Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/WHrxOKvWTVYOnE5_CCtLWYQtpz4.roa
File: WHrxOKvWTVYOnE5_CCtLWYQtpz4.roa (raw, json)
Hash identifier: Mj+5eXUsOkupQJ0CPL7FUURcefPxAdb/s40R8bRMH44=
Subject key identifier: 58:7A:F1:38:AB:D6:4D:56:0E:9C:4E:7F:08:2B:4B:59:84:2D:A7:3E
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 018DC802C18EAEED633F5895C89FC96E6DA0
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/WHrxOKvWTVYOnE5_CCtLWYQtpz4.roa
Signing time: Tue 20 Feb 2024 19:34:00 +0000
ROA not before: Tue 20 Feb 2024 19:34:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 45.132.80.0/22 maxlen: 24
81.28.253.0/24 maxlen: 24
91.239.149.0/24 maxlen: 24
91.244.198.0/24 maxlen: 24
176.105.228.0/24 maxlen: 24
185.177.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 16:35:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c8:02:c1:8e:ae:ed:63:3f:58:95:c8:9f:c9:6e:6d:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Feb 20 19:34:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=587af138abd64d560e9c4e7f082b4b59842da73e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b4:c0:1f:c0:ee:92:0e:b2:c9:eb:f8:3f:07:
74:ca:4a:9e:17:0c:ef:21:af:5e:47:f2:b3:27:89:
66:c3:3f:24:3f:28:bd:3d:50:4e:87:f0:23:a6:3b:
66:9d:68:4f:9e:0d:86:d6:b8:ef:0a:64:7d:e3:5b:
4a:30:e7:b8:6f:77:ee:0d:f9:36:5d:c0:7d:c4:cd:
a6:d4:7e:d5:55:14:68:02:ef:63:ab:30:78:b2:15:
34:08:8a:52:d0:9c:8e:24:d3:80:ec:87:c6:00:23:
2d:26:e6:98:54:e1:62:a6:79:c4:46:0b:9f:cd:a5:
d3:38:49:3e:9f:1e:17:b4:5d:8a:9d:2e:bf:79:60:
c0:70:c3:7b:0b:c5:47:e7:d0:13:32:f8:87:2c:00:
e8:23:89:d5:5d:07:0e:ad:72:82:7c:05:4e:d0:a8:
e6:f2:fd:63:d7:0c:b4:ef:c5:62:3e:04:2d:16:62:
ef:18:41:9b:8b:96:87:93:e6:93:b2:25:bd:6c:1a:
cb:fb:4d:1a:4e:23:2e:cc:45:3a:0f:6e:2d:8e:5e:
de:9e:5d:72:d2:c9:b9:63:f0:b4:2e:ff:2c:98:01:
37:7e:ee:4b:dd:5e:20:07:8b:0d:63:a5:41:2e:e0:
b9:de:fc:7b:48:91:d5:68:0b:d6:eb:67:7e:2b:36:
03:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:7A:F1:38:AB:D6:4D:56:0E:9C:4E:7F:08:2B:4B:59:84:2D:A7:3E
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/WHrxOKvWTVYOnE5_CCtLWYQtpz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.80.0/22
81.28.253.0/24
91.239.149.0/24
91.244.198.0/24
176.105.228.0/24
185.177.27.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:32:86:99:26:2d:0c:d3:2f:74:80:d3:b0:37:6a:22:5d:7b:
89:3d:00:22:b4:cb:b6:e9:6c:f1:a6:31:ef:07:2c:3c:e1:1c:
2b:a0:97:b2:31:f6:5d:69:31:87:b5:e4:a3:c3:71:86:e7:8c:
e6:49:e0:e1:a4:03:17:43:62:ce:d1:2f:83:d8:49:99:7a:80:
b7:31:2b:2c:23:33:11:a2:4d:20:a0:70:e4:59:bb:26:ab:b9:
19:b1:5a:ca:42:4d:44:3c:13:48:38:b5:b3:82:cd:02:fc:4b:
2b:b7:0e:1b:c6:fe:21:aa:00:55:ef:bf:e8:95:45:b1:5d:10:
11:77:47:e6:b5:0e:a8:8d:bd:43:8a:be:27:54:0a:02:d4:bf:
49:d9:8b:b5:7e:9d:71:00:ba:9f:97:fc:15:b8:4b:37:e2:26:
30:7a:d3:9b:08:8a:19:c6:2e:0c:dd:50:7b:f2:92:6e:51:5b:
a4:cc:4a:21:41:82:37:67:c2:1e:ad:94:95:bb:74:60:cc:d4:
52:b6:b2:0a:1e:48:e5:75:1e:81:33:0b:18:c9:6e:a8:94:66:
c8:54:5e:75:7e:e2:47:5f:83:4b:b3:69:15:39:9c:b4:ff:bd:
67:7e:cf:32:7d:05:e4:0e:79:be:b2:cb:34:f0:62:19:2c:13:
6b:5f:63:1c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY3IAsGOru1jP1iVyJ/Jbm2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjQwMjIwMTkzNDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODdhZjEzOGFiZDY0ZDU2MGU5YzRlN2YwODJiNGI1OTg0MmRhNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLTAH8Dukg6yyev4Pwd0ykqeFwzv
Ia9eR/KzJ4lmwz8kPyi9PVBOh/AjpjtmnWhPng2G1rjvCmR941tKMOe4b3fuDfk2
XcB9xM2m1H7VVRRoAu9jqzB4shU0CIpS0JyOJNOA7IfGACMtJuaYVOFipnnERguf
zaXTOEk+nx4XtF2KnS6/eWDAcMN7C8VH59ATMviHLADoI4nVXQcOrXKCfAVO0Kjm
8v1j1wy078ViPgQtFmLvGEGbi5aHk+aTsiW9bBrL+00aTiMuzEU6D24tjl7enl1y
0sm5Y/C0Lv8smAE3fu5L3V4gB4sNY6VBLuC53vx7SJHVaAvW62d+KzYDbQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFh68Tir1k1WDpxOfwgrS1mELac+MB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvV0hyeE9LdldUVllPbkU1X0NDdExXWVF0cHo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLYRQAwQA
URz9AwQAW++VAwQAW/TGAwQAsGnkAwQAubEbMA0GCSqGSIb3DQEBCwUAA4IBAQBb
MoaZJi0M0y90gNOwN2oiXXuJPQAitMu26WzxpjHvByw84RwroJeyMfZdaTGHteSj
w3GG54zmSeDhpAMXQ2LO0S+D2EmZeoC3MSssIzMRok0goHDkWbsmq7kZsVrKQk1E
PBNIOLWzgs0C/Esrtw4bxv4hqgBV77/olUWxXRARd0fmtQ6ojb1Dir4nVAoC1L9J
2Yu1fp1xALqfl/wVuEs34iYwetObCIoZxi4M3VB78pJuUVukzEohQYI3Z8IerZSV
u3RgzNRStrIKHkjldR6BMwsYyW6olGbIVF51fuJHX4NLs2kVOZy0/71nfs8yfQXk
Dnm+sss08GIZLBNrX2Mc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:00 2024 by rpki-client on console-fra.rpki-client.org