Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/WYq73q2HFJiZEKde_FB6p4qVYyk.roa
File: WYq73q2HFJiZEKde_FB6p4qVYyk.roa (raw, json)
Hash identifier: iWA+PF8Wi+yPi4LPQ48nNNCYZPgGjOnv1ebu0CE/rBg=
Subject key identifier: 59:8A:BB:DE:AD:87:14:98:99:10:A7:5E:FC:50:7A:A7:8A:95:63:29
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 01856FCB894F0953EBEAE955B1A6926EAAA9
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/WYq73q2HFJiZEKde_FB6p4qVYyk.roa
Signing time: Mon 02 Jan 2023 00:04:47 +0000
ROA not before: Mon 02 Jan 2023 00:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51660
IP address blocks: 185.40.166.0/24 maxlen: 24
185.40.164.0/23 maxlen: 24
95.158.150.0/24 maxlen: 24
46.35.172.0/22 maxlen: 24
185.18.228.0/23 maxlen: 24
95.158.132.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:89:4f:09:53:eb:ea:e9:55:b1:a6:92:6e:aa:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 2 00:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=598abbdead8714989910a75efc507aa78a956329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fc:3c:e3:7d:3e:b2:69:38:f7:6c:cd:d8:3b:
b6:96:29:06:20:18:9b:51:bc:d7:6d:d6:12:15:3b:
8e:1a:65:59:d7:0d:91:87:e3:b5:9c:3a:73:af:b8:
38:2c:c8:00:40:5a:44:a2:07:19:dc:bd:0a:f2:0e:
39:f9:80:b2:30:8e:61:55:9e:d9:14:36:0a:6d:1c:
c2:45:5b:94:36:6f:79:ba:65:2e:e8:ad:7f:43:c5:
d4:d0:16:dd:4d:44:2e:2b:b5:a3:2b:c5:0e:52:2a:
8e:bc:2a:d4:b6:50:cd:e0:46:65:ce:60:c0:88:c6:
d3:55:20:60:19:15:58:71:8b:54:f6:c7:35:90:4d:
a1:d6:1a:f8:47:d2:97:a0:2e:de:51:27:06:20:0a:
ec:91:fb:e8:49:53:6c:6d:02:7f:c0:f9:1f:67:54:
7b:fe:1e:f1:54:8c:c3:ff:fa:f9:d7:39:ed:eb:6b:
25:66:f4:00:c3:4a:b8:52:43:ab:9e:fd:ac:ea:ee:
94:43:a1:a8:5c:9f:2d:40:ac:a5:9f:e9:90:cf:9f:
5a:48:58:d1:c0:4d:16:05:f3:7e:e5:9e:d1:fc:14:
b7:57:9b:b8:c8:d4:e5:eb:ee:c7:69:2d:ce:18:c2:
8c:72:cd:2c:2c:31:3f:67:1d:99:09:35:1f:39:d1:
3a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:8A:BB:DE:AD:87:14:98:99:10:A7:5E:FC:50:7A:A7:8A:95:63:29
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/WYq73q2HFJiZEKde_FB6p4qVYyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.35.172.0/22
95.158.132.0/24
95.158.150.0/24
185.18.228.0/23
185.40.164.0-185.40.166.255
Signature Algorithm: sha256WithRSAEncryption
1a:17:30:23:24:af:c7:69:88:e2:e3:d1:26:eb:63:8f:1f:09:
25:fe:47:df:31:67:94:77:c9:ec:e6:18:59:65:3b:0e:47:be:
51:eb:18:7c:be:dc:7f:77:23:e2:32:a9:1a:37:f5:4e:76:9a:
39:13:8f:e0:4d:66:75:c6:60:75:6a:f7:3e:9e:fa:1f:c5:39:
d2:78:15:bb:85:cf:b5:8d:c0:79:fd:9c:41:20:08:c8:05:ce:
28:9b:aa:14:00:c8:fc:59:7f:ec:3c:cc:ae:63:cd:df:e6:9f:
b1:ae:8a:2b:d8:21:2a:a3:03:0b:b6:fe:28:f4:d8:5d:69:70:
32:0b:1d:a6:50:e9:c6:51:9c:45:0f:2e:3b:42:12:86:77:0b:
5c:7d:76:dc:7a:76:c6:c0:cf:90:2e:54:ff:11:72:c5:a8:af:
f1:65:50:ff:e7:68:3a:b3:29:2c:8f:65:5d:9c:66:5d:5d:04:
b9:77:73:f0:f2:60:43:0e:42:b0:6e:35:ce:2e:64:1d:ff:64:
a0:57:51:bd:6c:c5:eb:d7:3c:7c:9e:92:31:33:72:a4:f1:1d:
77:87:21:74:40:34:d4:a1:b6:64:73:e6:80:d5:78:7d:d9:11:
ad:ab:90:26:9c:6b:66:91:f4:6b:31:c9:bb:6b:03:56:59:42:
30:b6:9b:b1
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVvy4lPCVPr6ulVsaaSbqqpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjMwMTAyMDAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OThhYmJkZWFkODcxNDk4OTkxMGE3NWVmYzUwN2FhNzhhOTU2MzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/w8430+smk492zN2Du2likGIBib
UbzXbdYSFTuOGmVZ1w2Rh+O1nDpzr7g4LMgAQFpEogcZ3L0K8g45+YCyMI5hVZ7Z
FDYKbRzCRVuUNm95umUu6K1/Q8XU0BbdTUQuK7WjK8UOUiqOvCrUtlDN4EZlzmDA
iMbTVSBgGRVYcYtU9sc1kE2h1hr4R9KXoC7eUScGIArskfvoSVNsbQJ/wPkfZ1R7
/h7xVIzD//r51znt62slZvQAw0q4UkOrnv2s6u6UQ6GoXJ8tQKyln+mQz59aSFjR
wE0WBfN+5Z7R/BS3V5u4yNTl6+7HaS3OGMKMcs0sLDE/Zx2ZCTUfOdE6KwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFmKu96thxSYmRCnXvxQeqeKlWMpMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvV1lxNzNxMkhGSmlaRUtkZV9GQjZwNHFWWXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCLiOsAwQA
X56EAwQAX56WAwQBuRLkMAwDBAK5KKQDBAC5KKYwDQYJKoZIhvcNAQELBQADggEB
ABoXMCMkr8dpiOLj0SbrY48fCSX+R98xZ5R3yezmGFllOw5HvlHrGHy+3H93I+Iy
qRo39U52mjkTj+BNZnXGYHVq9z6e+h/FOdJ4FbuFz7WNwHn9nEEgCMgFziibqhQA
yPxZf+w8zK5jzd/mn7GuiivYISqjAwu2/ij02F1pcDILHaZQ6cZRnEUPLjtCEoZ3
C1x9dtx6dsbAz5AuVP8RcsWor/FlUP/naDqzKSyPZV2cZl1dBLl3c/DyYEMOQrBu
Nc4uZB3/ZKBXUb1sxevXPHyekjEzcqTxHXeHIXRANNShtmRz5oDVeH3ZEa2rkCac
a2aR9GsxybtrA1ZZQjC2m7E=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:29 2024 by rpki-client on console-ams.rpki-client.org