Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/wfQAyAKL9sCYPfHihmgPTW1DvnA.roa
File: wfQAyAKL9sCYPfHihmgPTW1DvnA.roa (raw, json)
Hash identifier: RWl1joQbTAO5OUGYBUIVG7q9RcueJ+ZAZFHVzpypuHI=
Subject key identifier: C1:F4:00:C8:02:8B:F6:C0:98:3D:F1:E2:86:68:0F:4D:6D:43:BE:70
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 0185723A358ABC22600DD059979B66140A6D
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/wfQAyAKL9sCYPfHihmgPTW1DvnA.roa
Signing time: Mon 02 Jan 2023 11:24:55 +0000
ROA not before: Mon 02 Jan 2023 11:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59524
IP address blocks: 145.128.64.0/20 maxlen: 20
145.128.80.0/20 maxlen: 20
145.128.96.0/19 maxlen: 19
145.128.0.0/20 maxlen: 20
145.128.16.0/20 maxlen: 20
91.242.160.0/24 maxlen: 24
145.128.27.0/24 maxlen: 24
145.128.32.0/19 maxlen: 19
2001:67c:104c::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:35:8a:bc:22:60:0d:d0:59:97:9b:66:14:0a:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 11:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1f400c8028bf6c0983df1e286680f4d6d43be70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4e:3e:e1:31:a7:d5:36:bd:99:fc:2b:6c:42:
98:ce:62:da:a2:81:57:31:d3:58:fa:4a:cf:2c:d9:
ef:b1:a5:6b:65:db:ed:bd:1b:22:4d:b0:b4:95:a4:
ef:cc:86:e6:c0:00:71:7f:58:68:e6:a9:e2:c0:da:
c8:ca:31:0d:6c:c0:a6:3b:8e:c0:01:5a:9f:a8:2a:
c0:42:2c:85:c0:ce:67:c1:b2:d4:dd:b6:6e:b2:16:
53:7c:ed:61:09:0b:4a:b5:67:5e:55:de:03:9f:9a:
87:2c:16:dc:a6:b0:b5:79:b8:b0:96:e4:f6:79:7c:
ac:14:96:3c:8c:f6:d5:3c:0f:67:ad:bb:3a:e2:fb:
bb:27:97:11:83:08:30:7a:4d:23:c3:f4:c1:96:75:
e7:9c:d3:54:b7:e7:d0:8a:a4:f8:f5:e6:0a:b9:12:
32:f6:b3:51:3d:a5:76:51:3f:4a:0d:52:7b:17:8f:
8f:4b:fa:9c:de:72:51:9d:e4:8d:2d:b0:d2:74:2e:
07:7e:78:c1:80:69:e1:82:45:ba:2c:1d:39:3c:0e:
c7:1c:55:23:28:75:2b:05:0b:40:c2:41:39:bb:cd:
4e:fe:4c:ed:f2:a3:6e:e2:23:40:75:af:c2:3d:01:
d8:28:2c:21:f9:14:83:3e:f9:f5:f5:52:77:4d:4a:
d7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F4:00:C8:02:8B:F6:C0:98:3D:F1:E2:86:68:0F:4D:6D:43:BE:70
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/wfQAyAKL9sCYPfHihmgPTW1DvnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.160.0/24
145.128.0.0/17
IPv6:
2001:67c:104c::/48
Signature Algorithm: sha256WithRSAEncryption
7f:52:02:8d:ac:f2:4c:0a:9c:bb:9b:1b:93:d8:03:94:04:b7:
14:ee:0f:78:a4:bd:13:e2:5e:f0:e5:79:29:b0:05:b6:f7:67:
4e:78:32:5d:3b:bc:27:2b:a5:aa:6a:e3:94:14:92:41:83:e5:
c1:33:27:5a:fb:03:2b:56:f1:8b:f3:3a:76:19:83:da:a7:4a:
21:ba:34:b2:e7:20:7c:06:6f:b6:86:c6:fb:51:fc:c9:79:f6:
fe:37:39:fe:0d:62:ee:ee:54:e2:c3:4e:2a:fd:f5:39:fd:ab:
14:3b:07:b9:f9:3b:30:da:7f:03:9a:4e:0e:00:b2:c8:08:b7:
7d:d6:f6:62:b6:e1:11:65:88:5e:ed:41:43:9b:ae:0e:84:82:
73:b8:6f:e9:ec:55:e7:63:d2:d4:ee:c6:f2:f5:36:73:fe:2a:
c0:71:4b:1b:3b:2e:45:70:71:45:0e:cc:54:5f:00:58:d0:e1:
58:00:91:6c:9b:d4:98:0a:2b:10:de:b9:b5:4e:b7:d3:2e:35:
4d:c1:03:49:2a:5c:9a:b7:88:79:48:ca:fb:55:51:01:aa:cc:
7d:71:0d:e3:79:e7:16:aa:e6:89:e5:16:02:7f:3c:39:e4:9b:
ad:28:e5:f5:d7:7a:84:47:5f:27:b4:27:67:31:3c:6a:58:cb:
ed:d7:bf:95
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVyOjWKvCJgDdBZl5tmFAptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjMwMTAyMTEyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWY0MDBjODAyOGJmNmMwOTgzZGYxZTI4NjY4MGY0ZDZkNDNiZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuk4+4TGn1Ta9mfwrbEKYzmLaooFX
MdNY+krPLNnvsaVrZdvtvRsiTbC0laTvzIbmwABxf1ho5qniwNrIyjENbMCmO47A
AVqfqCrAQiyFwM5nwbLU3bZushZTfO1hCQtKtWdeVd4Dn5qHLBbcprC1ebiwluT2
eXysFJY8jPbVPA9nrbs64vu7J5cRgwgwek0jw/TBlnXnnNNUt+fQiqT49eYKuRIy
9rNRPaV2UT9KDVJ7F4+PS/qc3nJRneSNLbDSdC4HfnjBgGnhgkW6LB05PA7HHFUj
KHUrBQtAwkE5u81O/kzt8qNu4iNAda/CPQHYKCwh+RSDPvn19VJ3TUrXNwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMH0AMgCi/bAmD3x4oZoD01tQ75wMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvd2ZRQXlBS0w5c0NZUGZIaWhtZ1BUVzFEdm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW/KgAwQH
kYAAMA8EAgACMAkDBwAgAQZ8EEwwDQYJKoZIhvcNAQELBQADggEBAH9SAo2s8kwK
nLubG5PYA5QEtxTuD3ikvRPiXvDleSmwBbb3Z054Ml07vCcrpapq45QUkkGD5cEz
J1r7AytW8YvzOnYZg9qnSiG6NLLnIHwGb7aGxvtR/Ml59v43Of4NYu7uVOLDTir9
9Tn9qxQ7B7n5OzDafwOaTg4AssgIt33W9mK24RFliF7tQUObrg6EgnO4b+nsVedj
0tTuxvL1NnP+KsBxSxs7LkVwcUUOzFRfAFjQ4VgAkWyb1JgKKxDeubVOt9MuNU3B
A0kqXJq3iHlIyvtVUQGqzH1xDeN55xaq5onlFgJ/PDnkm60o5fXXeoRHXye0J2cx
PGpYy+3Xv5U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:51 2024 by rpki-client on console-ams.rpki-client.org