:f8:f8:67:07:26:
4c:22:9f:67
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzEJVyoY2InbpCQF7HPf5FvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwODhiMDU0N2YwOWZlOTIyNDA1MGQ3MGE1MjNkYTViZWRi
ZTA3MzgwHhcNMjQwMTAxMDgzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTkwYWUxNjMwNjgxNjlhNjZlZjY0MDI5ZjczNmFmOTg1ODY4ZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsZzuQ2lAToxJO37VWn599Lj1DA+
4f4rUT0vr6jB9oejSv1kDf5wrcX9GzSOb79/atD5MmUX+bG+aITgM0tyU5b8FGO9
jHxDnZFrYr0cDhhFlhohIGBPulzCAI99C3ET0oPzCdnv5z9NlNBQVZmG0wbm2sne
8faqzc5AJqDCRm7GfvkH7+IG+5VAQ3JwchtsYnSVFWfOyRWxBZN4wzEu60VR0KXi
8g2c43p2BbUhUOcmXWnn5zBUtVK6FJJy35E/OikcJs00jG2VMMZYBpC4797vfXOi
pJVsuLerypt5jBBktx56QXr4xknTZkIqOTbpHbMIw1p+ryPIcx9DEzBHGQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFFmQrhYwaBaaZu9kAp9zavmFho/1MB8GA1UdIwQY
MBaAFKCIsFR/Cf6SJAUNcKUj2lvtvgc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMt
ZGY4MmZhODk3MzI2LzEvV1pDdUZqQm9GcHBtNzJRQ24zTnEtWVdHal9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMtZGY4MmZhODk3MzI2
LzEvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAwBAIAATAqAwQAJeaKAwQC
LY/EAwQBURCwAwQAW9BcAwQAvEAhAwQAwtUDAwQA1aqHMA4EAgACMAgDBgAqEOeA
ADANBgkqhkiG9w0BAQsFAAOCAQEAWCEv7HuhNtrg9ANvTxrbQZA3Ayc4JEFkOWQA
vz06tWntFidd8sbVf2BVk/TaJ9HES7Xjl6TbMvS+pEyoR5LzeNBSPOxKS3DQaS3e
GfDHGpcqipn32arby9rKYl6ReN23eqvRS+e1ryNmaP35WS7rG7u+iooSlXOCLVui
vn4Gdj4ONQPlNOizd3haQsrFvGjphlG+l/EV61edJ/OmIyJOUglz2bmAW6wCQE2Z
bJxUv2tZK89mdeDtCVY3ldMiTVhHPGcFT16RxrCGB6hO7/oTc8XlHrc6Z7TtUKa+
JRbaXtIMsW1JdmGY7vayJFjsa3Q3HYkLzxwe+/j4ZwcmTCKfZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:38 2024 by rpki-client on console-ams.rpki-client.org