Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/w7rZhpzoBeAYBryG5G8Tptk5Wko.roa
File: w7rZhpzoBeAYBryG5G8Tptk5Wko.roa (raw, json)
Hash identifier: bsnmIZHrhVHNHQB+hcYwARfloBor+6c4ELrKsaC1TZ8=
Subject key identifier: C3:BA:D9:86:9C:E8:05:E0:18:06:BC:86:E4:6F:13:A6:D9:39:5A:4A
Certificate issuer: /CN=16d96cf4109a4a85d1863bf54aa4fa3e81e0c0e6
Certificate serial: 018CC64AD2EE9A7DB7C354926C36A82828A8
Authority key identifier: 16:D9:6C:F4:10:9A:4A:85:D1:86:3B:F5:4A:A4:FA:3E:81:E0:C0:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ftls9BCaSoXRhjv1SqT6PoHgwOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/w7rZhpzoBeAYBryG5G8Tptk5Wko.roa
Signing time: Mon 01 Jan 2024 18:30:41 +0000
ROA not before: Mon 01 Jan 2024 18:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44549
IP address blocks: 185.205.116.0/22 maxlen: 22
91.199.161.0/24 maxlen: 24
194.247.162.0/23 maxlen: 23
5.32.136.0/21 maxlen: 21
2a06:c180::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 24 Oct 2024 07:35:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:d2:ee:9a:7d:b7:c3:54:92:6c:36:a8:28:28:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16d96cf4109a4a85d1863bf54aa4fa3e81e0c0e6
Validity
Not Before: Jan 1 18:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3bad9869ce805e01806bc86e46f13a6d9395a4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5e:c2:45:15:37:73:42:e7:b0:96:ec:16:74:
1b:14:4b:e3:8c:b0:24:c2:2f:97:f5:c4:30:1e:7c:
51:e2:16:69:3d:f3:56:d1:15:5d:0f:3e:ee:77:7a:
0b:f8:2a:80:ef:f2:f7:d4:1e:ed:7d:1f:db:e3:76:
12:f1:1a:c2:e5:3f:bd:40:cd:40:06:b3:69:7a:bb:
86:73:57:15:b5:d6:5f:d2:85:16:06:d8:00:9e:e3:
d2:f8:68:35:d1:d5:4c:67:ae:05:9c:d0:6f:7b:b1:
a1:27:ce:66:65:61:ca:5a:f2:95:c5:e3:08:69:38:
89:39:45:6b:ce:53:cd:ad:ab:77:31:63:7c:20:ff:
82:4d:ac:a1:b3:f9:1e:9f:44:9c:6a:0b:24:68:5b:
b1:37:a8:83:de:e2:36:ee:28:77:36:bd:cd:9b:9d:
f8:12:9c:ac:5e:b4:7b:ff:5c:fd:9a:e3:5c:ce:83:
80:c3:a0:f5:6c:31:28:f5:ba:22:5c:fc:b1:d8:92:
c6:9c:8b:0d:ca:60:22:2e:e0:0b:9c:88:bb:79:d5:
3e:de:81:a5:8a:a0:ce:80:0f:34:e1:80:a8:bf:da:
81:e1:9d:a7:db:f5:a3:58:6a:8b:82:ee:50:91:7e:
b2:14:3e:6b:39:8f:7c:3d:33:49:0d:a7:db:e3:5a:
3f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:BA:D9:86:9C:E8:05:E0:18:06:BC:86:E4:6F:13:A6:D9:39:5A:4A
X509v3 Authority Key Identifier:
keyid:16:D9:6C:F4:10:9A:4A:85:D1:86:3B:F5:4A:A4:FA:3E:81:E0:C0:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ftls9BCaSoXRhjv1SqT6PoHgwOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/w7rZhpzoBeAYBryG5G8Tptk5Wko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/Ftls9BCaSoXRhjv1SqT6PoHgwOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.136.0/21
91.199.161.0/24
185.205.116.0/22
194.247.162.0/23
IPv6:
2a06:c180::/29
Signature Algorithm: sha256WithRSAEncryption
b6:92:30:01:f2:a3:f6:09:c4:6b:fd:6a:a4:ea:30:e3:0e:c0:
61:01:ae:38:1e:05:63:e1:0a:4e:97:21:35:e8:31:e4:5e:27:
32:9c:6f:8e:22:a3:f3:49:51:83:3c:17:cb:10:90:70:c7:e8:
0c:02:04:62:d4:88:0b:bd:b5:1c:2b:bf:b7:46:f4:f0:3d:23:
67:8c:18:ae:d5:13:e2:2d:c9:60:07:b7:28:53:4f:85:1c:9d:
9c:ed:5a:07:e9:00:41:5f:0c:68:18:36:2d:4a:5b:44:f0:1e:
dc:43:b5:73:fc:8c:78:15:05:fb:0e:45:10:00:af:bf:a9:35:
2d:d6:c6:d9:49:d4:69:f9:77:13:18:8c:34:03:68:1d:d3:39:
fc:a9:15:10:fe:1a:35:92:e2:c3:0b:39:d5:ba:cc:9e:40:ee:
c0:a2:74:87:16:5c:86:7f:04:a6:6f:5e:2b:35:9f:b1:a8:07:
bb:0c:8e:9a:e6:3d:98:ea:5f:4d:a0:07:c6:4d:ac:c8:d5:f4:
27:a0:e9:ef:5c:1e:b9:5c:da:2a:ce:5d:7b:58:69:39:f8:bb:
73:33:c9:87:f2:ee:a9:54:4d:42:b1:28:3b:49:de:1c:49:92:
bb:db:73:6f:97:86:37:e1:7d:c8:79:d0:a2:fa:af:a9:d0:71:
e3:af:7c:7a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGStLumn23w1SSbDaoKCioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZDk2Y2Y0MTA5YTRhODVkMTg2M2JmNTRhYTRmYTNlODFl
MGMwZTYwHhcNMjQwMTAxMTgzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2JhZDk4NjljZTgwNWUwMTgwNmJjODZlNDZmMTNhNmQ5Mzk1YTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl17CRRU3c0LnsJbsFnQbFEvjjLAk
wi+X9cQwHnxR4hZpPfNW0RVdDz7ud3oL+CqA7/L31B7tfR/b43YS8RrC5T+9QM1A
BrNperuGc1cVtdZf0oUWBtgAnuPS+Gg10dVMZ64FnNBve7GhJ85mZWHKWvKVxeMI
aTiJOUVrzlPNrat3MWN8IP+CTayhs/ken0ScagskaFuxN6iD3uI27ih3Nr3Nm534
EpysXrR7/1z9muNczoOAw6D1bDEo9boiXPyx2JLGnIsNymAiLuALnIi7edU+3oGl
iqDOgA804YCov9qB4Z2n2/WjWGqLgu5QkX6yFD5rOY98PTNJDafb41o/9wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMO62Yac6AXgGAa8huRvE6bZOVpKMB8GA1UdIwQY
MBaAFBbZbPQQmkqF0YY79Uqk+j6B4MDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnRsczlCQ2FTb1hSaGp2MVNxVDZQb0hnd09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xMzYxNTYtMDc1My00MDcyLTkyYjAt
MTQwN2MwOGRiNTgyLzEvdzdyWmhwem9CZUFZQnJ5RzVHOFRwdGs1V2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xMzYxNTYtMDc1My00MDcyLTkyYjAtMTQwN2MwOGRiNTgy
LzEvRnRsczlCQ2FTb1hSaGp2MVNxVDZQb0hnd09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBSCIAwQA
W8ehAwQCuc10AwQBwveiMA0EAgACMAcDBQMqBsGAMA0GCSqGSIb3DQEBCwUAA4IB
AQC2kjAB8qP2CcRr/Wqk6jDjDsBhAa44HgVj4QpOlyE16DHkXicynG+OIqPzSVGD
PBfLEJBwx+gMAgRi1IgLvbUcK7+3RvTwPSNnjBiu1RPiLclgB7coU0+FHJ2c7VoH
6QBBXwxoGDYtSltE8B7cQ7Vz/Ix4FQX7DkUQAK+/qTUt1sbZSdRp+XcTGIw0A2gd
0zn8qRUQ/ho1kuLDCznVusyeQO7AonSHFlyGfwSmb14rNZ+xqAe7DI6a5j2Y6l9N
oAfGTazI1fQnoOnvXB65XNoqzl17WGk5+LtzM8mH8u6pVE1CsSg7Sd4cSZK723Nv
l4Y34X3IedCi+q+p0HHjr3x6
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:39 2025 by rpki-client