Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/iWSclaQZfzj2yBVklMeVJtwA-b4.roa
File: iWSclaQZfzj2yBVklMeVJtwA-b4.roa (raw, json)
Hash identifier: KGyBwxv+pFbuNuME3l7CVzDq3RcoaEHFb3Fm2d3SdMw=
Subject key identifier: 89:64:9C:95:A4:19:7F:38:F6:C8:15:64:94:C7:95:26:DC:00:F9:BE
Certificate issuer: /CN=3be2f0164b66a76795860b4ea3586fad563bac47
Certificate serial: 01856D13A7695A4FE63BFEDD5DBAC7E536D0
Authority key identifier: 3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/iWSclaQZfzj2yBVklMeVJtwA-b4.roa
Signing time: Sun 01 Jan 2023 11:24:42 +0000
ROA not before: Sun 01 Jan 2023 11:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206264
IP address blocks: 5.183.209.0/24 maxlen: 24
185.191.125.0/24 maxlen: 24
185.191.124.0/24 maxlen: 24
89.249.49.0/24 maxlen: 24
185.191.126.0/24 maxlen: 24
93.123.72.0/24 maxlen: 24
94.156.33.0/24 maxlen: 24
185.191.127.0/24 maxlen: 24
45.139.122.0/24 maxlen: 24
2a0d:1000::/30 maxlen: 30
2a0d:1000::/29 maxlen: 29
2a0d:1004::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 20 Feb 2023 14:46:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:a7:69:5a:4f:e6:3b:fe:dd:5d:ba:c7:e5:36:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3be2f0164b66a76795860b4ea3586fad563bac47
Validity
Not Before: Jan 1 11:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89649c95a4197f38f6c8156494c79526dc00f9be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:dd:9f:23:7c:8b:61:cc:d7:f7:a4:2d:71:52:
3f:86:3a:2f:de:fc:74:fb:d8:41:b1:f0:9c:b8:37:
2d:75:53:8c:fc:95:af:72:17:e0:4f:16:b3:87:f5:
0e:ea:46:91:1c:ce:d8:e9:12:0d:9e:65:26:01:8c:
90:aa:29:ed:9d:8c:d5:92:17:d6:34:11:71:7c:60:
26:13:a2:2d:4d:84:5d:11:6f:3b:74:83:85:45:30:
9d:73:17:77:b2:95:5c:fd:ae:81:b1:22:ec:cb:40:
ec:c3:85:f3:b5:16:76:55:fe:a9:91:20:fe:1a:13:
44:c7:79:64:00:29:2d:ae:a4:1f:12:77:67:e4:29:
b6:32:5e:a3:ca:a6:a5:b2:a5:7f:01:0c:52:a3:24:
2e:2f:b8:d0:d2:b6:f6:38:af:bd:ff:55:64:55:50:
6b:91:d1:e1:43:8b:f5:72:fe:a0:00:94:76:f8:58:
f9:d8:87:8d:1d:dd:7c:6d:a5:06:16:93:8a:e4:af:
eb:60:7a:0f:7c:4c:3c:22:27:52:dc:72:73:a4:e0:
2a:c1:f6:8b:b8:a1:24:a3:96:3a:37:d6:53:bb:e8:
47:38:ca:77:df:bd:25:2d:15:52:3b:16:c0:cc:4e:
ec:95:be:e9:2e:33:e3:ac:38:32:81:5e:98:49:a3:
4e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:64:9C:95:A4:19:7F:38:F6:C8:15:64:94:C7:95:26:DC:00:F9:BE
X509v3 Authority Key Identifier:
keyid:3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/iWSclaQZfzj2yBVklMeVJtwA-b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.209.0/24
45.139.122.0/24
89.249.49.0/24
93.123.72.0/24
94.156.33.0/24
185.191.124.0/22
IPv6:
2a0d:1000::/29
Signature Algorithm: sha256WithRSAEncryption
b0:51:9c:4b:9a:3e:54:e7:d1:f5:18:c4:35:7d:c7:86:86:9f:
a6:b3:12:52:d7:b3:3d:78:c5:03:1a:4e:a0:f2:2b:e1:49:07:
e8:ff:ce:0a:85:5f:b3:e2:54:76:5a:20:4c:61:d3:38:1d:ed:
b4:68:b7:d8:a5:25:85:16:48:3d:a8:66:54:e9:db:e2:7a:12:
34:14:0f:6c:1b:db:64:74:e1:66:87:f4:f0:5e:70:11:bb:1a:
1e:e7:d3:8d:a4:40:5f:f2:49:82:21:e8:dd:71:31:9b:45:c8:
cc:92:66:54:e7:79:39:a4:3a:99:7a:86:28:ca:a0:49:4f:7c:
1c:23:00:a5:6c:15:26:db:7c:ed:db:38:c4:46:8f:d1:3a:53:
7a:a6:54:73:42:bd:ec:db:a9:53:0a:93:26:23:f2:0f:9c:8e:
ec:1c:70:20:91:b8:69:71:fc:e3:dd:29:ec:36:f5:fe:f4:3b:
cc:b5:67:5c:94:d3:9e:0f:ab:96:c2:09:ce:1f:94:a6:dd:0e:
07:03:6a:2a:a8:8e:6d:58:2b:3d:f7:01:a4:25:19:1d:cd:f5:
08:de:00:b2:a1:cc:1d:ce:93:9e:a8:5b:fe:a4:2b:34:0d:14:
7c:cb:e3:33:9a:b3:28:3f:b8:3e:2d:74:04:72:55:e0:11:03:
9f:c7:5c:16
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVtE6dpWk/mO/7dXbrH5TbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZTJmMDE2NGI2NmE3Njc5NTg2MGI0ZWEzNTg2ZmFkNTYz
YmFjNDcwHhcNMjMwMTAxMTEyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTY0OWM5NWE0MTk3ZjM4ZjZjODE1NjQ5NGM3OTUyNmRjMDBmOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlN2fI3yLYczX96QtcVI/hjov3vx0
+9hBsfCcuDctdVOM/JWvchfgTxazh/UO6kaRHM7Y6RINnmUmAYyQqintnYzVkhfW
NBFxfGAmE6ItTYRdEW87dIOFRTCdcxd3spVc/a6BsSLsy0Dsw4XztRZ2Vf6pkSD+
GhNEx3lkACktrqQfEndn5Cm2Ml6jyqalsqV/AQxSoyQuL7jQ0rb2OK+9/1VkVVBr
kdHhQ4v1cv6gAJR2+Fj52IeNHd18baUGFpOK5K/rYHoPfEw8IidS3HJzpOAqwfaL
uKEko5Y6N9ZTu+hHOMp3370lLRVSOxbAzE7slb7pLjPjrDgygV6YSaNOXQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIlknJWkGX849sgVZJTHlSbcAPm+MB8GA1UdIwQY
MBaAFDvi8BZLZqdnlYYLTqNYb61WO6xHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYt
ZjlhZDM4MDUxMjIwLzEvaVdTY2xhUVpmemoyeUJWa2xNZVZKdHdBLWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYtZjlhZDM4MDUxMjIw
LzEvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQABbfRAwQA
LYt6AwQAWfkxAwQAXXtIAwQAXpwhAwQCub98MA0EAgACMAcDBQMqDRAAMA0GCSqG
SIb3DQEBCwUAA4IBAQCwUZxLmj5U59H1GMQ1fceGhp+msxJS17M9eMUDGk6g8ivh
SQfo/84KhV+z4lR2WiBMYdM4He20aLfYpSWFFkg9qGZU6dviehI0FA9sG9tkdOFm
h/TwXnARuxoe59ONpEBf8kmCIejdcTGbRcjMkmZU53k5pDqZeoYoyqBJT3wcIwCl
bBUm23zt2zjERo/ROlN6plRzQr3s26lTCpMmI/IPnI7sHHAgkbhpcfzj3SnsNvX+
9DvMtWdclNOeD6uWwgnOH5Sm3Q4HA2oqqI5tWCs99wGkJRkdzfUI3gCyocwdzpOe
qFv+pCs0DRR8y+MzmrMoP7g+LXQEclXgEQOfx1wW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:17 2024 by rpki-client on console-fra.rpki-client.org