Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Wouz9dqPHxAsYjbiaMkhEHp3X7U.roa
File: Wouz9dqPHxAsYjbiaMkhEHp3X7U.roa (raw, json)
Hash identifier: /ZNJaa9KkBEo+bc9ownBrf0czst3gKijPe24+mXbyMM=
Subject key identifier: 5A:8B:B3:F5:DA:8F:1F:10:2C:62:36:E2:68:C9:21:10:7A:77:5F:B5
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FC37393D8CB8CA02B25F18BDBE85404C6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Wouz9dqPHxAsYjbiaMkhEHp3X7U.roa
Signing time: Wed 29 May 2024 08:24:42 +0000
ROA not before: Wed 29 May 2024 08:24:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.163.22.0/24 maxlen: 24
82.163.23.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.210.0/24 maxlen: 24
89.213.211.0/24 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.19.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.62.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 09:59:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c3:73:93:d8:cb:8c:a0:2b:25:f1:8b:db:e8:54:04:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 29 08:24:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a8bb3f5da8f1f102c6236e268c921107a775fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:19:c5:35:27:c2:30:78:3e:d7:a4:48:97:a4:
7d:3f:14:4d:06:7f:6a:2a:19:79:88:9b:a4:bb:9f:
d0:df:37:67:3b:cf:f6:73:0e:72:ba:d0:65:76:83:
19:6c:54:ee:ad:d9:52:a1:4c:e6:83:c0:52:0f:a2:
6c:72:98:ea:fb:fb:a5:ef:b4:45:75:96:d7:b9:d1:
65:cf:51:a4:f3:a9:70:4b:fd:6c:ab:dd:8b:d8:41:
a6:26:ae:c3:d6:4f:c9:43:4f:5d:7c:b8:5f:0f:a9:
54:79:42:34:37:f4:3e:33:0c:9d:7c:5b:4d:69:a4:
06:b8:94:9f:e0:d1:9c:9c:28:3b:65:b7:0b:d7:5d:
d1:ac:8c:fb:78:cb:fa:9a:37:77:22:7f:d7:47:3e:
44:d4:21:fb:69:29:6a:61:bc:b6:3e:02:26:39:5a:
f0:42:85:b2:c6:26:8e:40:94:45:e4:95:fb:31:6b:
92:80:66:88:73:6c:01:ec:03:86:8a:34:b1:d3:51:
2d:e5:a3:94:24:b6:76:c7:50:c3:e6:40:f4:2b:7c:
91:70:4a:4b:69:9c:96:87:fb:76:38:49:d7:70:ab:
02:c3:a5:f0:15:64:2a:c3:71:26:10:86:28:ea:f2:
ac:22:4e:68:24:11:c0:ea:53:61:1f:ed:af:63:83:
90:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:8B:B3:F5:DA:8F:1F:10:2C:62:36:E2:68:C9:21:10:7A:77:5F:B5
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Wouz9dqPHxAsYjbiaMkhEHp3X7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
82.163.22.0/23
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.210.0/23
89.213.232.0/21
109.176.16.0/21
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.210.62.0/24
213.218.210.0/23
217.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
22:2b:f1:5c:92:65:53:a2:47:ad:d5:0d:49:33:64:25:3b:d6:
22:37:6e:8a:e9:a0:0a:5c:a6:d9:89:e1:3b:9c:5b:4b:e6:31:
84:2f:4b:89:99:ce:3e:b6:75:47:ee:13:d6:67:cf:b3:0b:b6:
eb:83:85:af:03:6a:00:b6:89:b9:9e:19:51:c4:14:3d:f9:49:
89:93:16:68:6f:1a:89:d1:08:4c:bf:e1:3f:5a:7a:7b:29:5b:
3f:e0:93:db:84:48:d0:05:83:58:5c:8f:1f:5b:80:0e:bf:56:
d5:a4:70:be:c3:70:50:ee:56:15:b9:25:93:3a:fd:cf:2e:c5:
f6:90:5a:6d:bd:71:ff:39:44:05:cd:a1:db:7f:03:35:a6:a8:
4b:cf:e7:e5:df:1e:e1:79:8b:84:01:03:ff:65:e1:34:8b:34:
61:80:d4:a6:e8:eb:e6:e4:69:ec:98:32:b0:f1:b0:15:ac:cc:
42:a6:71:de:f0:f8:98:a0:3a:94:da:da:72:b0:eb:8e:c3:59:
28:3a:db:c4:4d:46:62:a8:ff:b8:a5:64:8c:24:b7:ca:27:a5:
58:e4:34:74:62:86:ec:d7:fc:7a:bc:9c:2b:0f:bb:3c:e3:82:
35:dc:d4:3d:77:44:36:c5:26:38:64:8e:a8:2f:36:19:19:ef:
60:16:ce:fc
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAY/Dc5PYy4ygKyXxi9voVATGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTI5MDgyNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YThiYjNmNWRhOGYxZjEwMmM2MjM2ZTI2OGM5MjExMDdhNzc1ZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xnFNSfCMHg+16RIl6R9PxRNBn9q
Khl5iJuku5/Q3zdnO8/2cw5yutBldoMZbFTurdlSoUzmg8BSD6Jscpjq+/ul77RF
dZbXudFlz1Gk86lwS/1sq92L2EGmJq7D1k/JQ09dfLhfD6lUeUI0N/Q+MwydfFtN
aaQGuJSf4NGcnCg7ZbcL113RrIz7eMv6mjd3In/XRz5E1CH7aSlqYby2PgImOVrw
QoWyxiaOQJRF5JX7MWuSgGaIc2wB7AOGijSx01Et5aOUJLZ2x1DD5kD0K3yRcEpL
aZyWh/t2OEnXcKsCw6XwFWQqw3EmEIYo6vKsIk5oJBHA6lNhH+2vY4OQ8QIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFFqLs/Xajx8QLGI24mjJIRB6d1+1MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvV291ejlkcVBIeEFzWWpiaWFNa2hFSHAzWDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAVKYsAME
AlKZiAMEAVKjFjAMAwQCWdWUAwQFWdWAAwQCWdWsMAwDBAJZ1cQDBARZ1cADBAFZ
1dIDBANZ1egDBANtsBADBAG5MX4DBATCaVADBAHUJlgDBADV0j4DBAHV2tIDBADZ
kUQwDQYJKoZIhvcNAQELBQADggEBACIr8VySZVOiR63VDUkzZCU71iI3borpoApc
ptmJ4TucW0vmMYQvS4mZzj62dUfuE9Znz7MLtuuDha8DagC2ibmeGVHEFD35SYmT
FmhvGonRCEy/4T9aenspWz/gk9uESNAFg1hcjx9bgA6/VtWkcL7DcFDuVhW5JZM6
/c8uxfaQWm29cf85RAXNodt/AzWmqEvP5+XfHuF5i4QBA/9l4TSLNGGA1Kbo6+bk
aeyYMrDxsBWszEKmcd7w+JigOpTa2nKw647DWSg628RNRmKo/7ilZIwkt8onpVjk
NHRihuzX/Hq8nCsPuzzjgjXc1D13RDbFJjhkjqgvNhkZ72AWzvw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:06:33 2025 by rpki-client