Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/WxIFnz4Vye6lVlijPesTxme2mlc.roa
File: WxIFnz4Vye6lVlijPesTxme2mlc.roa (raw, json)
Hash identifier: SWxhl3jSrOn9P1Eu/OmxtHe1BHW/53zCtsC+oxH/AMQ=
Subject key identifier: 5B:12:05:9F:3E:15:C9:EE:A5:56:58:A3:3D:EB:13:C6:67:B6:9A:57
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 01856C4A42EBB77BA3CF392A14F94F17ADEE
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/WxIFnz4Vye6lVlijPesTxme2mlc.roa
Signing time: Sun 01 Jan 2023 07:44:43 +0000
ROA not before: Sun 01 Jan 2023 07:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31257
IP address blocks: 80.65.16.0/20 maxlen: 24
109.226.192.0/18 maxlen: 24
171.33.248.0/21 maxlen: 24
185.84.172.0/23 maxlen: 23
185.84.172.0/24 maxlen: 24
185.84.173.0/24 maxlen: 24
94.73.192.0/18 maxlen: 24
134.19.128.0/21 maxlen: 24
2a05:7400::/29 maxlen: 29
2a05:7400::/34 maxlen: 34
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:42:eb:b7:7b:a3:cf:39:2a:14:f9:4f:17:ad:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Jan 1 07:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b12059f3e15c9eea55658a33deb13c667b69a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:43:73:5d:2e:39:88:77:a8:b8:85:19:b9:da:
52:df:78:71:af:1d:fe:c2:f2:aa:6d:01:03:60:2b:
1a:49:b8:46:d9:b3:a3:85:1c:cd:0b:a9:18:0a:d8:
65:e2:dc:8b:2d:4b:87:64:af:c8:97:22:ac:76:34:
3d:5f:d1:6d:df:13:66:93:84:38:35:48:f7:26:52:
a9:32:55:8a:1e:f6:cd:30:9b:e4:f2:47:78:01:d5:
5d:a5:ae:94:9c:01:1f:16:8f:0c:13:18:26:88:f8:
61:c8:9d:89:6d:77:20:17:92:08:56:e7:92:d2:4d:
13:13:0f:0e:1e:e2:b2:08:b6:64:fe:80:91:f3:31:
12:11:e1:ac:32:d7:f0:f8:b5:57:74:16:b5:48:32:
ab:f5:e9:cd:bf:f8:2c:c5:93:ff:9f:ab:35:ad:42:
8b:99:04:5f:46:01:ab:23:0f:cd:e0:0c:da:a6:8a:
df:36:a1:dd:a4:26:0d:59:8b:c7:d3:52:26:0a:af:
e5:a6:b3:84:1c:66:0d:c7:be:b1:f7:c5:39:3d:35:
1e:3f:78:4c:de:b2:6c:6d:63:46:88:3b:31:24:91:
f7:55:a2:e6:67:a2:e9:48:7e:50:18:83:8c:66:27:
7c:c0:95:e3:0a:97:cf:74:97:14:de:3a:c8:1e:32:
f4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:12:05:9F:3E:15:C9:EE:A5:56:58:A3:3D:EB:13:C6:67:B6:9A:57
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/WxIFnz4Vye6lVlijPesTxme2mlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.65.16.0/20
94.73.192.0/18
109.226.192.0/18
134.19.128.0/21
171.33.248.0/21
185.84.172.0/23
IPv6:
2a05:7400::/29
Signature Algorithm: sha256WithRSAEncryption
23:e4:ff:52:31:4c:c1:5b:33:f4:38:6d:32:fb:e6:89:8d:9c:
79:52:92:81:60:61:06:96:f6:3b:d9:32:83:6d:7d:29:75:fb:
bf:ca:bf:c4:30:c4:21:90:f3:c9:06:93:c7:1e:84:34:3f:14:
5d:5e:0e:fe:9f:7c:49:52:4b:e6:fa:cc:0b:03:2a:b6:36:8a:
73:79:34:39:57:67:b3:c7:82:1b:67:88:b1:c4:78:4e:b7:28:
c0:b5:bb:c3:b7:a3:2a:8c:d3:fe:1c:91:da:ac:8f:df:34:66:
9c:a2:b4:3f:2e:a0:37:70:53:6a:b8:87:c0:11:37:4d:ab:4e:
e1:93:8a:7f:2c:f3:74:d8:49:19:5b:43:bf:ad:18:70:91:f6:
2c:95:10:76:c0:11:6c:ae:7e:ea:b9:a7:c5:9b:61:45:61:db:
03:27:d6:fc:fa:bc:ea:58:f6:df:48:90:84:f4:49:a8:c8:bd:
19:7f:63:a7:aa:21:c2:0a:82:c7:a8:b5:82:c3:29:e4:3e:fb:
f6:92:96:96:d8:a6:81:13:1c:71:ef:d6:68:98:71:17:98:0a:
73:b9:9f:1d:05:7b:cb:6b:4e:f2:61:3a:bb:8e:af:ea:38:d4:
6a:7b:81:d9:84:31:1c:f5:11:b7:29:2a:bb:1f:ac:22:b7:4d:
ba:43:14:7f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVsSkLrt3ujzzkqFPlPF63uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjMwMTAxMDc0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjEyMDU5ZjNlMTVjOWVlYTU1NjU4YTMzZGViMTNjNjY3YjY5YTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUNzXS45iHeouIUZudpS33hxrx3+
wvKqbQEDYCsaSbhG2bOjhRzNC6kYCthl4tyLLUuHZK/IlyKsdjQ9X9Ft3xNmk4Q4
NUj3JlKpMlWKHvbNMJvk8kd4AdVdpa6UnAEfFo8MExgmiPhhyJ2JbXcgF5IIVueS
0k0TEw8OHuKyCLZk/oCR8zESEeGsMtfw+LVXdBa1SDKr9enNv/gsxZP/n6s1rUKL
mQRfRgGrIw/N4AzaporfNqHdpCYNWYvH01ImCq/lprOEHGYNx76x98U5PTUeP3hM
3rJsbWNGiDsxJJH3VaLmZ6LpSH5QGIOMZid8wJXjCpfPdJcU3jrIHjL0ZwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFsSBZ8+FcnupVZYoz3rE8ZntppXMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvV3hJRm56NFZ5ZTZsVmxpalBlc1R4bWUybWxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEUEEQAwQG
XknAAwQGbeLAAwQDhhOAAwQDqyH4AwQBuVSsMA0EAgACMAcDBQMqBXQAMA0GCSqG
SIb3DQEBCwUAA4IBAQAj5P9SMUzBWzP0OG0y++aJjZx5UpKBYGEGlvY72TKDbX0p
dfu/yr/EMMQhkPPJBpPHHoQ0PxRdXg7+n3xJUkvm+swLAyq2NopzeTQ5V2ezx4Ib
Z4ixxHhOtyjAtbvDt6MqjNP+HJHarI/fNGacorQ/LqA3cFNquIfAETdNq07hk4p/
LPN02EkZW0O/rRhwkfYslRB2wBFsrn7quafFm2FFYdsDJ9b8+rzqWPbfSJCE9Emo
yL0Zf2OnqiHCCoLHqLWCwynkPvv2kpaW2KaBExxx79ZomHEXmApzuZ8dBXvLa07y
YTq7jq/qONRqe4HZhDEc9RG3KSq7H6wit026QxR/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:23 2024 by rpki-client on console-fra.rpki-client.org