Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WJMN3RT0lR_k-JDN1F0UR6olEz0.roa
File: WJMN3RT0lR_k-JDN1F0UR6olEz0.roa (raw, json)
Hash identifier: D+9YpqtsrtFBzk5K3aPrmMJoTrOJgPGqwbsLKIgSfkc=
Subject key identifier: 58:93:0D:DD:14:F4:95:1F:E4:F8:90:CD:D4:5D:14:47:AA:25:13:3D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019294B65C88623DBD7B803F8A6B0090CE08
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WJMN3RT0lR_k-JDN1F0UR6olEz0.roa
Signing time: Wed 16 Oct 2024 09:43:52 +0000
ROA not before: Wed 16 Oct 2024 09:43:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.126.82.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 10:13:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:94:b6:5c:88:62:3d:bd:7b:80:3f:8a:6b:00:90:ce:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 16 09:43:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58930ddd14f4951fe4f890cdd45d1447aa25133d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:3a:73:d9:da:0b:4d:31:cc:41:41:49:12:51:
a1:c6:4a:b9:d3:2a:fc:86:47:1a:07:a3:7a:c3:cc:
ab:b5:75:5a:a4:25:bf:bb:27:66:cc:41:02:b8:c1:
fd:d3:6f:6f:06:e1:65:bc:2a:42:0d:a9:a1:4c:2b:
51:f9:2d:1f:b3:23:34:86:73:06:11:e0:2e:c9:81:
36:f9:6a:3e:eb:ab:9f:0c:14:c4:b1:20:07:f5:8a:
1e:ad:4c:5d:96:6b:f1:51:73:98:5a:70:3c:be:59:
8c:dd:5b:50:cf:41:ec:30:91:b4:f0:61:10:29:eb:
11:34:81:43:15:6a:f0:6d:a3:67:88:e0:f9:a4:71:
6d:ad:13:4e:7e:59:22:50:a5:0b:2a:ba:37:93:5b:
bd:85:5c:2d:9c:3c:16:c6:dd:97:5f:46:34:2c:df:
1a:b3:e2:95:18:53:81:f1:54:76:b1:e2:5e:71:65:
de:90:62:c1:71:38:38:a5:f4:35:d3:03:90:9e:86:
c0:38:a9:0b:19:0c:d8:94:26:10:e0:29:f9:4e:58:
7e:59:9e:a4:97:f8:a5:e5:aa:67:2c:38:62:34:5b:
04:ff:05:56:d4:2d:ae:6c:5c:2c:d3:53:9e:fa:78:
7b:5a:c5:1e:9c:a5:b3:16:16:cf:64:a7:73:13:c7:
f5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:93:0D:DD:14:F4:95:1F:E4:F8:90:CD:D4:5D:14:47:AA:25:13:3D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WJMN3RT0lR_k-JDN1F0UR6olEz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.121.12.0/22
185.126.82.0/24
185.218.101.0/24
185.220.250.0/23
185.225.0.0/23
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
95:b8:8d:50:aa:a0:ba:29:c5:87:8c:45:84:1b:04:41:f2:0a:
aa:7d:78:c5:97:5c:3a:cb:44:56:72:94:aa:53:ff:0f:76:a1:
47:80:d7:08:d1:ef:08:50:99:10:aa:c8:29:5d:b6:e3:5a:9f:
32:bf:a6:6f:7a:74:9f:e4:ea:b4:56:11:c0:e6:88:2d:89:8a:
d2:1a:d2:a8:ff:82:9a:4e:a2:b5:bf:9f:08:d7:7f:03:f8:fa:
d2:da:58:35:a6:13:85:33:83:88:09:f0:69:53:ae:3b:e5:16:
e5:63:b3:27:2e:e4:45:09:52:80:2d:3d:95:e2:63:d7:fc:f2:
92:80:7b:13:d4:c0:6c:e4:a9:34:49:c8:2c:25:c6:92:b4:5b:
e8:28:24:c0:a7:fc:3c:ad:be:92:36:79:bd:70:d9:75:9f:26:
d9:1f:e9:45:96:e6:be:a0:e8:00:47:f8:cd:a6:3c:fa:ab:9e:
b3:62:19:b4:b7:98:e8:9d:d9:c5:b9:45:dd:1b:66:cf:63:fb:
72:f7:8f:cf:cc:79:2b:56:50:e5:b4:16:47:47:9a:93:a0:ee:
0e:3c:f7:09:1e:8d:ce:4e:07:3e:ad:2e:84:e0:66:5a:41:cb:
c9:21:26:e2:e9:b5:68:ad:ee:dc:ea:10:ba:51:de:7c:55:23:
30:37:a7:83
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZKUtlyIYj29e4A/imsAkM4IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMDE2MDk0MzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODkzMGRkZDE0ZjQ5NTFmZTRmODkwY2RkNDVkMTQ0N2FhMjUxMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Tpz2doLTTHMQUFJElGhxkq50yr8
hkcaB6N6w8yrtXVapCW/uydmzEECuMH9029vBuFlvCpCDamhTCtR+S0fsyM0hnMG
EeAuyYE2+Wo+66ufDBTEsSAH9YoerUxdlmvxUXOYWnA8vlmM3VtQz0HsMJG08GEQ
KesRNIFDFWrwbaNniOD5pHFtrRNOflkiUKULKro3k1u9hVwtnDwWxt2XX0Y0LN8a
s+KVGFOB8VR2seJecWXekGLBcTg4pfQ10wOQnobAOKkLGQzYlCYQ4Cn5Tlh+WZ6k
l/il5apnLDhiNFsE/wVW1C2ubFws01Oe+nh7WsUenKWzFhbPZKdzE8f1hQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFiTDd0U9JUf5PiQzdRdFEeqJRM9MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvV0pNTjNSVDBsUl9rLUpETjFGMFVSNm9sRXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQC
uXkMAwQAuX5SAwQAudplAwQBudz6AwQBueEAAwQBueOSAwQBwQhwAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQCVuI1QqqC6KcWHjEWEGwRB8gqqfXjFl1w6y0RWcpSq
U/8PdqFHgNcI0e8IUJkQqsgpXbbjWp8yv6ZvenSf5Oq0VhHA5ogtiYrSGtKo/4Ka
TqK1v58I138D+PrS2lg1phOFM4OICfBpU6475RblY7MnLuRFCVKALT2V4mPX/PKS
gHsT1MBs5Kk0ScgsJcaStFvoKCTAp/w8rb6SNnm9cNl1nybZH+lFlua+oOgAR/jN
pjz6q56zYhm0t5jondnFuUXdG2bPY/ty94/PzHkrVlDltBZHR5qToO4OPPcJHo3O
Tgc+rS6E4GZaQcvJISbi6bVore7c6hC6Ud58VSMwN6eD
-----END CERTIFICATE-----
Generated at Mon Oct 28 12:17:13 2024 by rpki-client on console-ams.rpki-client.org