Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WMr5wH_6GW-4d3N2YWFlfDQjpw0.roa
File: WMr5wH_6GW-4d3N2YWFlfDQjpw0.roa (raw, json)
Hash identifier: 0/RlGNQtXO0cj7We28o/pyj+O4w9th43jWcV7t15iaQ=
Subject key identifier: 58:CA:F9:C0:7F:FA:19:6F:B8:77:73:76:61:61:65:7C:34:23:A7:0D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01912DBBC13067332B7C9DC1166506A0A761
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WMr5wH_6GW-4d3N2YWFlfDQjpw0.roa
Signing time: Wed 07 Aug 2024 16:46:05 +0000
ROA not before: Wed 07 Aug 2024 16:46:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 185.194.177.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.58.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Aug 2024 17:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2d:bb:c1:30:67:33:2b:7c:9d:c1:16:65:06:a0:a7:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 7 16:46:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58caf9c07ffa196fb87773766161657c3423a70d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0e:f6:28:d0:94:2a:3a:77:a1:cb:7a:4b:bd:
17:1c:62:e9:e7:25:5a:21:fd:53:c6:79:33:72:a0:
a9:9e:c6:a5:cb:a2:3e:6a:8d:07:dc:a9:1d:be:c2:
43:54:c2:8a:21:f8:5f:68:df:52:42:d7:15:86:75:
1a:2f:85:aa:d9:53:13:07:f2:8d:0e:0e:c9:1a:5b:
cf:6f:0d:c2:d2:15:be:42:0e:83:ad:f8:40:aa:3b:
7e:c2:76:33:b8:62:27:0c:91:19:56:9d:78:29:62:
91:6e:8b:db:bf:11:20:a6:46:d6:ee:43:3d:59:78:
63:06:17:59:d1:5c:76:41:f7:3b:b7:08:ca:04:30:
97:d9:4d:5e:f9:08:f5:eb:a9:1b:ce:4e:02:a8:96:
ab:77:fe:c3:50:c2:d4:93:01:ed:db:0f:15:28:9c:
6a:66:36:99:b1:81:c8:b8:f5:48:83:3b:28:aa:9c:
83:69:4c:5c:d6:36:b5:ab:e7:80:e7:ac:3b:c9:15:
88:68:54:fc:18:95:ab:cd:bf:00:36:a4:c7:71:99:
5b:74:1c:9c:09:36:74:85:39:d4:59:9e:c2:d3:04:
0e:2b:9c:fa:bb:04:35:46:a3:5d:4b:9b:8e:ac:d2:
b7:37:5a:ae:0c:42:bc:4f:b2:96:4e:ad:0d:1b:90:
92:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:CA:F9:C0:7F:FA:19:6F:B8:77:73:76:61:61:65:7C:34:23:A7:0D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WMr5wH_6GW-4d3N2YWFlfDQjpw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.177.0/24
185.209.38.0/24
185.209.73.0/24
185.210.235.0/24
185.218.20.0/24
185.222.29.0/24
185.246.112.0/24
193.58.146.0/24
Signature Algorithm: sha256WithRSAEncryption
12:39:d6:c3:60:e5:28:b3:83:41:d3:51:2d:a7:23:b0:fe:24:
f0:e2:66:02:57:5b:ca:2d:08:9c:2a:64:7f:a8:c0:2c:ee:b3:
e5:f2:8a:60:cf:ec:ee:b6:21:4a:21:7d:b8:a3:50:89:7a:bd:
c9:7b:bf:75:ff:c1:97:f6:62:7d:a6:8f:8d:5a:a9:3f:1a:b0:
b7:fb:94:f7:8b:c0:2a:12:2a:1d:68:f2:27:5f:de:51:df:84:
62:e6:60:e6:bd:82:79:af:ff:ce:1e:31:bb:bb:2a:ff:af:66:
25:f3:33:23:a4:f7:c2:eb:b4:db:62:eb:80:96:12:ed:12:da:
1b:de:be:3d:58:95:45:f5:4e:35:ce:e5:83:25:17:6c:9a:ac:
7c:c5:4e:ad:3c:4c:8f:dc:b6:d7:ca:47:f0:9b:d2:de:98:b7:
21:21:5c:9f:8c:d5:e1:c3:79:62:02:b5:06:1d:23:88:49:83:
a3:ce:ea:fd:75:0a:04:50:d2:23:e5:e9:76:bd:6d:cd:1a:37:
d9:5d:7d:dd:54:50:e4:1d:4c:42:01:bc:9b:51:12:01:56:69:
92:56:17:86:7d:7d:aa:3c:09:31:a4:d8:8b:26:61:b3:9b:f2:
6f:5c:e1:d3:c6:a4:70:fb:00:f4:48:39:83:a2:c5:6b:d0:b3:
ab:f5:d2:d5
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZEtu8EwZzMrfJ3BFmUGoKdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwODA3MTY0NjA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGNhZjljMDdmZmExOTZmYjg3NzczNzY2MTYxNjU3YzM0MjNhNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw72KNCUKjp3oct6S70XHGLp5yVa
If1TxnkzcqCpnsaly6I+ao0H3KkdvsJDVMKKIfhfaN9SQtcVhnUaL4Wq2VMTB/KN
Dg7JGlvPbw3C0hW+Qg6DrfhAqjt+wnYzuGInDJEZVp14KWKRbovbvxEgpkbW7kM9
WXhjBhdZ0Vx2Qfc7twjKBDCX2U1e+Qj166kbzk4CqJard/7DUMLUkwHt2w8VKJxq
ZjaZsYHIuPVIgzsoqpyDaUxc1ja1q+eA56w7yRWIaFT8GJWrzb8ANqTHcZlbdByc
CTZ0hTnUWZ7C0wQOK5z6uwQ1RqNdS5uOrNK3N1quDEK8T7KWTq0NG5CS0wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFjK+cB/+hlvuHdzdmFhZXw0I6cNMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvV01yNXdIXzZHVy00ZDNOMllXRmxmRFFqcHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAucKxAwQA
udEmAwQAudFJAwQAudLrAwQAudoUAwQAud4dAwQAufZwAwQAwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQASOdbDYOUos4NB01EtpyOw/iTw4mYCV1vKLQicKmR/qMAs7rPl
8opgz+zutiFKIX24o1CJer3Je791/8GX9mJ9po+NWqk/GrC3+5T3i8AqEiodaPIn
X95R34Ri5mDmvYJ5r//OHjG7uyr/r2Yl8zMjpPfC67TbYuuAlhLtEtob3r49WJVF
9U41zuWDJRdsmqx8xU6tPEyP3LbXykfwm9LemLchIVyfjNXhw3liArUGHSOISYOj
zur9dQoEUNIj5el2vW3NGjfZXX3dVFDkHUxCAbybURIBVmmSVheGfX2qPAkxpNiL
JmGzm/JvXOHTxqRw+wD0SDmDosVr0LOr9dLV
-----END CERTIFICATE-----
Generated at Fri Aug 30 19:24:13 2024 by rpki-client on console-fra.rpki-client.org