Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/w2n6agKsTcsnbXDl29fWcG_p9CI.roa
File: w2n6agKsTcsnbXDl29fWcG_p9CI.roa (raw, json)
Hash identifier: 30yFMVAoB8kTvauYmU2TTKzujUF6u0ENyBIjUeevtrs=
Subject key identifier: C3:69:FA:6A:02:AC:4D:CB:27:6D:70:E5:DB:D7:D6:70:6F:E9:F4:22
Certificate issuer: /CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Certificate serial: 0191E17AD4CA7E7E486A2F42DA1242A98E07
Authority key identifier: 58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/w2n6agKsTcsnbXDl29fWcG_p9CI.roa
Signing time: Wed 11 Sep 2024 14:26:49 +0000
ROA not before: Wed 11 Sep 2024 14:26:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8560
IP address blocks: 81.169.190.0/24 maxlen: 24
85.214.6.0/24 maxlen: 24
85.214.10.0/24 maxlen: 24
85.214.12.0/24 maxlen: 24
85.215.32.0/19 maxlen: 24
85.215.64.0/20 maxlen: 24
85.215.96.0/19 maxlen: 24
85.215.128.0/17 maxlen: 24
185.56.148.0/22 maxlen: 24
192.67.197.0/24 maxlen: 24
2a01:239::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:7a:d4:ca:7e:7e:48:6a:2f:42:da:12:42:a9:8e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Validity
Not Before: Sep 11 14:26:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c369fa6a02ac4dcb276d70e5dbd7d6706fe9f422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a2:5a:bf:74:fc:c8:f8:87:cf:af:7d:8f:11:
74:41:42:dd:e5:53:84:c0:de:53:f0:a8:af:21:c6:
45:a8:a5:52:07:d2:5f:4e:07:1f:d9:51:50:50:aa:
58:4c:d5:d9:9e:5f:30:7e:ee:d2:f7:a3:bc:49:7b:
eb:84:b5:4e:3f:bf:bc:5f:27:6a:51:98:16:ed:87:
c5:8b:08:2e:4e:df:d6:b8:c0:84:6e:d8:81:14:35:
eb:8f:be:52:0a:59:b4:e1:e3:3e:c6:21:59:9c:e0:
6a:e7:08:19:a8:65:08:97:61:07:cc:27:33:85:fc:
83:8a:8b:e8:e0:5f:68:1c:63:a8:4f:01:ce:20:c7:
09:b4:da:dc:8f:88:7e:47:6f:05:8e:fe:95:6b:19:
18:ff:82:ba:e5:3d:9b:d3:c6:77:cc:f5:85:c4:b6:
da:f7:4e:af:5b:4b:2a:bb:26:4c:55:6e:2b:aa:46:
7b:05:d9:07:88:e6:30:c2:d8:a7:5a:87:b8:8c:68:
f5:bb:9b:c4:31:4c:69:d3:f4:cf:88:09:00:b4:21:
b7:83:18:0a:0f:d4:7f:74:64:36:cc:94:bd:e7:22:
90:b1:43:53:37:e8:bc:84:3e:a1:55:a6:c0:d2:06:
25:9c:76:82:e7:b4:0e:e2:f4:43:fd:41:dc:0b:bc:
f7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:69:FA:6A:02:AC:4D:CB:27:6D:70:E5:DB:D7:D6:70:6F:E9:F4:22
X509v3 Authority Key Identifier:
keyid:58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/w2n6agKsTcsnbXDl29fWcG_p9CI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.169.190.0/24
85.214.6.0/24
85.214.10.0/24
85.214.12.0/24
85.215.32.0-85.215.79.255
85.215.96.0-85.215.255.255
185.56.148.0/22
192.67.197.0/24
IPv6:
2a01:239::/32
Signature Algorithm: sha256WithRSAEncryption
4f:ef:32:dc:a4:e9:c3:0f:6d:af:10:17:dc:94:1c:dd:8d:f6:
c8:e6:99:ad:5b:a1:5c:c7:16:2a:6f:0b:bc:5c:77:a9:29:e4:
b4:5d:11:c4:cb:b8:f1:47:f0:5f:f3:78:41:a4:d9:15:9c:a2:
00:26:7e:82:7f:c2:44:dc:ae:c6:07:62:83:a6:6d:c1:af:bb:
53:00:24:f5:29:14:eb:c0:90:dd:5a:0b:5b:44:71:d2:64:38:
1f:ed:eb:75:32:ac:57:e3:85:88:ac:7c:e2:28:f9:d6:56:6f:
b5:44:bf:59:b1:e9:50:dc:9c:7a:4f:06:55:b7:13:df:50:6f:
bf:5f:d1:29:ec:3a:f1:02:89:f0:9b:0b:0b:e4:c6:87:4d:ab:
0b:49:cc:f5:94:54:88:06:e6:10:41:9f:87:3b:45:f9:d0:08:
74:d0:a9:50:96:87:e9:0c:76:5a:89:41:b0:cc:7b:c9:44:c6:
60:74:31:5b:bc:15:b4:4f:7b:84:3b:bc:50:2f:0d:1e:9e:c2:
95:d3:a2:d9:16:fe:e3:0e:19:d6:af:d4:99:a8:97:6a:2f:d3:
72:c3:a5:ac:55:65:d0:7f:c7:69:0a:47:db:bc:27:14:55:a4:
fe:f8:7e:02:ad:14:71:fb:82:00:56:21:92:6a:97:4d:1a:fc:
ec:10:71:60
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZHhetTKfn5Iai9C2hJCqY4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZDJkMjcxNWY0M2Y3NDdiZWE3NjJkY2UxNjZiY2E0Yjhl
OTY1ZWIwHhcNMjQwOTExMTQyNjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzY5ZmE2YTAyYWM0ZGNiMjc2ZDcwZTVkYmQ3ZDY3MDZmZTlmNDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6Jav3T8yPiHz699jxF0QULd5VOE
wN5T8KivIcZFqKVSB9JfTgcf2VFQUKpYTNXZnl8wfu7S96O8SXvrhLVOP7+8Xydq
UZgW7YfFiwguTt/WuMCEbtiBFDXrj75SClm04eM+xiFZnOBq5wgZqGUIl2EHzCcz
hfyDiovo4F9oHGOoTwHOIMcJtNrcj4h+R28Fjv6VaxkY/4K65T2b08Z3zPWFxLba
906vW0squyZMVW4rqkZ7BdkHiOYwwtinWoe4jGj1u5vEMUxp0/TPiAkAtCG3gxgK
D9R/dGQ2zJS95yKQsUNTN+i8hD6hVabA0gYlnHaC57QO4vRD/UHcC7z3dwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMNp+moCrE3LJ21w5dvX1nBv6fQiMB8GA1UdIwQY
MBaAFFjS0nFfQ/dHvqdi3OFmvKS46WXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV05MU2NWOUQ5MGUtcDJMYzRXYThwTGpwWmVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kNjdiN2ItYzc5OC00OTAxLTgwZjkt
ZTM4MzQ1MTZmYzA4LzEvdzJuNmFnS3NUY3NuYlhEbDI5ZldjR19wOUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kNjdiN2ItYzc5OC00OTAxLTgwZjktZTM4MzQ1MTZmYzA4
LzEvV05MU2NWOUQ5MGUtcDJMYzRXYThwTGpwWmVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBFBAIAATA/AwQAUam+AwQA
VdYGAwQAVdYKAwQAVdYMMAwDBAVV1yADBARV10AwCwMEBVXXYAMDA1XQAwQCuTiU
AwQAwEPFMA0EAgACMAcDBQAqAQI5MA0GCSqGSIb3DQEBCwUAA4IBAQBP7zLcpOnD
D22vEBfclBzdjfbI5pmtW6FcxxYqbwu8XHepKeS0XRHEy7jxR/Bf83hBpNkVnKIA
Jn6Cf8JE3K7GB2KDpm3Br7tTACT1KRTrwJDdWgtbRHHSZDgf7et1MqxX44WIrHzi
KPnWVm+1RL9ZselQ3Jx6TwZVtxPfUG+/X9Ep7DrxAonwmwsL5MaHTasLScz1lFSI
BuYQQZ+HO0X50Ah00KlQlofpDHZaiUGwzHvJRMZgdDFbvBW0T3uEO7xQLw0ensKV
06LZFv7jDhnWr9SZqJdqL9Nyw6WsVWXQf8dpCkfbvCcUVaT++H4CrRRx+4IAViGS
apdNGvzsEHFg
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:10 2025 by rpki-client