Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/W8wa8Jk1jvq9INuvorkHJqaZwGE.roa
File: W8wa8Jk1jvq9INuvorkHJqaZwGE.roa (raw, json)
Hash identifier: 0QpuEQj4qwoJsxWL0LQtea2pd8yf6ol4eum3lgT4y70=
Subject key identifier: 5B:CC:1A:F0:99:35:8E:FA:BD:20:DB:AF:A2:B9:07:26:A6:99:C0:61
Certificate issuer: /CN=8c89801b19aa9728ad4f6bb7185c11f14b9d8d7c
Certificate serial: 018AD5B423E70E0E7D9A59EC732D0882DB4F
Authority key identifier: 8C:89:80:1B:19:AA:97:28:AD:4F:6B:B7:18:5C:11:F1:4B:9D:8D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jImAGxmqlyitT2u3GFwR8UudjXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/W8wa8Jk1jvq9INuvorkHJqaZwGE.roa
Signing time: Wed 27 Sep 2023 08:14:27 +0000
ROA not before: Wed 27 Sep 2023 08:14:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5500
IP address blocks: 193.108.218.0/24 maxlen: 24
85.119.112.0/21 maxlen: 21
80.92.144.0/20 maxlen: 20
88.82.128.0/19 maxlen: 19
195.206.192.0/19 maxlen: 19
217.22.80.0/20 maxlen: 20
195.72.114.0/23 maxlen: 23
195.72.113.0/24 maxlen: 24
195.128.250.0/23 maxlen: 23
2a00:1160::/29 maxlen: 29
2a05:aa40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d5:b4:23:e7:0e:0e:7d:9a:59:ec:73:2d:08:82:db:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c89801b19aa9728ad4f6bb7185c11f14b9d8d7c
Validity
Not Before: Sep 27 08:14:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bcc1af099358efabd20dbafa2b90726a699c061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2d:c5:81:3f:27:26:34:0e:a2:ce:fa:9b:be:
31:89:51:76:96:f0:4b:ab:3c:9b:e1:c5:13:04:60:
fe:2b:11:d1:21:07:32:60:28:7b:03:2d:94:2d:0e:
c1:e5:c9:9a:81:a8:a2:bf:94:5d:c2:28:75:ba:7e:
6b:eb:97:55:7a:85:67:e6:45:af:0d:46:87:4b:f4:
5b:2e:bd:9d:a5:17:47:58:69:50:2d:59:f0:fb:17:
b9:a8:0c:60:de:d4:be:68:25:54:56:c5:7f:b3:32:
0a:b4:1e:9e:3f:c8:10:a2:47:01:bd:bb:7c:e2:a9:
04:8b:97:5d:cc:d6:d7:38:74:5d:00:93:d0:f0:8c:
a2:da:a8:d2:16:b0:77:9f:0f:5d:aa:a1:49:c5:39:
99:1d:4b:af:dc:5a:b9:85:d6:1b:37:25:14:e8:57:
6f:76:16:d0:d2:b0:6e:1c:00:ab:c4:da:62:a6:bc:
c6:50:32:3d:b2:4c:bd:6a:3c:44:dd:a3:8b:a2:33:
1b:02:5e:9a:50:2b:1e:d5:44:8b:f9:24:95:ca:cc:
0b:2d:11:dc:96:75:36:fd:4b:50:db:ba:70:33:c3:
4d:7e:db:cb:fe:43:fb:70:0c:df:e8:92:cc:c2:c0:
e8:33:5c:64:2b:08:84:2f:d0:95:08:a2:d2:16:a6:
ed:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:CC:1A:F0:99:35:8E:FA:BD:20:DB:AF:A2:B9:07:26:A6:99:C0:61
X509v3 Authority Key Identifier:
keyid:8C:89:80:1B:19:AA:97:28:AD:4F:6B:B7:18:5C:11:F1:4B:9D:8D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jImAGxmqlyitT2u3GFwR8UudjXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/W8wa8Jk1jvq9INuvorkHJqaZwGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/jImAGxmqlyitT2u3GFwR8UudjXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.92.144.0/20
85.119.112.0/21
88.82.128.0/19
193.108.218.0/24
195.72.113.0-195.72.115.255
195.128.250.0/23
195.206.192.0/19
217.22.80.0/20
IPv6:
2a00:1160::/29
2a05:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
7c:7d:0e:9d:be:74:48:8c:4e:66:4d:0b:bf:ae:ad:78:6d:df:
a2:25:21:36:c7:68:54:c8:b3:57:88:c0:39:11:e6:1d:c4:88:
0e:b8:83:bf:e3:78:76:00:5e:62:23:d9:8f:00:fb:0c:39:ba:
0e:e7:f0:80:21:4e:3e:7f:06:0e:16:4d:0c:ac:48:02:35:90:
1c:4e:57:80:44:96:63:7e:82:ec:36:0e:02:57:56:06:88:fd:
48:b4:df:9d:75:05:60:45:58:cf:48:d2:a6:ef:15:6a:3c:bd:
04:59:3f:51:71:66:2a:fc:d3:a4:8b:50:b6:21:54:f1:3e:5b:
76:e8:12:74:ea:ac:d9:e7:1c:f2:7b:ee:95:2e:cf:e2:dc:88:
2d:d5:cf:88:fc:e6:46:53:1a:35:47:62:3c:81:61:4e:fb:26:
ff:6c:0e:3d:8a:e5:89:f3:ab:12:a2:7d:b6:fa:37:ae:9f:d2:
fb:4e:f5:a4:f6:ff:fe:f5:cf:fa:18:b5:2a:a7:47:dc:c0:c8:
18:18:f0:e2:58:44:2c:d4:9b:a9:c7:a0:85:0e:47:97:89:14:
93:2a:cc:70:e9:66:7f:9b:bd:d9:5c:19:1f:29:08:40:c6:0e:
18:d7:ea:63:27:25:0e:24:f5:56:bd:d9:78:f9:84:17:a8:15:
80:84:87:14
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYrVtCPnDg59mlnscy0IgttPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjODk4MDFiMTlhYTk3MjhhZDRmNmJiNzE4NWMxMWYxNGI5
ZDhkN2MwHhcNMjMwOTI3MDgxNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmNjMWFmMDk5MzU4ZWZhYmQyMGRiYWZhMmI5MDcyNmE2OTljMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArC3FgT8nJjQOos76m74xiVF2lvBL
qzyb4cUTBGD+KxHRIQcyYCh7Ay2ULQ7B5cmagaiiv5Rdwih1un5r65dVeoVn5kWv
DUaHS/RbLr2dpRdHWGlQLVnw+xe5qAxg3tS+aCVUVsV/szIKtB6eP8gQokcBvbt8
4qkEi5ddzNbXOHRdAJPQ8Iyi2qjSFrB3nw9dqqFJxTmZHUuv3Fq5hdYbNyUU6Fdv
dhbQ0rBuHACrxNpiprzGUDI9sky9ajxE3aOLojMbAl6aUCse1USL+SSVyswLLRHc
lnU2/UtQ27pwM8NNftvL/kP7cAzf6JLMwsDoM1xkKwiEL9CVCKLSFqbt+QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFFvMGvCZNY76vSDbr6K5ByammcBhMB8GA1UdIwQY
MBaAFIyJgBsZqpcorU9rtxhcEfFLnY18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakltQUd4bXFseWl0VDJ1M0dGd1I4VXVkalh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8zMDY2Y2EtZTAxNy00ZjYxLWFkYzUt
NzI4ZTk5NjdkYWNhLzEvVzh3YThKazFqdnE5SU51dm9ya0hKcWFad0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8zMDY2Y2EtZTAxNy00ZjYxLWFkYzUtNzI4ZTk5NjdkYWNh
LzEvakltQUd4bXFseWl0VDJ1M0dGd1I4VXVkalh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQEUFyQAwQD
VXdwAwQFWFKAAwQAwWzaMAwDBADDSHEDBALDSHADBAHDgPoDBAXDzsADBATZFlAw
FAQCAAIwDgMFAyoAEWADBQMqBapAMA0GCSqGSIb3DQEBCwUAA4IBAQB8fQ6dvnRI
jE5mTQu/rq14bd+iJSE2x2hUyLNXiMA5EeYdxIgOuIO/43h2AF5iI9mPAPsMOboO
5/CAIU4+fwYOFk0MrEgCNZAcTleARJZjfoLsNg4CV1YGiP1ItN+ddQVgRVjPSNKm
7xVqPL0EWT9RcWYq/NOki1C2IVTxPlt26BJ06qzZ5xzye+6VLs/i3Igt1c+I/OZG
Uxo1R2I8gWFO+yb/bA49iuWJ86sSon22+jeun9L7TvWk9v/+9c/6GLUqp0fcwMgY
GPDiWEQs1Jupx6CFDkeXiRSTKsxw6WZ/m73ZXBkfKQhAxg4Y1+pjJyUOJPVWvdl4
+YQXqBWAhIcU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:27 2024 by rpki-client on console-fra.rpki-client.org