Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/wQV6mVAYGumXPolI7jNhyonbqrk.roa
File: wQV6mVAYGumXPolI7jNhyonbqrk.roa (raw, json)
Hash identifier: PbCCSgD1mBEGOgR6aj+bDvsDRN325m5ItPqB60fOyi8=
Subject key identifier: C1:05:7A:99:50:18:1A:E9:97:3E:89:48:EE:33:61:CA:89:DB:AA:B9
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 01856C0A4ACA5673DC40B6DE96E71CBD8AC9
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/wQV6mVAYGumXPolI7jNhyonbqrk.roa
Signing time: Sun 01 Jan 2023 06:34:51 +0000
ROA not before: Sun 01 Jan 2023 06:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 92.240.201.0/24 maxlen: 24
92.240.205.0/24 maxlen: 24
92.240.214.0/24 maxlen: 24
92.240.216.0/24 maxlen: 24
89.185.86.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Jan 2023 14:52:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:4a:ca:56:73:dc:40:b6:de:96:e7:1c:bd:8a:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Jan 1 06:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1057a9950181ae9973e8948ee3361ca89dbaab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2c:00:87:82:bb:c7:8e:b3:82:9a:0f:d7:f9:
79:bc:27:9f:93:3a:e4:d7:00:7a:24:a7:b1:7a:ec:
0d:b7:90:e5:6a:f9:f3:62:7c:49:11:52:06:a1:da:
0d:64:3c:ed:43:d7:fb:ce:c2:7b:32:fa:7d:1f:b8:
80:c4:44:c7:d6:8a:e1:59:79:15:d3:d2:a7:20:2c:
00:f4:26:ac:e1:e3:8a:52:4a:db:31:68:7c:d4:11:
c0:62:03:11:24:19:0b:19:d6:bc:d1:8d:cd:5b:86:
33:08:66:a6:64:5a:19:e6:a5:c9:ae:fa:49:e3:0a:
b2:1d:2d:4e:09:b1:d9:81:4c:e6:6c:68:1e:31:8c:
6f:07:42:9c:0b:cb:93:27:a0:7d:0d:02:dd:c4:5a:
43:d7:53:18:c5:09:0e:88:48:d0:c4:67:10:89:f4:
d3:99:02:f8:80:1c:8d:d8:83:f5:11:48:dc:07:58:
76:c3:54:06:9e:67:3a:ea:58:33:3c:2a:29:62:d8:
70:a3:aa:cd:c8:d0:ab:04:34:7f:cc:b8:d9:0e:ae:
ef:a1:07:d4:83:ba:83:89:38:0e:0c:39:9f:2d:2f:
47:c4:e4:5b:85:ec:db:1b:ad:f9:76:ef:1d:56:c1:
da:34:fe:fb:4e:4e:9e:fd:fa:c0:96:66:0c:e9:a9:
d2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:05:7A:99:50:18:1A:E9:97:3E:89:48:EE:33:61:CA:89:DB:AA:B9
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/wQV6mVAYGumXPolI7jNhyonbqrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.86.0/23
92.240.201.0/24
92.240.205.0/24
92.240.214.0/24
92.240.216.0/24
Signature Algorithm: sha256WithRSAEncryption
01:e8:9b:d0:3e:02:3f:c4:86:79:c9:d1:5d:14:b8:0b:bb:7e:
d8:8d:44:25:20:4c:f1:30:a6:b4:8f:30:26:0f:3c:7f:6e:e9:
f5:ea:42:b2:bf:35:11:ef:62:23:8f:ab:b8:c3:04:42:b2:b6:
ec:3d:d6:d9:10:36:76:de:9c:09:ac:52:0d:29:3b:90:d2:9a:
e8:6f:fa:ab:6b:ef:d0:f9:12:47:8e:25:69:5c:34:62:90:e5:
ba:ea:89:1f:d9:a0:f2:23:d7:67:7b:fe:98:95:49:2f:36:f8:
50:70:f5:a1:47:67:6c:d6:2e:b8:42:a6:bd:ee:0e:53:8e:b6:
a4:55:52:b0:82:48:31:41:0f:e6:be:16:b0:42:79:c0:3f:d8:
40:ec:0a:69:f8:5d:a4:b8:2a:8a:a6:94:6a:d3:10:89:97:f1:
36:2d:85:8d:65:2b:c5:fc:78:02:68:f8:b2:1e:10:e8:73:18:
a1:cd:da:df:e1:ff:15:24:f3:3d:c7:99:9e:d6:5f:49:67:ec:
97:92:de:30:dd:03:31:27:b2:64:e0:d9:3b:01:ad:b0:5d:bf:
b0:f7:0a:2b:a4:ea:81:5f:5d:f3:ff:2d:79:22:0f:c8:9e:bc:
9d:67:31:65:45:1f:2b:91:a2:28:d7:1c:06:e0:66:63:12:85:
b2:3a:e5:62
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVsCkrKVnPcQLbeluccvYrJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjMwMTAxMDYzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTA1N2E5OTUwMTgxYWU5OTczZTg5NDhlZTMzNjFjYTg5ZGJhYWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjywAh4K7x46zgpoP1/l5vCefkzrk
1wB6JKexeuwNt5DlavnzYnxJEVIGodoNZDztQ9f7zsJ7Mvp9H7iAxETH1orhWXkV
09KnICwA9Cas4eOKUkrbMWh81BHAYgMRJBkLGda80Y3NW4YzCGamZFoZ5qXJrvpJ
4wqyHS1OCbHZgUzmbGgeMYxvB0KcC8uTJ6B9DQLdxFpD11MYxQkOiEjQxGcQifTT
mQL4gByN2IP1EUjcB1h2w1QGnmc66lgzPCopYthwo6rNyNCrBDR/zLjZDq7voQfU
g7qDiTgODDmfLS9HxORbhezbG635du8dVsHaNP77Tk6e/frAlmYM6anSKQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMEFeplQGBrplz6JSO4zYcqJ26q5MB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvd1FWNm1WQVlHdW1YUG9sSTdqTmh5b25icXJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBWblWAwQA
XPDJAwQAXPDNAwQAXPDWAwQAXPDYMA0GCSqGSIb3DQEBCwUAA4IBAQAB6JvQPgI/
xIZ5ydFdFLgLu37YjUQlIEzxMKa0jzAmDzx/bun16kKyvzUR72Ijj6u4wwRCsrbs
PdbZEDZ23pwJrFINKTuQ0prob/qra+/Q+RJHjiVpXDRikOW66okf2aDyI9dne/6Y
lUkvNvhQcPWhR2ds1i64Qqa97g5TjrakVVKwgkgxQQ/mvhawQnnAP9hA7App+F2k
uCqKppRq0xCJl/E2LYWNZSvF/HgCaPiyHhDocxihzdrf4f8VJPM9x5me1l9JZ+yX
kt4w3QMxJ7Jk4Nk7Aa2wXb+w9worpOqBX13z/y15Ig/InrydZzFlRR8rkaIo1xwG
4GZjEoWyOuVi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:18 2024 by rpki-client on console-ams.rpki-client.org