Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wNJb5a-ORUKj-2rlFa2pCrYtH9k.roa
File: wNJb5a-ORUKj-2rlFa2pCrYtH9k.roa (raw, json)
Hash identifier: OW6nMNUfWDiEIPzp8HP6jykEhrazLL5wBR4JEJ6K8JE=
Subject key identifier: C0:D2:5B:E5:AF:8E:45:42:A3:FB:6A:E5:15:AD:A9:0A:B6:2D:1F:D9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CD47E7C7B964354D2FFBE81430B87019B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wNJb5a-ORUKj-2rlFa2pCrYtH9k.roa
Signing time: Thu 04 Jan 2024 12:41:48 +0000
ROA not before: Thu 04 Jan 2024 12:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.49.126.0/23 maxlen: 24
89.213.180.0/24 maxlen: 24
82.153.246.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
81.168.119.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
213.152.42.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jan 2024 09:28:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d4:7e:7c:7b:96:43:54:d2:ff:be:81:43:0b:87:01:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 4 12:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0d25be5af8e4542a3fb6ae515ada90ab62d1fd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:c5:fd:11:c4:8c:64:93:36:2a:7a:cb:e6:06:
00:02:38:ca:a1:fd:7e:69:c1:f0:b6:25:1d:8c:12:
b3:85:71:5a:39:e1:73:7c:a6:eb:7f:61:8a:96:e1:
3f:85:01:51:28:7c:a2:85:83:6e:86:b4:06:d3:05:
89:e7:42:ee:5e:83:5c:99:db:ad:37:22:40:90:41:
bb:ee:2a:72:af:3a:83:73:ed:96:4a:3b:f0:ec:f9:
01:ff:d3:ff:6c:14:93:d9:1f:56:30:88:92:e0:21:
ca:d7:3e:de:d5:83:be:55:15:93:9c:ab:36:49:23:
93:cc:fa:aa:4b:71:cc:68:cf:cc:93:cc:a9:ba:82:
39:0d:51:34:18:2b:e8:30:e9:0c:62:47:34:9e:16:
dc:1a:41:02:ac:ff:d9:22:db:0a:b7:71:d3:16:b1:
02:17:f9:32:07:aa:2d:13:4c:b6:d3:90:04:a5:66:
ec:eb:3a:c0:6d:9b:a1:6d:31:14:62:ae:e7:22:2e:
f2:f9:eb:3c:20:8f:4f:e9:53:be:70:3d:b0:0c:e3:
17:8c:e4:6f:80:fb:91:7a:8f:0d:bb:cb:91:38:be:
d1:39:24:64:a9:34:7b:bc:ac:c3:f2:0c:24:dc:2b:
3f:bf:51:6f:85:52:a2:0b:cc:30:d9:3e:7f:f7:3e:
67:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:D2:5B:E5:AF:8E:45:42:A3:FB:6A:E5:15:AD:A9:0A:B6:2D:1F:D9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wNJb5a-ORUKj-2rlFa2pCrYtH9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
82.153.136.0/22
82.153.246.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/24
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:6a:27:14:cf:da:cb:8e:e3:33:a7:f8:62:eb:ab:10:a3:17:
95:fd:76:15:91:f2:65:88:aa:df:70:0a:4c:28:da:58:e6:24:
bc:38:c6:16:3c:15:aa:9b:f9:c1:2d:29:49:2c:cd:56:80:aa:
4c:82:32:ba:5c:9b:db:2e:3f:71:8b:9d:33:43:8a:ae:94:88:
ca:e5:b7:b8:99:50:9b:aa:80:06:a0:fb:2a:1f:c7:13:93:20:
8c:5f:16:93:03:e1:b1:f7:a1:e3:b5:93:7e:89:c8:cd:05:f7:
1f:c4:88:6f:6f:c7:35:0d:97:19:b8:31:04:33:2d:0e:61:a8:
3c:51:c6:0c:e9:fb:d2:9c:85:d4:42:d3:37:c5:59:52:8e:06:
20:66:44:eb:12:1a:b4:b8:c7:62:a1:95:b5:8b:58:53:00:33:
62:f5:91:1a:f6:33:4b:92:2a:e0:b7:31:97:f0:dd:77:b5:5a:
26:15:f6:6c:34:d2:5f:4f:f5:80:7b:f9:1b:30:0b:7b:23:15:
3d:1a:db:6e:10:ab:a4:04:e5:2c:06:39:77:70:04:a2:26:46:
97:44:01:1c:a0:ad:29:5e:52:4f:f0:e3:e0:a6:1e:e6:1d:73:
bf:eb:0a:22:d0:48:03:f0:3b:53:db:8d:cf:8b:03:0c:3a:31:
cd:34:3c:fb
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzUfnx7lkNU0v++gUMLhwGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTA0MTI0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGQyNWJlNWFmOGU0NTQyYTNmYjZhZTUxNWFkYTkwYWI2MmQxZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7sX9EcSMZJM2KnrL5gYAAjjKof1+
acHwtiUdjBKzhXFaOeFzfKbrf2GKluE/hQFRKHyihYNuhrQG0wWJ50LuXoNcmdut
NyJAkEG77ipyrzqDc+2WSjvw7PkB/9P/bBST2R9WMIiS4CHK1z7e1YO+VRWTnKs2
SSOTzPqqS3HMaM/Mk8ypuoI5DVE0GCvoMOkMYkc0nhbcGkECrP/ZItsKt3HTFrEC
F/kyB6otE0y205AEpWbs6zrAbZuhbTEUYq7nIi7y+es8II9P6VO+cD2wDOMXjORv
gPuReo8Nu8uROL7ROSRkqTR7vKzD8gwk3Cs/v1FvhVKiC8ww2T5/9z5nQwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMDSW+WvjkVCo/tq5RWtqQq2LR/ZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvd05KYjVhLU9SVUtqLTJybEZhMnBDcll0SDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAUah3AwQC
UpmIAwQAUpn2MAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBABZ1bQDBAG5MX4DBADVmCow
DQYJKoZIhvcNAQELBQADggEBAE5qJxTP2suO4zOn+GLrqxCjF5X9dhWR8mWIqt9w
Ckwo2ljmJLw4xhY8Faqb+cEtKUkszVaAqkyCMrpcm9suP3GLnTNDiq6UiMrlt7iZ
UJuqgAag+yofxxOTIIxfFpMD4bH3oeO1k36JyM0F9x/EiG9vxzUNlxm4MQQzLQ5h
qDxRxgzp+9KchdRC0zfFWVKOBiBmROsSGrS4x2KhlbWLWFMAM2L1kRr2M0uSKuC3
MZfw3Xe1WiYV9mw00l9P9YB7+RswC3sjFT0a224Qq6QE5SwGOXdwBKImRpdEARyg
rSleUk/w4+CmHuYdc7/rCiLQSAPwO1Pbjc+LAww6Mc00PPs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org