Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/W8ky-24q-NHAGLZiiS3pd1vXS3c.roa
File: W8ky-24q-NHAGLZiiS3pd1vXS3c.roa (raw, json)
Hash identifier: PsLeT0qSU/ec/2E4CUpJ5KlxuNlpwZyC+fMpkjU4NoM=
Subject key identifier: 5B:C9:32:FB:6E:2A:F8:D1:C0:18:B6:62:89:2D:E9:77:5B:D7:4B:77
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 018EE2371EA4934456DE9A8395E6D612B2B9
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/W8ky-24q-NHAGLZiiS3pd1vXS3c.roa
Signing time: Mon 15 Apr 2024 14:44:06 +0000
ROA not before: Mon 15 Apr 2024 14:44:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 86.104.199.0/24 maxlen: 24
86.105.58.0/24 maxlen: 24
89.35.14.0/24 maxlen: 24
93.117.131.0/24 maxlen: 24
93.119.144.0/24 maxlen: 24
93.119.232.0/24 maxlen: 24
94.176.72.0/23 maxlen: 24
94.176.74.0/24 maxlen: 24
94.176.79.0/24 maxlen: 24
188.209.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 13:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e2:37:1e:a4:93:44:56:de:9a:83:95:e6:d6:12:b2:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Apr 15 14:44:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5bc932fb6e2af8d1c018b662892de9775bd74b77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b3:9c:dc:61:83:ff:23:79:39:30:47:45:38:
57:ba:7c:30:52:d9:55:a4:e2:9a:b6:1f:c4:90:bd:
8f:fc:9a:7e:c5:8e:c8:74:46:14:e0:3a:32:4b:70:
51:26:0d:bb:af:ac:0e:89:e4:b1:3a:8b:a0:7a:19:
0e:33:20:ad:6a:7e:13:c6:bb:19:76:04:92:cb:8f:
d3:5c:aa:8a:c6:c6:70:37:56:0b:bb:d6:de:f6:55:
2e:11:58:52:30:95:6e:55:1a:f1:b9:77:3a:fc:36:
8f:a9:cb:e7:cb:a6:65:ec:e8:ac:4a:6d:c2:42:36:
c4:ea:ea:2d:eb:7b:d6:a1:71:87:65:95:fa:94:70:
31:7b:78:fd:e3:35:47:0a:b7:99:14:2d:b1:36:75:
be:94:18:fd:36:5e:8c:3c:46:01:7c:4c:86:52:80:
a2:a0:13:4a:d1:08:62:3b:88:4d:39:5e:8d:ad:ac:
c6:24:cb:b0:d8:53:20:f2:20:e8:5f:2c:56:6a:65:
26:43:f2:d0:66:e7:77:e3:38:b0:a0:3f:6b:ed:7e:
76:99:91:c6:af:a0:59:78:38:a3:35:0f:96:e6:4c:
f2:0f:3e:00:9d:6e:eb:0e:37:b5:04:95:eb:ce:30:
cd:4e:50:f6:43:14:c2:da:5f:65:9c:a3:09:58:03:
bb:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:C9:32:FB:6E:2A:F8:D1:C0:18:B6:62:89:2D:E9:77:5B:D7:4B:77
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/W8ky-24q-NHAGLZiiS3pd1vXS3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.199.0/24
86.105.58.0/24
89.35.14.0/24
93.117.131.0/24
93.119.144.0/24
93.119.232.0/24
94.176.72.0-94.176.74.255
94.176.79.0/24
188.209.223.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:47:4b:ab:da:fa:93:a6:ba:67:aa:24:0a:80:e0:f9:c8:93:
1e:af:10:c1:ad:fc:97:5c:95:b7:73:24:4e:f4:49:fc:6a:af:
58:c0:4c:7b:f3:84:87:61:51:ea:1d:47:9a:87:8d:7b:71:c0:
11:0f:6f:e5:8a:a1:35:6c:8c:4f:50:a2:ff:7d:72:cd:73:df:
a9:2f:48:7f:42:59:f4:07:2c:f9:c8:7a:0f:73:f7:69:2d:9c:
8f:a5:ed:3d:28:a5:8f:ca:ee:90:bf:19:94:00:ba:43:b7:53:
9c:26:a9:7b:f7:40:3c:02:43:5a:39:96:86:a6:97:2d:21:b7:
39:e2:52:55:56:c9:df:4e:46:47:49:f2:aa:6e:17:17:2e:7d:
8c:8e:af:77:dd:d5:d8:42:9d:70:73:a7:b2:26:5f:91:4e:b7:
0a:31:40:04:b0:23:49:af:f7:ac:ed:41:ea:0b:0d:c6:5a:63:
d2:bb:e1:53:d9:af:93:ae:17:0e:d0:64:3e:96:c7:78:52:ac:
58:e1:9a:ba:22:86:35:5e:e6:91:bd:e3:bb:56:b5:7b:e6:89:
2d:29:e9:e2:5e:fc:e7:db:fd:e9:e6:4f:ec:3c:33:ef:26:c3:
c3:24:19:32:03:2a:3e:c3:ae:4e:41:d4:83:f4:6b:02:54:9f:
b8:43:ce:eb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAY7iNx6kk0RW3pqDlebWErK5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjQwNDE1MTQ0NDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmM5MzJmYjZlMmFmOGQxYzAxOGI2NjI4OTJkZTk3NzViZDc0Yjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLOc3GGD/yN5OTBHRThXunwwUtlV
pOKath/EkL2P/Jp+xY7IdEYU4DoyS3BRJg27r6wOieSxOougehkOMyCtan4TxrsZ
dgSSy4/TXKqKxsZwN1YLu9be9lUuEVhSMJVuVRrxuXc6/DaPqcvny6Zl7OisSm3C
QjbE6uot63vWoXGHZZX6lHAxe3j94zVHCreZFC2xNnW+lBj9Nl6MPEYBfEyGUoCi
oBNK0QhiO4hNOV6NrazGJMuw2FMg8iDoXyxWamUmQ/LQZud34ziwoD9r7X52mZHG
r6BZeDijNQ+W5kzyDz4AnW7rDje1BJXrzjDNTlD2QxTC2l9lnKMJWAO79QIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFFvJMvtuKvjRwBi2Yokt6Xdb10t3MB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvVzhreS0yNHEtTkhBR0xaaWlTM3BkMXZYUzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAVmjHAwQA
Vmk6AwQAWSMOAwQAXXWDAwQAXXeQAwQAXXfoMAwDBANesEgDBABesEoDBABesE8D
BAC80d8wDQYJKoZIhvcNAQELBQADggEBACtHS6va+pOmumeqJAqA4PnIkx6vEMGt
/JdclbdzJE70Sfxqr1jATHvzhIdhUeodR5qHjXtxwBEPb+WKoTVsjE9Qov99cs1z
36kvSH9CWfQHLPnIeg9z92ktnI+l7T0opY/K7pC/GZQAukO3U5wmqXv3QDwCQ1o5
loamly0htzniUlVWyd9ORkdJ8qpuFxcufYyOr3fd1dhCnXBzp7ImX5FOtwoxQASw
I0mv96ztQeoLDcZaY9K74VPZr5OuFw7QZD6Wx3hSrFjhmroihjVe5pG947tWtXvm
iS0p6eJe/Ofb/enmT+w8M+8mw8MkGTIDKj7Drk5B1IP0awJUn7hDzus=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:51 2025 by rpki-client