Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/wqk8SUG7ZF_-oneY2qlnZLgeFfc.roa
File: wqk8SUG7ZF_-oneY2qlnZLgeFfc.roa (raw, json)
Hash identifier: X6E0MWyPwATOF8VrCveIRrN6C+PVuQ2Z0gu0ebFgx1c=
Subject key identifier: C2:A9:3C:49:41:BB:64:5F:FE:A2:77:98:DA:A9:67:64:B8:1E:15:F7
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 018D45C4C435B1C5FA5F27ED6F92572C8AB0
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/wqk8SUG7ZF_-oneY2qlnZLgeFfc.roa
Signing time: Fri 26 Jan 2024 12:35:39 +0000
ROA not before: Fri 26 Jan 2024 12:35:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21155
IP address blocks: 80.84.224.0/19 maxlen: 19
81.4.64.0/19 maxlen: 19
81.4.96.0/22 maxlen: 22
81.4.112.0/22 maxlen: 22
81.4.116.0/22 maxlen: 22
83.96.128.0/17 maxlen: 17
85.158.248.0/22 maxlen: 22
85.158.252.0/23 maxlen: 23
91.142.240.0/20 maxlen: 20
91.205.32.0/22 maxlen: 22
91.216.162.0/24 maxlen: 24
185.95.68.0/22 maxlen: 22
193.93.172.0/22 maxlen: 22
193.242.119.0/24 maxlen: 24
2001:828::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 17 Apr 2024 07:36:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:c4:c4:35:b1:c5:fa:5f:27:ed:6f:92:57:2c:8a:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 26 12:35:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2a93c4941bb645ffea27798daa96764b81e15f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:24:14:39:f5:4c:60:65:be:38:84:df:de:c4:
36:dd:2b:9b:10:d2:e0:a3:64:34:c2:7a:52:99:8a:
19:42:7f:b7:af:06:f5:78:8e:c4:a4:9f:77:10:80:
7f:c5:cd:e6:29:07:cc:4a:b5:d2:3b:f6:d6:ef:4c:
20:c0:82:f4:c1:9a:35:1c:67:27:82:af:28:0c:24:
e5:1d:4c:76:fb:b3:b3:ac:47:db:2b:98:db:95:d8:
1d:a1:d5:79:15:92:b5:cd:b4:62:49:ff:d2:b1:77:
c3:05:b3:9d:0d:9c:68:e7:f4:50:0e:82:f8:43:16:
b1:74:1d:67:94:9d:60:c4:80:31:6e:e8:eb:c3:d4:
bb:52:df:9e:e6:74:09:79:91:da:73:32:f2:e7:cc:
08:60:e5:ec:17:23:0b:ef:ba:ce:4e:0a:55:b7:c6:
53:7d:34:8e:f0:c0:f5:dc:79:2e:b1:d3:67:02:97:
f7:b0:61:b8:e4:08:83:32:83:f7:fa:0c:51:be:e8:
84:66:19:94:29:40:47:ea:ba:c0:f0:cf:10:d5:0b:
0f:6a:bc:97:08:26:34:ee:01:b8:75:90:6f:b6:b8:
6b:2a:ec:ea:f4:67:98:f3:89:dc:ba:b1:84:11:de:
3d:fe:8d:dc:19:bf:bc:e6:d8:5b:fc:63:e6:af:47:
93:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:A9:3C:49:41:BB:64:5F:FE:A2:77:98:DA:A9:67:64:B8:1E:15:F7
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/wqk8SUG7ZF_-oneY2qlnZLgeFfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.224.0/19
81.4.64.0-81.4.99.255
81.4.112.0/21
83.96.128.0/17
85.158.248.0-85.158.253.255
91.142.240.0/20
91.205.32.0/22
91.216.162.0/24
185.95.68.0/22
193.93.172.0/22
193.242.119.0/24
IPv6:
2001:828::/32
Signature Algorithm: sha256WithRSAEncryption
84:8f:61:41:3e:8b:ab:c0:80:c1:85:50:86:ac:e1:8f:61:b1:
82:4b:6d:0a:f6:e7:f5:40:ff:15:d7:0a:77:37:35:12:a1:8f:
56:16:ba:11:0a:7a:eb:f5:d2:17:31:04:f2:f5:d9:42:f7:9b:
19:34:87:93:0e:b9:0e:79:dc:ca:21:29:f8:ab:a0:d8:f4:cc:
6f:ed:50:d0:b4:1f:b1:20:94:65:09:c8:16:6c:b3:0e:b5:c9:
74:fb:12:a1:d9:0b:41:31:44:5a:42:81:25:04:b9:cc:97:e4:
1c:0c:b2:63:97:97:4a:48:07:a3:c2:de:e9:67:18:07:22:5c:
0f:92:4b:bd:ce:19:9c:bf:6d:68:58:6f:fe:b0:26:64:0e:ae:
f6:2d:94:3b:5c:d4:5c:97:fc:04:eb:c6:08:96:9e:0b:97:f4:
4d:44:8b:7b:95:b9:eb:17:c9:b2:fa:0d:3b:01:b4:ac:9c:05:
53:9f:06:14:d0:5a:e8:ab:37:bf:3f:06:45:19:f2:48:a5:7b:
93:97:9c:39:ec:57:6e:cb:80:7a:15:64:73:d4:ac:87:60:96:
fc:27:d0:35:c8:7c:3a:c0:15:a2:c2:c5:d7:92:5e:61:e6:34:
40:08:1c:6f:60:9f:14:3f:ea:5f:47:4f:96:4b:81:b8:36:9b:
70:58:7e:1b
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAY1FxMQ1scX6Xyftb5JXLIqwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjQwMTI2MTIzNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmE5M2M0OTQxYmI2NDVmZmVhMjc3OThkYWE5Njc2NGI4MWUxNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSQUOfVMYGW+OITf3sQ23SubENLg
o2Q0wnpSmYoZQn+3rwb1eI7EpJ93EIB/xc3mKQfMSrXSO/bW70wgwIL0wZo1HGcn
gq8oDCTlHUx2+7OzrEfbK5jbldgdodV5FZK1zbRiSf/SsXfDBbOdDZxo5/RQDoL4
QxaxdB1nlJ1gxIAxbujrw9S7Ut+e5nQJeZHaczLy58wIYOXsFyML77rOTgpVt8ZT
fTSO8MD13HkusdNnApf3sGG45AiDMoP3+gxRvuiEZhmUKUBH6rrA8M8Q1QsParyX
CCY07gG4dZBvtrhrKuzq9GeY84ncurGEEd49/o3cGb+85thb/GPmr0eTXwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFMKpPElBu2Rf/qJ3mNqpZ2S4HhX3MB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvd3FrOFNVRzdaRl8tb25lWTJxbG5aTGdlRmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQFUFTgMAwD
BAZRBEADBAJRBGADBANRBHADBAdTYIAwDAMEA1We+AMEAVWe/AMEBFuO8AMEAlvN
IAMEAFvYogMEArlfRAMEAsFdrAMEAMHydzANBAIAAjAHAwUAIAEIKDANBgkqhkiG
9w0BAQsFAAOCAQEAhI9hQT6Lq8CAwYVQhqzhj2GxgkttCvbn9UD/FdcKdzc1EqGP
Vha6EQp66/XSFzEE8vXZQvebGTSHkw65DnncyiEp+Kug2PTMb+1Q0LQfsSCUZQnI
FmyzDrXJdPsSodkLQTFEWkKBJQS5zJfkHAyyY5eXSkgHo8Le6WcYByJcD5JLvc4Z
nL9taFhv/rAmZA6u9i2UO1zUXJf8BOvGCJaeC5f0TUSLe5W56xfJsvoNOwG0rJwF
U58GFNBa6Ks3vz8GRRnySKV7k5ecOexXbsuAehVkc9Ssh2CW/CfQNch8OsAVosLF
15JeYeY0QAgcb2CfFD/qX0dPlkuBuDabcFh+Gw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:04 2024 by rpki-client on console-ams.rpki-client.org