Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/w0g5n0uFDNspPjOa6qALqzevVVk.roa
File: w0g5n0uFDNspPjOa6qALqzevVVk.roa (raw, json)
Hash identifier: ISQfPPFBYTFy0MTKnk3xccDGTeUTrvoVEeq6dfUo/+k=
Subject key identifier: C3:48:39:9F:4B:85:0C:DB:29:3E:33:9A:EA:A0:0B:AB:37:AF:55:59
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 01856D0AE3B10E07C9620AF9FB408E512715
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/w0g5n0uFDNspPjOa6qALqzevVVk.roa
Signing time: Sun 01 Jan 2023 11:15:08 +0000
ROA not before: Sun 01 Jan 2023 11:15:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5480
IP address blocks: 195.208.224.0/22 maxlen: 22
195.208.232.0/23 maxlen: 23
195.208.239.0/24 maxlen: 24
195.208.240.0/23 maxlen: 23
195.208.237.0/24 maxlen: 24
195.208.244.0/22 maxlen: 22
195.208.243.0/24 maxlen: 24
195.208.248.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:e3:b1:0e:07:c9:62:0a:f9:fb:40:8e:51:27:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:15:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c348399f4b850cdb293e339aeaa00bab37af5559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bd:e3:f0:ff:70:b7:21:09:1f:dd:50:40:1f:
fb:07:1c:ea:3b:48:96:05:73:ee:dd:39:83:16:98:
c2:1c:78:84:76:c3:51:9f:57:84:a1:43:f0:55:44:
b2:8a:6d:8c:bd:de:e0:66:2f:fc:79:12:9f:ac:82:
17:2a:69:9b:01:5f:7c:1d:88:c9:52:bf:98:f8:d9:
19:3a:bf:fd:65:d6:4b:27:2a:18:a7:ae:77:00:ea:
80:76:c0:08:99:59:73:46:83:18:f5:ae:ef:fd:ad:
b3:4b:cb:52:21:c1:71:ad:cc:a3:eb:6a:1e:c2:35:
1f:f8:e1:87:db:02:06:0c:36:03:f5:8c:85:4c:55:
72:1a:33:3c:93:fa:1c:1d:c3:8a:49:b0:21:79:39:
4f:21:1d:e7:23:34:69:85:d9:8e:48:a2:c9:b9:fa:
33:48:aa:95:9e:70:34:29:28:bd:01:cf:1b:b2:f5:
2c:e3:86:b1:32:ad:81:37:77:dc:fc:3b:97:51:20:
e4:64:60:05:2f:9d:f7:4b:e6:47:43:27:61:7c:28:
aa:a2:48:4c:c6:7b:d2:64:48:6e:03:a4:4a:7f:52:
fd:a4:53:fb:4b:dc:18:8e:b9:3d:24:97:23:14:b3:
ae:43:ef:0b:83:96:63:63:d3:51:19:c1:ab:a8:73:
7f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:48:39:9F:4B:85:0C:DB:29:3E:33:9A:EA:A0:0B:AB:37:AF:55:59
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/w0g5n0uFDNspPjOa6qALqzevVVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.208.224.0/22
195.208.232.0/23
195.208.237.0/24
195.208.239.0-195.208.241.255
195.208.243.0-195.208.255.255
Signature Algorithm: sha256WithRSAEncryption
57:66:33:0b:f3:aa:39:20:ce:bf:f5:42:7f:f4:c5:39:14:55:
64:ff:ac:3b:4a:22:68:7f:90:1b:c4:9e:29:eb:66:62:38:5b:
85:7c:8b:cd:bb:b8:13:b0:0e:86:a3:c0:85:b7:54:b5:88:37:
4c:a3:b3:94:ff:b8:29:62:a2:c4:73:e1:db:36:6a:58:ec:9c:
ce:ba:e9:ad:6c:1d:1f:91:bd:01:00:41:25:5d:b4:56:23:34:
ae:49:27:4a:f6:07:c3:76:29:f3:93:77:eb:87:e9:64:cd:49:
86:6c:36:11:5f:3e:a4:70:9b:a9:52:56:90:1b:46:5b:a6:f2:
14:d8:14:8c:8a:98:05:95:06:1c:cb:f7:47:c3:2a:3a:fc:85:
8c:5e:8b:ed:70:c9:d0:a1:f0:82:1c:72:22:9c:33:9d:df:f2:
ca:c6:d2:0b:a5:8a:07:aa:bf:37:c2:e5:97:a4:e2:95:e0:1e:
4a:98:5b:1c:76:d9:8c:f8:ee:dc:02:15:13:10:cb:27:0a:04:
94:e9:7e:9e:5e:3c:10:af:5b:3f:b7:21:ca:51:56:1b:65:e8:
5f:27:3d:89:1e:2d:6d:97:81:8c:82:cc:3b:bb:a9:0a:a5:50:
9e:ef:71:67:db:b4:e5:62:9c:1f:f9:11:63:1b:40:09:08:2e:
6b:4c:9e:4b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVtCuOxDgfJYgr5+0COUScVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMwMTAxMTExNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzQ4Mzk5ZjRiODUwY2RiMjkzZTMzOWFlYWEwMGJhYjM3YWY1NTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtr3j8P9wtyEJH91QQB/7BxzqO0iW
BXPu3TmDFpjCHHiEdsNRn1eEoUPwVUSyim2Mvd7gZi/8eRKfrIIXKmmbAV98HYjJ
Ur+Y+NkZOr/9ZdZLJyoYp653AOqAdsAImVlzRoMY9a7v/a2zS8tSIcFxrcyj62oe
wjUf+OGH2wIGDDYD9YyFTFVyGjM8k/ocHcOKSbAheTlPIR3nIzRphdmOSKLJufoz
SKqVnnA0KSi9Ac8bsvUs44axMq2BN3fc/DuXUSDkZGAFL533S+ZHQydhfCiqokhM
xnvSZEhuA6RKf1L9pFP7S9wYjrk9JJcjFLOuQ+8Lg5ZjY9NRGcGrqHN/MwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMNIOZ9LhQzbKT4zmuqgC6s3r1VZMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvdzBnNW4wdUZETnNwUGpPYTZxQUxxemV2VlZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAATAtAwQCw9DgAwQB
w9DoAwQAw9DtMAwDBADD0O8DBAHD0PAwCwMEAMPQ8wMDAMPQMA0GCSqGSIb3DQEB
CwUAA4IBAQBXZjML86o5IM6/9UJ/9MU5FFVk/6w7SiJof5AbxJ4p62ZiOFuFfIvN
u7gTsA6Go8CFt1S1iDdMo7OU/7gpYqLEc+HbNmpY7JzOuumtbB0fkb0BAEElXbRW
IzSuSSdK9gfDdinzk3frh+lkzUmGbDYRXz6kcJupUlaQG0ZbpvIU2BSMipgFlQYc
y/dHwyo6/IWMXovtcMnQofCCHHIinDOd3/LKxtILpYoHqr83wuWXpOKV4B5KmFsc
dtmM+O7cAhUTEMsnCgSU6X6eXjwQr1s/tyHKUVYbZehfJz2JHi1tl4GMgsw7u6kK
pVCe73Fn27TlYpwf+RFjG0AJCC5rTJ5L
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org