Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/W1ZE67z-ux4YsYoi5lvaLfwlDbM.roa
File: W1ZE67z-ux4YsYoi5lvaLfwlDbM.roa (raw, json)
Hash identifier: pNAiZbYM7EmJGzTzrpqCwRw/SloD6d2Wb3m0JMHTkGM=
Subject key identifier: 5B:56:44:EB:BC:FE:BB:1E:18:B1:8A:22:E6:5B:DA:2D:FC:25:0D:B3
Certificate issuer: /CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Certificate serial: 018BECBE13AC57E85C00BFA36D10EF87E7C3
Authority key identifier: 2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/W1ZE67z-ux4YsYoi5lvaLfwlDbM.roa
Signing time: Mon 20 Nov 2023 12:39:21 +0000
ROA not before: Mon 20 Nov 2023 12:39:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199242
IP address blocks: 62.106.90.0/24 maxlen: 24
212.52.14.0/24 maxlen: 24
91.246.50.0/24 maxlen: 24
185.234.12.0/24 maxlen: 24
194.26.231.0/24 maxlen: 24
80.71.144.0/24 maxlen: 24
193.162.133.0/24 maxlen: 24
146.19.4.0/24 maxlen: 24
195.96.130.0/24 maxlen: 24
37.72.142.0/24 maxlen: 24
176.97.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Nov 2023 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:be:13:ac:57:e8:5c:00:bf:a3:6d:10:ef:87:e7:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Validity
Not Before: Nov 20 12:39:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b5644ebbcfebb1e18b18a22e65bda2dfc250db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2c:7d:12:2b:5f:ba:c9:bf:91:f6:ec:3b:0c:
bf:b3:86:a9:a1:b7:06:81:64:9d:7e:1c:9e:2b:06:
6f:42:84:2f:4b:85:62:85:31:56:e5:f4:cc:2b:df:
63:1c:85:11:e7:b0:94:b9:a1:cf:7f:8e:2b:57:1c:
f5:4c:70:44:b4:48:9e:72:f1:1d:83:7a:00:37:e2:
ca:75:42:a6:4b:96:6f:17:2f:f4:a7:fb:e1:3e:c4:
8f:d6:74:f3:fa:2b:06:43:e3:dc:39:26:54:34:13:
b4:9b:40:c4:db:ba:88:e2:4e:de:61:4b:1c:09:8d:
c8:62:4e:fa:20:00:50:3e:29:6f:59:60:88:85:90:
cd:78:65:02:7c:40:71:e9:aa:40:7a:e0:63:3e:6e:
9c:67:09:4e:4f:9d:00:21:e5:6b:4a:ed:cf:46:54:
0e:c6:28:68:a5:c4:fc:24:3a:fd:c2:cf:c1:fc:ff:
6d:13:d2:74:ca:b2:67:cd:c2:ae:19:b3:3c:fa:9d:
d1:c0:16:12:8d:fa:23:e8:64:f1:66:a5:5d:a5:a3:
22:d9:cc:49:19:45:bd:d9:9e:9a:a0:9e:55:aa:cc:
56:9b:68:64:7c:03:38:30:5e:d9:ed:3a:dd:7a:75:
9c:c6:dd:63:e5:93:28:e0:11:f8:94:2e:38:e5:da:
a0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:56:44:EB:BC:FE:BB:1E:18:B1:8A:22:E6:5B:DA:2D:FC:25:0D:B3
X509v3 Authority Key Identifier:
keyid:2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/W1ZE67z-ux4YsYoi5lvaLfwlDbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.142.0/24
62.106.90.0/24
80.71.144.0/24
91.246.50.0/24
146.19.4.0/24
176.97.217.0/24
185.234.12.0/24
193.162.133.0/24
194.26.231.0/24
195.96.130.0/24
212.52.14.0/24
Signature Algorithm: sha256WithRSAEncryption
43:1f:14:29:5d:f0:99:5f:f7:c6:a5:34:1e:ed:4e:38:97:48:
f6:20:13:6a:16:46:44:3c:b3:91:fe:97:0c:89:9e:06:a4:b1:
6d:1e:74:fb:1d:25:48:c7:a0:6d:dd:47:42:28:60:1a:40:9e:
85:c0:78:8c:69:0c:60:49:50:c7:43:09:da:87:ed:c7:d8:17:
10:07:99:a5:23:9d:9d:db:4b:e5:3e:d7:70:a1:f3:e6:dd:d3:
90:3d:63:8d:6f:ec:71:5d:9b:79:89:ff:ec:4d:01:b3:70:dc:
f5:b5:b8:d3:c0:78:3e:10:21:87:a6:53:f7:c7:63:ca:36:64:
49:82:0d:72:57:27:e8:70:02:5c:61:30:74:3d:0a:d8:35:d2:
74:0a:88:6b:5c:3f:2d:ea:4d:eb:1c:a4:21:88:31:c1:eb:bd:
42:70:6e:5f:f5:60:5f:67:3a:cb:86:02:8a:4d:6e:88:6f:3f:
b0:e4:56:73:8f:f9:fb:1d:da:ab:2e:24:66:18:bf:95:18:69:
2b:b1:61:e8:9b:2c:e7:06:9c:a4:0b:4f:d6:7a:e9:93:eb:e4:
45:1d:04:ee:b2:05:ef:18:3c:f1:f6:eb:53:71:68:84:dd:af:
30:b1:af:23:f9:a4:c1:0e:7e:86:d1:47:08:e3:9a:42:ed:c1:
5b:5c:70:fb
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYvsvhOsV+hcAL+jbRDvh+fDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzY4YjBhZWM2YzdmZDQ4ZDBkOTZiNDA3N2EyM2Y5MDZh
ODZhNDgwHhcNMjMxMTIwMTIzOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjU2NDRlYmJjZmViYjFlMThiMThhMjJlNjViZGEyZGZjMjUwZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSx9Eitfusm/kfbsOwy/s4apobcG
gWSdfhyeKwZvQoQvS4VihTFW5fTMK99jHIUR57CUuaHPf44rVxz1THBEtEiecvEd
g3oAN+LKdUKmS5ZvFy/0p/vhPsSP1nTz+isGQ+PcOSZUNBO0m0DE27qI4k7eYUsc
CY3IYk76IABQPilvWWCIhZDNeGUCfEBx6apAeuBjPm6cZwlOT50AIeVrSu3PRlQO
xihopcT8JDr9ws/B/P9tE9J0yrJnzcKuGbM8+p3RwBYSjfoj6GTxZqVdpaMi2cxJ
GUW92Z6aoJ5VqsxWm2hkfAM4MF7Z7TrdenWcxt1j5ZMo4BH4lC445dqgdwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFFtWROu8/rseGLGKIuZb2i38JQ2zMB8GA1UdIwQY
MBaAFC42iwrsbH/UjQ2WtAd6I/kGqGpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQt
MTQyN2RkMTZlZmE0LzEvVzFaRTY3ei11eDRZc1lvaTVsdmFMZndsRGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQtMTQyN2RkMTZlZmE0
LzEvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAJUiOAwQA
PmpaAwQAUEeQAwQAW/YyAwQAkhMEAwQAsGHZAwQAueoMAwQAwaKFAwQAwhrnAwQA
w2CCAwQA1DQOMA0GCSqGSIb3DQEBCwUAA4IBAQBDHxQpXfCZX/fGpTQe7U44l0j2
IBNqFkZEPLOR/pcMiZ4GpLFtHnT7HSVIx6Bt3UdCKGAaQJ6FwHiMaQxgSVDHQwna
h+3H2BcQB5mlI52d20vlPtdwofPm3dOQPWONb+xxXZt5if/sTQGzcNz1tbjTwHg+
ECGHplP3x2PKNmRJgg1yVyfocAJcYTB0PQrYNdJ0CohrXD8t6k3rHKQhiDHB671C
cG5f9WBfZzrLhgKKTW6Ibz+w5FZzj/n7HdqrLiRmGL+VGGkrsWHomyznBpykC0/W
eumT6+RFHQTusgXvGDzx9utTcWiE3a8wsa8j+aTBDn6G0UcI45pC7cFbXHD7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:49 2024 by rpki-client on console-fra.rpki-client.org