Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/wHCZqQFarTZdI1VquMIocnSC0q0.roa
File: wHCZqQFarTZdI1VquMIocnSC0q0.roa (raw, json)
Hash identifier: 556jrxSOmui5c8Ry4g/oBRszHrCI6GQX3us9Z1kwq9Y=
Subject key identifier: C0:70:99:A9:01:5A:AD:36:5D:23:55:6A:B8:C2:28:72:74:82:D2:AD
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018935BA04E49E465E6ECC3734D11F42B49C
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/wHCZqQFarTZdI1VquMIocnSC0q0.roa
Signing time: Sat 08 Jul 2023 13:38:50 +0000
ROA not before: Sat 08 Jul 2023 13:38:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136258
IP address blocks: 185.213.23.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
185.123.100.0/23 maxlen: 23
147.78.3.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
2a11:840:18::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Jul 2023 17:58:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:35:ba:04:e4:9e:46:5e:6e:cc:37:34:d1:1f:42:b4:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jul 8 13:38:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c07099a9015aad365d23556ab8c228727482d2ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6a:cf:33:f2:bc:e1:28:52:05:77:e0:91:f0:
aa:1c:01:9b:95:32:bf:eb:07:87:4b:c1:b1:ca:25:
65:73:ab:d7:26:65:5b:bc:0e:40:13:54:86:18:36:
31:d5:85:b3:ba:60:cc:14:7b:df:a5:37:10:94:be:
a4:e1:68:5d:eb:68:64:61:27:cb:5d:e4:52:6e:2d:
94:fd:02:fa:2d:ce:02:73:0a:62:f8:49:2f:18:d8:
4b:a9:22:f7:cd:a8:46:38:fa:dc:d7:a9:7a:93:39:
50:f2:d5:6e:f3:f5:9c:95:49:02:07:96:e3:ce:ac:
95:6d:bb:8a:dd:dd:80:0d:2b:8c:c4:f5:61:23:35:
9b:20:75:9d:4e:35:44:16:48:fb:9a:0b:d8:2e:24:
7f:1f:f2:68:11:b5:28:05:3d:80:0d:3e:a4:15:01:
47:c5:c9:4c:15:02:7c:46:8d:2c:d9:6a:f4:58:09:
4c:47:26:36:50:4b:da:e7:f8:96:f1:64:37:6c:01:
73:30:2a:56:92:6e:ca:4a:23:cf:58:fb:d7:81:dd:
6e:da:9c:9b:4f:62:4f:a0:86:55:5b:e7:32:05:9a:
90:f8:c8:9d:0a:0d:11:66:0a:e3:2f:40:36:e9:b5:
12:18:95:9f:a3:db:ff:66:73:5e:10:01:d5:83:0a:
5c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:70:99:A9:01:5A:AD:36:5D:23:55:6A:B8:C2:28:72:74:82:D2:AD
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/wHCZqQFarTZdI1VquMIocnSC0q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.152.0/23
109.104.155.0/24
147.78.0.0/23
147.78.3.0/24
185.123.100.0/23
185.126.239.0/24
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:24::/47
2a11:840:40::/47
2a11:840:47::/48
Signature Algorithm: sha256WithRSAEncryption
23:45:d2:6d:6e:c4:3d:59:c1:e2:71:1d:ef:a7:a3:d1:fe:f9:
c4:9e:f2:4d:7a:ce:55:9b:b8:1b:ce:de:3c:fa:d0:65:78:17:
d3:47:4c:04:c7:4d:ee:33:10:70:cc:29:50:6d:56:92:66:34:
3b:72:bd:c9:7c:08:d6:54:f2:ab:76:fd:c0:a3:81:6c:b1:03:
ae:07:86:3b:9a:2e:78:6a:6c:9f:06:07:1e:89:bd:4e:39:03:
a5:b1:68:a9:5b:eb:dc:c0:5c:c7:9a:d4:e8:33:57:85:8e:2d:
cc:01:57:fe:bf:d2:93:46:b6:cb:45:01:4e:9c:c8:11:44:7c:
d7:80:df:27:fb:94:d1:2a:7a:c1:36:14:c0:53:dc:3e:3c:a7:
47:47:27:b2:5e:bc:37:6c:28:e5:34:39:6f:ff:12:e3:07:d0:
4d:5e:5f:b4:28:85:19:5e:1d:f9:63:28:4b:4e:5d:7f:cf:7b:
96:a0:58:66:2e:58:47:62:17:04:68:e3:78:d9:f4:b8:36:85:
78:fc:03:52:6b:7f:94:08:19:3b:57:85:ea:3e:f1:68:9c:b5:
9c:5c:5e:ab:5e:2c:de:95:99:19:0e:85:07:66:5b:dc:ee:22:
20:3d:64:e0:e4:8f:3e:cd:aa:45:ce:8b:a5:96:8d:b5:9a:f6:
73:25:f7:6a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAYk1ugTknkZebsw3NNEfQrScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjMwNzA4MTMzODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDcwOTlhOTAxNWFhZDM2NWQyMzU1NmFiOGMyMjg3Mjc0ODJkMmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGrPM/K84ShSBXfgkfCqHAGblTK/
6weHS8GxyiVlc6vXJmVbvA5AE1SGGDYx1YWzumDMFHvfpTcQlL6k4Whd62hkYSfL
XeRSbi2U/QL6Lc4Ccwpi+EkvGNhLqSL3zahGOPrc16l6kzlQ8tVu8/WclUkCB5bj
zqyVbbuK3d2ADSuMxPVhIzWbIHWdTjVEFkj7mgvYLiR/H/JoEbUoBT2ADT6kFQFH
xclMFQJ8Ro0s2Wr0WAlMRyY2UEva5/iW8WQ3bAFzMCpWkm7KSiPPWPvXgd1u2pyb
T2JPoIZVW+cyBZqQ+MidCg0RZgrjL0A26bUSGJWfo9v/ZnNeEAHVgwpcuwIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFMBwmakBWq02XSNVarjCKHJ0gtKtMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvd0hDWnFRRmFyVFpkSTFWcXVNSW9jblNDMHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTAwBAIAATAqAwQBbWiY
AwQAbWibAwQBk04AAwQAk04DAwQBuXtkAwQAuX7vAwQAudUXMF0EAgACMFcwEgMH
ASoRCEAABgMHACoRCEAACDASAwcEKhEIQAAQAwcAKhEIQAAUMBIDBwAqEQhAABcD
BwEqEQhAABgDBwEqEQhAACQDBwEqEQhAAEADBwAqEQhAAEcwDQYJKoZIhvcNAQEL
BQADggEBACNF0m1uxD1ZweJxHe+no9H++cSe8k16zlWbuBvO3jz60GV4F9NHTATH
Te4zEHDMKVBtVpJmNDtyvcl8CNZU8qt2/cCjgWyxA64HhjuaLnhqbJ8GBx6JvU45
A6WxaKlb69zAXMea1OgzV4WOLcwBV/6/0pNGtstFAU6cyBFEfNeA3yf7lNEqesE2
FMBT3D48p0dHJ7JevDdsKOU0OW//EuMH0E1eX7QohRleHfljKEtOXX/Pe5agWGYu
WEdiFwRo43jZ9Lg2hXj8A1Jrf5QIGTtXheo+8WictZxcXqteLN6VmRkOhQdmW9zu
IiA9ZODkjz7NqkXOi6WWjbWa9nMl92o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:51 2024 by rpki-client on console-ams.rpki-client.org