Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/WPfjKh-bKiBdsR-_kFtHpQkXCxA.roa
File: WPfjKh-bKiBdsR-_kFtHpQkXCxA.roa (raw, json)
Hash identifier: r8InMjMbIP03nomIF3eXjXrkW8wVT4V9A/5ZybtjwmI=
Subject key identifier: 58:F7:E3:2A:1F:9B:2A:20:5D:B1:1F:BF:90:5B:47:A5:09:17:0B:10
Certificate issuer: /CN=3d563e205ad217433709b200a0dcd30c70961c96
Certificate serial: 01856CA5E24D1430786758B05217866DCB5C
Authority key identifier: 3D:56:3E:20:5A:D2:17:43:37:09:B2:00:A0:DC:D3:0C:70:96:1C:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PVY-IFrSF0M3CbIAoNzTDHCWHJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/WPfjKh-bKiBdsR-_kFtHpQkXCxA.roa
Signing time: Sun 01 Jan 2023 09:24:48 +0000
ROA not before: Sun 01 Jan 2023 09:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34612
IP address blocks: 185.50.208.0/22 maxlen: 22
141.138.216.0/21 maxlen: 21
178.20.56.0/21 maxlen: 21
91.215.148.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 04 Jan 2023 12:17:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:a5:e2:4d:14:30:78:67:58:b0:52:17:86:6d:cb:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d563e205ad217433709b200a0dcd30c70961c96
Validity
Not Before: Jan 1 09:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58f7e32a1f9b2a205db11fbf905b47a509170b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a3:5d:98:64:dd:bf:76:56:22:d5:a6:4f:55:
2a:95:4a:cd:e9:c7:8c:c5:cc:a5:90:99:13:2d:58:
7b:4a:44:e4:59:84:06:6d:ec:1a:3b:f8:af:c2:d5:
a7:51:4d:74:90:0f:49:62:8a:08:a1:c1:c5:4e:30:
a8:8b:c5:14:93:70:c2:ce:14:7b:f9:0f:61:ae:e1:
28:09:e0:3d:10:ed:f4:61:d1:ac:73:dc:42:f3:94:
20:a9:0b:83:14:7e:d5:53:eb:38:78:18:36:9d:80:
e1:2e:e6:ba:8d:02:1d:87:4c:51:5e:b2:b7:2f:6d:
d9:88:93:d7:cd:cf:d4:b6:5c:8e:16:35:45:49:ba:
cd:a8:15:b0:6e:93:10:34:fc:fb:48:c9:ee:34:09:
89:3d:43:5f:57:16:6e:06:67:63:a3:16:35:e3:a4:
97:20:e6:70:bb:2f:d0:81:a8:a3:cd:5a:7c:aa:82:
fe:a2:9d:07:ea:be:f2:64:a2:e0:ee:8a:13:5c:b3:
18:a6:4d:3f:d7:0d:a8:25:fa:a5:d8:f0:f7:cf:cc:
11:e9:7f:af:ad:03:4f:03:28:9b:a4:a4:f3:a8:e1:
c9:71:3a:e5:78:c2:62:2d:3f:37:5e:64:ed:e1:c2:
54:73:c5:c9:bd:f5:ec:c3:02:42:43:35:1e:49:5f:
0a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:F7:E3:2A:1F:9B:2A:20:5D:B1:1F:BF:90:5B:47:A5:09:17:0B:10
X509v3 Authority Key Identifier:
keyid:3D:56:3E:20:5A:D2:17:43:37:09:B2:00:A0:DC:D3:0C:70:96:1C:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PVY-IFrSF0M3CbIAoNzTDHCWHJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/WPfjKh-bKiBdsR-_kFtHpQkXCxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/PVY-IFrSF0M3CbIAoNzTDHCWHJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.148.0/22
141.138.216.0/21
178.20.56.0/21
185.50.208.0/22
Signature Algorithm: sha256WithRSAEncryption
34:99:15:37:89:73:d1:a9:cb:7d:62:5f:11:d5:12:df:73:fa:
42:d8:6b:f5:c6:22:41:b3:26:2f:38:fe:53:6e:fb:cc:d7:d2:
da:8c:0d:6f:7c:b3:b3:21:c9:af:1b:fc:2f:d2:6f:b5:39:50:
4c:e1:ed:df:79:28:b1:70:0b:05:7b:6c:89:0c:f3:64:41:a6:
da:13:1b:1a:e9:e3:ce:0e:53:79:e4:66:0a:75:fe:98:ec:82:
c0:c5:4f:b0:b8:58:17:c3:68:8d:19:98:04:9b:f3:0a:be:27:
27:53:22:65:03:9a:47:bc:05:b3:d0:1c:cf:c4:67:e7:c6:fc:
8f:9a:32:61:14:0c:ae:d2:0f:f2:d0:f2:80:8c:66:a4:fc:22:
9b:67:d0:c3:a3:80:97:2d:35:ff:7d:4c:a9:f2:a3:13:59:2f:
a9:6e:e0:0e:cd:df:85:02:6c:1f:36:d2:c6:f6:ff:6b:5d:f6:
bb:58:f4:3b:35:46:8d:a6:55:c1:84:ba:78:95:6f:81:c5:0f:
84:e3:d6:31:4d:55:77:3d:38:02:85:af:16:51:d8:67:6f:34:
44:e5:70:0a:29:9e:e1:28:cd:46:12:2c:53:70:b5:ea:26:0f:
35:03:07:a8:8d:b8:6c:d3:47:02:51:0e:7d:bc:b1:f7:d7:cf:
34:91:d3:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVspeJNFDB4Z1iwUheGbctcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNTYzZTIwNWFkMjE3NDMzNzA5YjIwMGEwZGNkMzBjNzA5
NjFjOTYwHhcNMjMwMTAxMDkyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGY3ZTMyYTFmOWIyYTIwNWRiMTFmYmY5MDViNDdhNTA5MTcwYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqNdmGTdv3ZWItWmT1UqlUrN6ceM
xcylkJkTLVh7SkTkWYQGbewaO/ivwtWnUU10kA9JYooIocHFTjCoi8UUk3DCzhR7
+Q9hruEoCeA9EO30YdGsc9xC85QgqQuDFH7VU+s4eBg2nYDhLua6jQIdh0xRXrK3
L23ZiJPXzc/UtlyOFjVFSbrNqBWwbpMQNPz7SMnuNAmJPUNfVxZuBmdjoxY146SX
IOZwuy/QgaijzVp8qoL+op0H6r7yZKLg7ooTXLMYpk0/1w2oJfql2PD3z8wR6X+v
rQNPAyibpKTzqOHJcTrleMJiLT83XmTt4cJUc8XJvfXswwJCQzUeSV8KTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFj34yofmyogXbEfv5BbR6UJFwsQMB8GA1UdIwQY
MBaAFD1WPiBa0hdDNwmyAKDc0wxwlhyWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFZZLUlGclNGME0zQ2JJQW9OelRESENXSEpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lZjY0YzUtOTQ4Ny00MGZkLWI2Njkt
ZTg0NGUyYzJlOWRhLzEvV1BmaktoLWJLaUJkc1ItX2tGdEhwUWtYQ3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lZjY0YzUtOTQ4Ny00MGZkLWI2NjktZTg0NGUyYzJlOWRh
LzEvUFZZLUlGclNGME0zQ2JJQW9OelRESENXSEpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW9eUAwQD
jYrYAwQDshQ4AwQCuTLQMA0GCSqGSIb3DQEBCwUAA4IBAQA0mRU3iXPRqct9Yl8R
1RLfc/pC2Gv1xiJBsyYvOP5TbvvM19LajA1vfLOzIcmvG/wv0m+1OVBM4e3feSix
cAsFe2yJDPNkQabaExsa6ePODlN55GYKdf6Y7ILAxU+wuFgXw2iNGZgEm/MKvicn
UyJlA5pHvAWz0BzPxGfnxvyPmjJhFAyu0g/y0PKAjGak/CKbZ9DDo4CXLTX/fUyp
8qMTWS+pbuAOzd+FAmwfNtLG9v9rXfa7WPQ7NUaNplXBhLp4lW+BxQ+E49YxTVV3
PTgCha8WUdhnbzRE5XAKKZ7hKM1GEixTcLXqJg81Aweojbhs00cCUQ59vLH31880
kdND
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:50 2024 by rpki-client on console-ams.rpki-client.org