Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/WvUN4Jw-e6YAHSnBkkIBugpm5nE.roa
File: WvUN4Jw-e6YAHSnBkkIBugpm5nE.roa (raw, json)
Hash identifier: eFqUypa3GgfAZVWaJFiuN/2zUp6hmMnMZm8GXc3wv1g=
Subject key identifier: 5A:F5:0D:E0:9C:3E:7B:A6:00:1D:29:C1:92:42:01:BA:0A:66:E6:71
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 0185703059899EC64CB421CFB54C7EA7B503
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/WvUN4Jw-e6YAHSnBkkIBugpm5nE.roa
Signing time: Mon 02 Jan 2023 01:54:54 +0000
ROA not before: Mon 02 Jan 2023 01:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5588
IP address blocks: 195.70.32.0/19 maxlen: 19
217.20.128.0/20 maxlen: 20
195.56.202.0/23 maxlen: 23
195.56.203.0/24 maxlen: 24
84.2.79.0/24 maxlen: 24
217.116.32.0/20 maxlen: 20
194.149.0.0/19 maxlen: 19
195.56.0.0/16 maxlen: 16
91.120.0.0/16 maxlen: 16
194.88.32.0/19 maxlen: 19
194.88.37.0/24 maxlen: 24
2a00:10d0::/32 maxlen: 32
2a02:738::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:59:89:9e:c6:4c:b4:21:cf:b5:4c:7e:a7:b5:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 01:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5af50de09c3e7ba6001d29c1924201ba0a66e671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:db:c6:7f:eb:48:f1:a5:42:64:4b:ad:01:3c:
01:c0:8d:17:d0:e9:e4:42:81:02:8c:e0:79:46:ac:
e4:cf:b2:0c:08:6f:b3:d3:5d:73:dd:dc:bf:25:24:
64:91:8e:f5:15:e4:82:ce:93:de:6f:2e:a2:73:63:
44:75:3d:6f:cf:ac:f1:e8:24:fe:d4:49:3c:1f:d8:
89:c5:6d:44:76:1c:31:cb:e1:ce:8f:8d:f4:8d:da:
a9:16:33:a4:9e:ba:22:07:3c:04:d6:7e:51:6e:aa:
51:f6:71:95:33:bd:fc:5e:7a:f7:5e:ad:eb:1e:1b:
8e:90:9a:fb:4f:b5:ca:b7:fc:4f:5a:9e:01:32:b5:
4c:19:1e:04:91:e1:78:f3:f7:79:c8:2e:26:db:70:
7b:95:ab:40:47:8a:fd:c7:e3:e6:57:00:16:4d:a8:
cb:94:80:90:ad:8a:6a:89:3c:4b:d2:59:5b:2e:8b:
af:01:f7:07:94:c3:b7:7f:a2:8d:42:fa:ca:26:7e:
4e:7c:c6:a8:d9:ec:1e:4f:bd:c4:61:5f:af:ea:5e:
4e:1b:5b:91:f4:b9:f0:6c:f7:30:36:b5:f4:f3:c1:
fd:af:8e:56:41:f7:30:1d:bd:a7:6e:59:b6:43:ea:
5d:69:13:5f:1d:4e:f7:98:7e:87:c8:cd:cb:83:7d:
75:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:F5:0D:E0:9C:3E:7B:A6:00:1D:29:C1:92:42:01:BA:0A:66:E6:71
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/WvUN4Jw-e6YAHSnBkkIBugpm5nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.2.79.0/24
91.120.0.0/16
194.88.32.0/19
194.149.0.0/19
195.56.0.0/16
195.70.32.0/19
217.20.128.0/20
217.116.32.0/20
IPv6:
2a00:10d0::/32
2a02:738::/32
Signature Algorithm: sha256WithRSAEncryption
13:0f:6d:75:62:b0:bf:ad:5e:24:bd:10:a9:15:d3:a0:2f:68:
d1:0e:6f:3d:94:87:a8:df:e8:8e:83:04:b2:d9:95:c7:ac:f2:
aa:02:02:e0:be:77:7a:d8:d4:f5:0e:b3:93:51:3c:85:f8:07:
00:a1:2e:5f:3a:b2:7d:61:47:6b:42:16:2a:d1:f3:c9:6a:d8:
21:65:59:a8:a3:41:89:50:88:bb:0f:9c:85:37:34:80:38:bc:
76:76:63:8d:32:75:78:8b:61:63:2a:e0:9c:63:1b:f9:9b:1f:
bb:ab:4a:99:17:ef:aa:88:8e:10:0b:79:2f:c3:44:d9:10:58:
c1:8c:a5:ba:4b:3c:3d:83:bf:d9:28:3d:1b:b7:a3:d6:64:be:
c0:ba:4f:88:f7:9c:2a:f2:57:43:cb:6d:1a:2e:ec:d1:57:46:
5e:fc:03:94:53:b9:64:bc:15:da:16:a1:5f:ef:45:c0:ac:18:
bd:c7:ea:2e:61:cc:8a:f2:08:a8:87:af:64:aa:4f:f9:bb:12:
59:57:80:eb:b9:28:4e:18:ae:d4:4d:8e:dd:b9:2a:42:2f:d0:
05:16:3b:60:8d:a7:ed:ae:83:92:c9:07:af:5c:aa:21:c0:70:
d4:2f:57:53:f2:0e:37:3b:6c:e0:33:70:62:61:82:a6:1a:e2:
72:19:58:f0
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYVwMFmJnsZMtCHPtUx+p7UDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjMwMTAyMDE1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWY1MGRlMDljM2U3YmE2MDAxZDI5YzE5MjQyMDFiYTBhNjZlNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49vGf+tI8aVCZEutATwBwI0X0Onk
QoECjOB5Rqzkz7IMCG+z011z3dy/JSRkkY71FeSCzpPeby6ic2NEdT1vz6zx6CT+
1Ek8H9iJxW1Edhwxy+HOj430jdqpFjOknroiBzwE1n5RbqpR9nGVM738Xnr3Xq3r
HhuOkJr7T7XKt/xPWp4BMrVMGR4EkeF48/d5yC4m23B7latAR4r9x+PmVwAWTajL
lICQrYpqiTxL0llbLouvAfcHlMO3f6KNQvrKJn5OfMao2eweT73EYV+v6l5OG1uR
9LnwbPcwNrX088H9r45WQfcwHb2nblm2Q+pdaRNfHU73mH6HyM3Lg311hQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFFr1DeCcPnumAB0pwZJCAboKZuZxMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvV3ZVTjRKdy1lNllBSFNuQmtrSUJ1Z3BtNW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDA0BAIAATAuAwQAVAJPAwMA
W3gDBAXCWCADBAXClQADAwDDOAMEBcNGIAMEBNkUgAMEBNl0IDAUBAIAAjAOAwUA
KgAQ0AMFACoCBzgwDQYJKoZIhvcNAQELBQADggEBABMPbXVisL+tXiS9EKkV06Av
aNEObz2Uh6jf6I6DBLLZlces8qoCAuC+d3rY1PUOs5NRPIX4BwChLl86sn1hR2tC
FirR88lq2CFlWaijQYlQiLsPnIU3NIA4vHZ2Y40ydXiLYWMq4JxjG/mbH7urSpkX
76qIjhALeS/DRNkQWMGMpbpLPD2Dv9koPRu3o9ZkvsC6T4j3nCryV0PLbRou7NFX
Rl78A5RTuWS8FdoWoV/vRcCsGL3H6i5hzIryCKiHr2SqT/m7EllXgOu5KE4YrtRN
jt25KkIv0AUWO2CNp+2ug5LJB69cqiHAcNQvV1PyDjc7bOAzcGJhgqYa4nIZWPA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org