Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/WkkRqLj1c4v_2AA7ILATSGsO-C4.roa
File: WkkRqLj1c4v_2AA7ILATSGsO-C4.roa (raw, json)
Hash identifier: tU+G7S8S2VhHSCPUQZPJjoBmP7V+g6rtjckBqtBnm9Q=
Subject key identifier: 5A:49:11:A8:B8:F5:73:8B:FF:D8:00:3B:20:B0:13:48:6B:0E:F8:2E
Certificate issuer: /CN=2bb330942298f75823cbb980c8eb2acf0b7c0c1b
Certificate serial: 01856D7862B0ECDA4C8C56FB2F0EE505BD3D
Authority key identifier: 2B:B3:30:94:22:98:F7:58:23:CB:B9:80:C8:EB:2A:CF:0B:7C:0C:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K7MwlCKY91gjy7mAyOsqzwt8DBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/WkkRqLj1c4v_2AA7ILATSGsO-C4.roa
Signing time: Sun 01 Jan 2023 13:14:44 +0000
ROA not before: Sun 01 Jan 2023 13:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200154
IP address blocks: 185.32.44.0/24 maxlen: 24
185.32.44.0/22 maxlen: 22
185.32.47.0/24 maxlen: 24
185.32.45.0/24 maxlen: 24
185.32.46.0/24 maxlen: 24
2a00:c0a0::/32 maxlen: 32
2a00:c0a0:c000::/34 maxlen: 34
2a00:c0a0:8000::/34 maxlen: 34
2a00:c0a0:4000::/34 maxlen: 34
2a00:c0a0::/34 maxlen: 34
Validation: Failed, certificate revoked on Tue 23 May 2023 13:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:62:b0:ec:da:4c:8c:56:fb:2f:0e:e5:05:bd:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bb330942298f75823cbb980c8eb2acf0b7c0c1b
Validity
Not Before: Jan 1 13:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a4911a8b8f5738bffd8003b20b013486b0ef82e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c4:ef:5e:5e:5b:7e:84:36:50:a8:52:c7:86:
2f:49:bd:4b:03:89:d2:34:38:af:0b:c3:33:3b:ea:
f0:81:4d:62:80:71:64:27:3b:66:79:04:5c:50:1b:
26:fd:f1:aa:15:36:ac:4a:62:7d:9e:31:c2:0a:bd:
c0:4e:76:35:72:fa:a9:e5:58:46:2b:ca:d8:df:9c:
74:13:e9:44:67:cb:fc:26:3d:4d:68:19:b6:77:81:
48:58:44:f1:1b:12:3d:b8:51:1b:54:8d:bb:ba:ab:
71:81:ff:c3:0a:ba:a6:10:ac:43:e5:69:58:d4:62:
35:2e:12:28:4d:ab:ce:06:e3:dd:1c:cb:1e:9c:51:
77:95:a6:3d:f0:28:25:5d:04:e5:47:d3:3b:95:3f:
63:b4:b4:2e:e9:7b:f4:f4:f7:23:3b:41:55:b0:f5:
6c:a6:9e:2b:d9:ee:e7:15:82:97:ce:a7:be:f6:15:
25:f2:07:25:aa:42:cb:1a:30:e2:fc:12:c5:6e:26:
ae:9b:bb:37:67:09:4b:1a:b3:91:e1:71:de:53:89:
b7:d1:80:80:c2:88:ae:21:15:85:77:68:b5:99:a5:
ca:0d:37:4b:8a:39:2f:6b:04:90:84:22:8c:5f:a9:
ce:70:8b:f2:90:80:ee:3f:e8:29:3e:d3:7a:14:e6:
7f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:49:11:A8:B8:F5:73:8B:FF:D8:00:3B:20:B0:13:48:6B:0E:F8:2E
X509v3 Authority Key Identifier:
keyid:2B:B3:30:94:22:98:F7:58:23:CB:B9:80:C8:EB:2A:CF:0B:7C:0C:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7MwlCKY91gjy7mAyOsqzwt8DBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/WkkRqLj1c4v_2AA7ILATSGsO-C4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/K7MwlCKY91gjy7mAyOsqzwt8DBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.44.0/22
IPv6:
2a00:c0a0::/32
Signature Algorithm: sha256WithRSAEncryption
64:c3:72:82:4f:15:c7:87:8a:ac:39:a3:e1:c7:b0:4d:0f:d1:
da:54:84:2a:47:9a:be:5b:95:3a:ad:19:61:05:a0:7c:24:d5:
b4:3a:68:21:b1:c8:25:20:b4:73:3a:a3:a5:5e:07:7f:76:3d:
73:f3:b0:d7:c8:b4:67:24:7f:b8:e6:b7:a3:ae:c0:56:0f:0c:
f8:05:7b:23:a3:b1:ff:00:74:d7:43:06:3e:ee:5e:37:84:89:
ab:c1:08:33:d2:10:12:54:e1:e1:88:75:83:3f:74:56:38:09:
b5:71:bd:b0:42:73:a1:bc:3d:ef:7f:3e:5e:bf:33:f9:c5:42:
52:29:07:dc:07:a2:7d:81:f5:b0:e7:63:a3:20:74:d7:ba:73:
c9:e3:10:4a:ea:57:7f:05:51:ac:86:47:31:8c:73:af:b2:29:
56:f3:7e:76:9e:0e:8b:01:24:fb:67:d3:11:11:c4:4e:17:09:
5e:56:9d:a6:b9:dc:e4:77:e9:3c:37:5f:38:cc:c5:0a:64:98:
b3:6f:1f:fc:09:7e:d7:58:7b:b0:6a:bc:e4:6d:48:bf:14:96:
f3:62:3d:ce:bc:55:11:55:8a:d0:00:1d:64:db:2d:f1:e1:cf:
f4:73:ed:d0:a7:d3:f3:e0:7b:09:79:09:53:f2:fe:b9:ee:32:
a6:0c:0e:70
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVteGKw7NpMjFb7Lw7lBb09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYjMzMDk0MjI5OGY3NTgyM2NiYjk4MGM4ZWIyYWNmMGI3
YzBjMWIwHhcNMjMwMTAxMTMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTQ5MTFhOGI4ZjU3MzhiZmZkODAwM2IyMGIwMTM0ODZiMGVmODJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscTvXl5bfoQ2UKhSx4YvSb1LA4nS
NDivC8MzO+rwgU1igHFkJztmeQRcUBsm/fGqFTasSmJ9njHCCr3ATnY1cvqp5VhG
K8rY35x0E+lEZ8v8Jj1NaBm2d4FIWETxGxI9uFEbVI27uqtxgf/DCrqmEKxD5WlY
1GI1LhIoTavOBuPdHMsenFF3laY98CglXQTlR9M7lT9jtLQu6Xv09PcjO0FVsPVs
pp4r2e7nFYKXzqe+9hUl8gclqkLLGjDi/BLFbiaum7s3ZwlLGrOR4XHeU4m30YCA
woiuIRWFd2i1maXKDTdLijkvawSQhCKMX6nOcIvykIDuP+gpPtN6FOZ/cwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFpJEai49XOL/9gAOyCwE0hrDvguMB8GA1UdIwQY
MBaAFCuzMJQimPdYI8u5gMjrKs8LfAwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzdNd2xDS1k5MWdqeTdtQXlPc3F6d3Q4REJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85OTA3NDctMzQ1NC00NDEyLThmMDYt
NmIzYTQ3NjY3Y2E4LzEvV2trUnFMajFjNHZfMkFBN0lMQVRTR3NPLUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85OTA3NDctMzQ1NC00NDEyLThmMDYtNmIzYTQ3NjY3Y2E4
LzEvSzdNd2xDS1k5MWdqeTdtQXlPc3F6d3Q4REJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSAsMA0E
AgACMAcDBQAqAMCgMA0GCSqGSIb3DQEBCwUAA4IBAQBkw3KCTxXHh4qsOaPhx7BN
D9HaVIQqR5q+W5U6rRlhBaB8JNW0OmghscglILRzOqOlXgd/dj1z87DXyLRnJH+4
5rejrsBWDwz4BXsjo7H/AHTXQwY+7l43hImrwQgz0hASVOHhiHWDP3RWOAm1cb2w
QnOhvD3vfz5evzP5xUJSKQfcB6J9gfWw52OjIHTXunPJ4xBK6ld/BVGshkcxjHOv
silW8352ng6LAST7Z9MREcROFwleVp2mudzkd+k8N184zMUKZJizbx/8CX7XWHuw
arzkbUi/FJbzYj3OvFURVYrQAB1k2y3x4c/0c+3Qp9Pz4HsJeQlT8v657jKmDA5w
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:32 2024 by rpki-client on console-ams.rpki-client.org