Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/Wlrg5iy3xNPEplnAFNpDl1xK1qU.roa
File: Wlrg5iy3xNPEplnAFNpDl1xK1qU.roa (raw, json)
Hash identifier: v8fu91icckYN7ppLuavzjHVcIKLs5V+P0CAR/4IVt+4=
Subject key identifier: 5A:5A:E0:E6:2C:B7:C4:D3:C4:A6:59:C0:14:DA:43:97:5C:4A:D6:A5
Certificate issuer: /CN=e1ba4b2867dad38b73a46918241efc72a21262f7
Certificate serial: 01856F26E2FCBA6EFBDFDB67AD338A2561B2
Authority key identifier: E1:BA:4B:28:67:DA:D3:8B:73:A4:69:18:24:1E:FC:72:A2:12:62:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4bpLKGfa04tzpGkYJB78cqISYvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/Wlrg5iy3xNPEplnAFNpDl1xK1qU.roa
Signing time: Sun 01 Jan 2023 21:04:57 +0000
ROA not before: Sun 01 Jan 2023 21:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50226
IP address blocks: 89.16.192.0/19 maxlen: 24
185.228.40.0/22 maxlen: 22
185.56.124.0/22 maxlen: 22
2a00:17e8::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:e2:fc:ba:6e:fb:df:db:67:ad:33:8a:25:61:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1ba4b2867dad38b73a46918241efc72a21262f7
Validity
Not Before: Jan 1 21:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a5ae0e62cb7c4d3c4a659c014da43975c4ad6a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:db:ae:97:dc:f7:a2:9d:29:b8:f6:b7:49:1c:
d7:98:fb:96:e9:18:b3:c6:b6:57:2c:ba:b2:a6:d8:
83:87:20:35:88:ae:8f:f5:d6:cb:c5:06:ac:a0:4c:
08:a3:62:21:e7:a9:d1:3f:70:aa:93:39:5c:7f:7b:
d6:88:79:4d:12:00:aa:4c:7a:5a:71:fc:24:da:6c:
aa:57:60:a8:a4:c6:9d:e7:c4:3e:db:30:74:37:d0:
51:e9:ed:b8:60:82:a5:7f:e1:62:ee:f8:10:29:10:
32:de:58:8e:f2:32:59:6a:3a:41:ea:1a:d4:91:58:
62:ad:da:84:3b:b8:86:e5:fe:b0:25:0f:51:26:b9:
a9:d4:53:3d:31:e4:99:ab:be:77:36:81:45:f6:90:
9f:df:ab:0d:c9:17:91:f4:94:a2:31:df:64:6d:9b:
f6:75:f5:aa:49:b3:6f:7e:9d:c5:db:ad:4c:e0:2c:
5a:8a:73:17:33:ff:f1:d2:a9:e7:c9:6e:ba:9b:a6:
61:9b:14:f4:63:60:da:0a:f0:f7:3c:03:bc:3d:7f:
aa:90:aa:98:ce:81:dc:4f:5c:a3:e9:b5:57:be:29:
22:cb:60:84:a4:0b:5e:87:d6:4a:53:2b:d0:5c:48:
ec:f4:47:fb:07:44:5e:d4:cc:ee:8b:8b:ca:bd:5e:
cc:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:5A:E0:E6:2C:B7:C4:D3:C4:A6:59:C0:14:DA:43:97:5C:4A:D6:A5
X509v3 Authority Key Identifier:
keyid:E1:BA:4B:28:67:DA:D3:8B:73:A4:69:18:24:1E:FC:72:A2:12:62:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4bpLKGfa04tzpGkYJB78cqISYvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/Wlrg5iy3xNPEplnAFNpDl1xK1qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/4bpLKGfa04tzpGkYJB78cqISYvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.16.192.0/19
185.56.124.0/22
185.228.40.0/22
IPv6:
2a00:17e8::/29
Signature Algorithm: sha256WithRSAEncryption
4e:37:24:2e:c4:b5:b4:2c:27:f2:18:93:af:ac:f7:b6:36:35:
50:1f:2d:a6:d1:07:31:3b:1e:d9:3f:6e:94:92:79:40:29:91:
f1:9e:92:6f:4d:23:24:ec:89:7e:c1:33:b5:8c:c5:10:1e:3d:
85:e2:25:1d:d2:b2:06:2e:93:f2:62:e6:08:51:64:1e:44:7d:
51:24:84:63:72:0e:e9:bb:85:b6:3a:39:c1:20:bd:f3:f9:4c:
27:87:27:11:8c:72:56:ef:35:35:c0:d4:b5:6f:cc:eb:e0:73:
5c:d1:8f:af:88:87:f6:f8:a2:f9:a9:5a:92:40:0c:04:78:8b:
31:76:b0:6d:5a:6b:7c:98:48:b4:55:72:74:a1:af:c3:fd:b3:
de:14:bd:4a:df:1c:98:7f:63:78:81:7a:5c:5b:76:44:42:73:
e1:f0:10:e1:4b:38:7f:44:64:42:f9:ed:30:93:bf:30:b1:20:
aa:60:ad:fa:0e:42:35:0b:4f:3c:65:ed:ee:96:69:4b:61:1c:
f6:c5:37:00:56:cd:04:d3:59:a1:5d:ba:fc:dd:e7:73:f1:9f:
41:4f:21:3c:0e:ed:31:15:53:cb:bc:69:9b:8d:f3:df:12:5b:
06:4c:f3:72:3d:cc:1c:27:73:00:5b:2b:8c:07:a2:56:55:3f:
be:9d:e6:c0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvJuL8um7739tnrTOKJWGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYmE0YjI4NjdkYWQzOGI3M2E0NjkxODI0MWVmYzcyYTIx
MjYyZjcwHhcNMjMwMTAxMjEwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTVhZTBlNjJjYjdjNGQzYzRhNjU5YzAxNGRhNDM5NzVjNGFkNmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutuul9z3op0puPa3SRzXmPuW6Riz
xrZXLLqyptiDhyA1iK6P9dbLxQasoEwIo2Ih56nRP3Cqkzlcf3vWiHlNEgCqTHpa
cfwk2myqV2CopMad58Q+2zB0N9BR6e24YIKlf+Fi7vgQKRAy3liO8jJZajpB6hrU
kVhirdqEO7iG5f6wJQ9RJrmp1FM9MeSZq753NoFF9pCf36sNyReR9JSiMd9kbZv2
dfWqSbNvfp3F261M4CxainMXM//x0qnnyW66m6ZhmxT0Y2DaCvD3PAO8PX+qkKqY
zoHcT1yj6bVXvikiy2CEpAteh9ZKUyvQXEjs9Ef7B0Re1Mzui4vKvV7MKQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFpa4OYst8TTxKZZwBTaQ5dcStalMB8GA1UdIwQY
MBaAFOG6Syhn2tOLc6RpGCQe/HKiEmL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJwTEtHZmEwNHR6cEdrWUpCNzhjcUlTWXZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC82ODkxMDktMTcyMy00YmYxLWI2M2Et
ZGM2NGFlNzI1NzhlLzEvV2xyZzVpeTN4TlBFcGxuQUZOcERsMXhLMXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC82ODkxMDktMTcyMy00YmYxLWI2M2EtZGM2NGFlNzI1Nzhl
LzEvNGJwTEtHZmEwNHR6cEdrWUpCNzhjcUlTWXZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFWRDAAwQC
uTh8AwQCueQoMA0EAgACMAcDBQMqABfoMA0GCSqGSIb3DQEBCwUAA4IBAQBONyQu
xLW0LCfyGJOvrPe2NjVQHy2m0QcxOx7ZP26UknlAKZHxnpJvTSMk7Il+wTO1jMUQ
Hj2F4iUd0rIGLpPyYuYIUWQeRH1RJIRjcg7pu4W2OjnBIL3z+UwnhycRjHJW7zU1
wNS1b8zr4HNc0Y+viIf2+KL5qVqSQAwEeIsxdrBtWmt8mEi0VXJ0oa/D/bPeFL1K
3xyYf2N4gXpcW3ZEQnPh8BDhSzh/RGRC+e0wk78wsSCqYK36DkI1C088Ze3ulmlL
YRz2xTcAVs0E01mhXbr83edz8Z9BTyE8Du0xFVPLvGmbjfPfElsGTPNyPcwcJ3MA
WyuMB6JWVT++nebA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:35 2024 by rpki-client on console-fra.rpki-client.org