Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/WRfr1p_-hh9C8mub5XHqDSVUIAw.roa
File: WRfr1p_-hh9C8mub5XHqDSVUIAw.roa (raw, json)
Hash identifier: tNTF2ewF5KwYyxPsWFcAJ7fyZXb0MZX9+7PLl6I8YRQ=
Subject key identifier: 59:17:EB:D6:9F:FE:86:1F:42:F2:6B:9B:E5:71:EA:0D:25:54:20:0C
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018ADDC17E8BCC85C169E5C1448A8210E03D
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/WRfr1p_-hh9C8mub5XHqDSVUIAw.roa
Signing time: Thu 28 Sep 2023 21:46:00 +0000
ROA not before: Thu 28 Sep 2023 21:46:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201106
IP address blocks: 194.124.218.0/23 maxlen: 32
178.22.30.0/24 maxlen: 32
194.124.224.0/23 maxlen: 32
45.142.156.0/24 maxlen: 32
45.142.157.0/24 maxlen: 32
45.142.158.0/23 maxlen: 32
94.154.114.0/24 maxlen: 32
194.147.98.0/23 maxlen: 32
194.147.100.0/23 maxlen: 32
188.93.139.0/24 maxlen: 32
45.150.226.0/23 maxlen: 32
193.218.200.0/23 maxlen: 32
45.154.212.0/22 maxlen: 32
45.150.164.0/22 maxlen: 32
193.221.94.0/23 maxlen: 32
45.151.132.0/22 maxlen: 32
45.145.74.0/23 maxlen: 32
45.145.72.0/23 maxlen: 32
2a0e:da40:4000::/34 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dd:c1:7e:8b:cc:85:c1:69:e5:c1:44:8a:82:10:e0:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Sep 28 21:46:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5917ebd69ffe861f42f26b9be571ea0d2554200c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:53:de:49:2d:fb:39:d7:d4:cb:27:c9:1d:cf:
fb:37:3f:24:09:a2:d6:59:16:14:8b:01:73:5c:9a:
ff:1f:62:35:f4:26:d7:e6:b8:d1:44:c5:04:eb:01:
87:78:f0:b5:10:0e:a6:2b:d4:84:4b:f9:e8:fb:13:
1b:54:7d:b3:ad:73:56:86:22:46:e3:46:5c:a8:4c:
d1:41:50:8d:fb:a2:69:bb:88:e3:1e:91:0e:d4:29:
0e:04:05:e6:82:52:0d:a8:24:2a:77:10:16:dc:f8:
1b:0d:6a:97:90:ce:88:07:78:6c:8f:fc:e7:6a:1a:
5a:ac:e2:d9:bf:0e:a8:9f:01:02:59:2e:68:4d:b4:
6b:c0:5f:36:37:d6:69:91:bb:78:5a:44:ec:f4:01:
93:58:a9:ba:da:bc:af:b0:00:04:90:0f:51:c8:51:
08:fe:09:ef:14:45:fe:34:87:d8:38:05:d1:fc:6d:
b1:86:63:f6:49:ee:40:6f:d3:b6:62:1d:b1:e1:45:
98:6e:92:59:6d:e9:56:cd:c2:6a:50:f4:64:2f:e9:
43:30:be:04:81:0d:b6:04:b1:bf:fc:00:af:21:10:
d1:a5:f6:b5:2e:94:b0:f2:8a:c4:28:ad:10:75:0f:
c5:76:c2:37:63:97:c6:94:c4:bf:a1:3b:d4:82:9d:
e4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:17:EB:D6:9F:FE:86:1F:42:F2:6B:9B:E5:71:EA:0D:25:54:20:0C
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/WRfr1p_-hh9C8mub5XHqDSVUIAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.156.0/22
45.145.72.0/22
45.150.164.0/22
45.150.226.0/23
45.151.132.0/22
45.154.212.0/22
94.154.114.0/24
178.22.30.0/24
188.93.139.0/24
193.218.200.0/23
193.221.94.0/23
194.124.218.0/23
194.124.224.0/23
194.147.98.0-194.147.101.255
IPv6:
2a0e:da40:4000::/34
Signature Algorithm: sha256WithRSAEncryption
c9:0a:20:26:23:a5:be:a8:29:b4:aa:a8:ee:83:ba:4c:ae:3f:
9c:6f:de:40:d1:16:b6:d6:d1:17:98:c8:00:fa:e2:d3:74:5d:
71:bc:e8:ed:4a:fb:ca:eb:e8:cb:5b:96:df:ad:93:6d:b9:fc:
ce:6f:ee:fe:06:92:e9:f1:7b:12:e5:70:dd:2a:fd:cf:a1:5b:
e7:df:33:4b:26:e9:e2:78:aa:06:71:6d:82:66:29:d4:72:6e:
ae:6b:42:ce:7c:ed:b8:b1:6a:8d:61:43:c1:15:4f:f0:10:ad:
39:09:a5:15:39:b9:da:01:dc:68:d5:d9:32:e4:5e:8f:e8:f9:
19:2a:80:d8:52:48:94:34:04:5e:b0:c0:26:e9:de:78:ec:8b:
ec:28:9b:25:cf:7b:32:93:66:eb:a3:7c:71:d2:97:93:f5:ed:
34:4f:b9:f3:57:e8:61:1f:88:79:c2:e2:5d:4a:60:53:8e:05:
32:a2:90:a5:ac:9b:46:9a:d9:ed:be:03:32:e7:78:b3:fd:63:
33:aa:85:dc:2e:d4:8f:79:26:c9:58:ef:49:5d:5a:e2:3a:16:
c9:3d:44:59:49:d1:5d:9b:dc:3b:9f:00:bd:15:4d:f2:ec:9b:
48:40:9a:c0:b5:9b:5f:8e:a5:dc:5a:b5:00:c0:32:42:b8:cd:
26:dc:13:4e
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYrdwX6LzIXBaeXBRIqCEOA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjMwOTI4MjE0NjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTE3ZWJkNjlmZmU4NjFmNDJmMjZiOWJlNTcxZWEwZDI1NTQyMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylPeSS37OdfUyyfJHc/7Nz8kCaLW
WRYUiwFzXJr/H2I19CbX5rjRRMUE6wGHePC1EA6mK9SES/no+xMbVH2zrXNWhiJG
40ZcqEzRQVCN+6Jpu4jjHpEO1CkOBAXmglINqCQqdxAW3PgbDWqXkM6IB3hsj/zn
ahparOLZvw6onwECWS5oTbRrwF82N9Zpkbt4WkTs9AGTWKm62ryvsAAEkA9RyFEI
/gnvFEX+NIfYOAXR/G2xhmP2Se5Ab9O2Yh2x4UWYbpJZbelWzcJqUPRkL+lDML4E
gQ22BLG//ACvIRDRpfa1LpSw8orEKK0QdQ/FdsI3Y5fGlMS/oTvUgp3kfQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFFkX69af/oYfQvJrm+Vx6g0lVCAMMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvV1JmcjFwXy1oaDlDOG11YjVYSHFEU1ZVSUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwYgQCAAEwXAMEAi2OnAME
Ai2RSAMEAi2WpAMEAS2W4gMEAi2XhAMEAi2a1AMEAF6acgMEALIWHgMEALxdiwME
AcHayAMEAcHdXgMEAcJ82gMEAcJ84DAMAwQBwpNiAwQBwpNkMA4EAgACMAgDBgYq
DtpAQDANBgkqhkiG9w0BAQsFAAOCAQEAyQogJiOlvqgptKqo7oO6TK4/nG/eQNEW
ttbRF5jIAPri03Rdcbzo7Ur7yuvoy1uW362Tbbn8zm/u/gaS6fF7EuVw3Sr9z6Fb
598zSybp4niqBnFtgmYp1HJurmtCznztuLFqjWFDwRVP8BCtOQmlFTm52gHcaNXZ
MuRej+j5GSqA2FJIlDQEXrDAJuneeOyL7CibJc97MpNm66N8cdKXk/XtNE+581fo
YR+IecLiXUpgU44FMqKQpaybRprZ7b4DMud4s/1jM6qF3C7Uj3kmyVjvSV1a4joW
yT1EWUnRXZvcO58AvRVN8uybSECawLWbX46l3Fq1AMAyQrjNJtwTTg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:22 2024 by rpki-client on console-ams.rpki-client.org