Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/WBIB7fn4i3S-l1oOzC9_h_hokIw.roa
File: WBIB7fn4i3S-l1oOzC9_h_hokIw.roa (raw, json)
Hash identifier: GfJn1/45NBsrfF/lx4SauwaGjX6QwEoJUsqS2PyWAJo=
Subject key identifier: 58:12:01:ED:F9:F8:8B:74:BE:97:5A:0E:CC:2F:7F:87:F8:68:90:8C
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0185C3C0065F229566919E455E80B18F09B2
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/WBIB7fn4i3S-l1oOzC9_h_hokIw.roa
Signing time: Wed 18 Jan 2023 07:20:19 +0000
ROA not before: Wed 18 Jan 2023 07:20:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200088
IP address blocks: 185.166.196.0/24 maxlen: 24
185.166.197.0/24 maxlen: 24
37.220.83.0/24 maxlen: 24
37.220.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Feb 2023 12:11:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c3:c0:06:5f:22:95:66:91:9e:45:5e:80:b1:8f:09:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 18 07:20:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=581201edf9f88b74be975a0ecc2f7f87f868908c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9b:4e:0d:0e:91:4a:a6:0c:dc:a1:d3:96:ab:
b0:9b:71:86:59:95:3c:4b:4f:a4:ac:d9:44:f7:7b:
fb:72:22:35:10:9c:d0:b2:38:44:02:8f:ae:61:2a:
4a:05:6a:5d:c2:36:39:cd:d1:d0:87:d0:c3:ae:f6:
08:ca:ad:c8:5e:3d:0b:dd:bc:93:dd:94:bd:b8:60:
9a:88:bf:96:70:c8:1a:d0:32:b8:f6:9f:30:fa:0e:
7f:df:b5:e0:7f:b5:9e:62:8e:75:9c:15:e0:90:23:
9e:c3:e7:fd:b5:30:23:d2:8e:3b:21:79:16:65:de:
bb:a0:57:5e:14:5b:52:bf:ae:02:88:da:87:eb:f7:
62:76:9f:df:fc:81:6f:dc:60:95:ef:9f:2c:55:aa:
45:7c:2c:32:7e:ab:35:4f:ac:ba:9a:87:ea:3a:0d:
11:aa:a7:ee:dc:26:b7:39:42:89:c4:07:dd:66:b4:
9b:44:31:76:57:29:d1:d1:5a:ae:98:17:94:1b:3d:
1e:c5:a1:4e:81:84:e3:fd:c9:b2:ab:4f:3e:25:4f:
24:95:5b:d6:78:95:72:66:d5:65:35:8b:4f:05:8b:
f0:19:29:66:33:ac:6c:af:43:27:5e:98:f6:bb:c1:
b1:bf:9d:79:50:a0:cc:54:ad:91:2b:f4:ee:4d:8d:
72:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:12:01:ED:F9:F8:8B:74:BE:97:5A:0E:CC:2F:7F:87:F8:68:90:8C
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/WBIB7fn4i3S-l1oOzC9_h_hokIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.82.0/23
185.166.196.0/23
Signature Algorithm: sha256WithRSAEncryption
23:7f:8f:cf:5e:bb:8c:04:40:f9:a2:af:46:c4:12:de:e8:58:
28:9d:94:37:05:7f:ad:26:c3:35:00:f0:f2:46:95:75:87:26:
d0:c3:b3:5f:ce:4c:dc:2e:cf:51:97:91:21:92:66:06:65:35:
6a:23:ae:1f:f2:04:e7:9d:b8:b8:0b:2a:d3:fd:02:08:a0:3a:
3e:7c:ef:e1:c4:ac:f7:04:f2:cf:28:69:59:f2:22:a0:b3:f0:
81:0c:c3:89:c5:e4:38:b4:c6:f4:50:5d:85:ff:6f:a9:85:4b:
5e:9b:16:2d:61:c0:9b:1a:69:4a:27:c5:46:73:6d:18:61:fd:
9e:c0:4b:9c:b4:48:79:60:fb:bd:da:ea:e3:bd:4f:57:e5:8f:
cb:78:cf:eb:05:3f:66:7a:76:c0:67:9a:e0:5d:5c:fc:33:b1:
9a:ed:f6:26:42:ae:1e:8c:d2:ab:74:c4:c0:e5:a1:42:e7:79:
a3:01:2d:e0:c3:e8:66:fe:ee:ad:b8:60:ba:a1:83:43:ac:35:
95:65:04:b3:c0:6e:77:06:e7:4c:f6:a4:c8:ef:d7:66:18:07:
07:9d:1d:b6:16:dc:f0:9f:23:97:82:ed:31:48:a0:1d:55:96:
48:df:7c:ab:27:f6:7a:06:73:58:4a:10:fc:8a:e1:8b:95:1d:
3c:f9:e6:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXDwAZfIpVmkZ5FXoCxjwmyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMTE4MDcyMDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODEyMDFlZGY5Zjg4Yjc0YmU5NzVhMGVjYzJmN2Y4N2Y4Njg5MDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtptODQ6RSqYM3KHTlquwm3GGWZU8
S0+krNlE93v7ciI1EJzQsjhEAo+uYSpKBWpdwjY5zdHQh9DDrvYIyq3IXj0L3byT
3ZS9uGCaiL+WcMga0DK49p8w+g5/37Xgf7WeYo51nBXgkCOew+f9tTAj0o47IXkW
Zd67oFdeFFtSv64CiNqH6/didp/f/IFv3GCV758sVapFfCwyfqs1T6y6mofqOg0R
qqfu3Ca3OUKJxAfdZrSbRDF2VynR0VqumBeUGz0exaFOgYTj/cmyq08+JU8klVvW
eJVyZtVlNYtPBYvwGSlmM6xsr0MnXpj2u8Gxv515UKDMVK2RK/TuTY1yBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFgSAe35+It0vpdaDswvf4f4aJCMMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvV0JJQjdmbjRpM1MtbDFvT3pDOV9oX2hva0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJdxSAwQB
uabEMA0GCSqGSIb3DQEBCwUAA4IBAQAjf4/PXruMBED5oq9GxBLe6FgonZQ3BX+t
JsM1APDyRpV1hybQw7NfzkzcLs9Rl5EhkmYGZTVqI64f8gTnnbi4CyrT/QIIoDo+
fO/hxKz3BPLPKGlZ8iKgs/CBDMOJxeQ4tMb0UF2F/2+phUtemxYtYcCbGmlKJ8VG
c20YYf2ewEuctEh5YPu92urjvU9X5Y/LeM/rBT9menbAZ5rgXVz8M7Ga7fYmQq4e
jNKrdMTA5aFC53mjAS3gw+hm/u6tuGC6oYNDrDWVZQSzwG53BudM9qTI79dmGAcH
nR22FtzwnyOXgu0xSKAdVZZI33yrJ/Z6BnNYShD8iuGLlR08+eaL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org