Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WSfZMMJIOUwMwVaCRoLZgaWZ8mQ.roa
File: WSfZMMJIOUwMwVaCRoLZgaWZ8mQ.roa (raw, json)
Hash identifier: GTtfXngpBqc79APqaJLjfjtENBhTGTwYm+/OI84AgBA=
Subject key identifier: 59:27:D9:30:C2:48:39:4C:0C:C1:56:82:46:82:D9:81:A5:99:F2:64
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018571B62A668C9566B209EAEDF98D5DDAFA
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WSfZMMJIOUwMwVaCRoLZgaWZ8mQ.roa
Signing time: Mon 02 Jan 2023 09:00:41 +0000
ROA not before: Mon 02 Jan 2023 09:00:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 185.240.122.0/24 maxlen: 24
45.8.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 27 Mar 2023 12:09:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b6:2a:66:8c:95:66:b2:09:ea:ed:f9:8d:5d:da:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 09:00:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5927d930c248394c0cc156824682d981a599f264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:91:28:71:4f:bc:2c:16:51:27:9d:34:9c:9c:
32:1d:fd:b4:fe:23:03:61:e8:81:2b:5e:e7:88:39:
fb:0f:8d:f6:cd:47:c6:59:5d:c3:28:09:2f:dc:28:
a0:50:87:79:c6:73:1d:91:39:52:49:77:3c:d8:f5:
c8:45:fa:5c:9c:8e:30:f5:62:36:47:32:e0:0b:d6:
78:8d:02:66:93:45:52:69:76:e0:7f:c0:9d:5c:e5:
a5:3b:29:3d:fd:87:dc:68:fe:43:16:bf:ff:0d:ec:
31:af:98:b9:99:cd:f4:9f:66:9a:55:51:4e:75:71:
c0:96:7e:da:38:c8:7b:f9:06:e5:18:8b:f5:51:5c:
fa:8a:5d:3a:02:13:ec:50:75:af:b3:6c:5f:b5:38:
31:06:0f:ba:a0:cb:76:fa:1f:81:e1:b7:a5:dd:af:
60:a3:a2:a3:5c:d0:0c:a4:72:fa:2f:d2:d8:ad:f9:
b2:fd:47:a3:84:ba:58:82:3c:7b:d4:14:16:fb:d5:
fc:1c:6a:71:5c:47:99:93:d7:1b:0c:84:a6:28:5f:
8d:5a:b8:2a:3a:e3:de:e8:a7:f1:a7:33:7c:c0:e5:
21:2f:3f:bb:e7:52:1d:ed:91:bb:0a:49:75:21:15:
a2:4d:21:c9:10:81:20:f4:32:eb:56:23:b5:5b:8f:
72:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:27:D9:30:C2:48:39:4C:0C:C1:56:82:46:82:D9:81:A5:99:F2:64
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WSfZMMJIOUwMwVaCRoLZgaWZ8mQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.20.0/22
185.240.122.0/24
Signature Algorithm: sha256WithRSAEncryption
81:a2:ef:f8:6c:d6:15:3f:3d:78:3c:9d:db:8b:7c:fc:7f:2d:
ec:38:93:01:c2:28:87:bb:7d:97:a2:8f:19:db:dc:f5:df:23:
99:7c:42:ed:23:9f:60:eb:b6:fa:b2:d8:14:65:dc:f4:ab:86:
5e:d1:40:54:84:f8:75:ee:52:fd:32:e5:f3:7d:f8:e9:f7:56:
b4:f2:c3:10:7b:7e:0e:15:f1:41:9e:bd:f1:c4:08:58:e5:f3:
95:9d:23:84:f4:cd:16:a1:ca:9b:2c:5e:40:12:7d:92:9f:be:
c4:59:bc:22:7c:d2:3a:ee:ed:3d:8c:be:0b:b5:9d:f1:fc:90:
21:f7:33:27:90:d9:b7:2e:ce:c5:1a:78:b8:b2:7f:70:f1:43:
f3:ba:77:27:bf:52:f5:91:71:91:84:93:3d:6f:05:b6:e6:05:
8f:d8:10:0d:5d:d3:64:47:da:be:b8:31:4a:99:0e:fb:c0:1f:
fe:24:38:5b:e9:1a:2a:97:8c:a4:e3:0f:dd:59:02:bf:41:f0:
43:78:7b:f2:45:19:1c:ef:b0:30:b3:8a:9d:72:61:fe:19:5e:
89:75:0c:94:cc:2b:ba:e1:51:0d:91:a6:81:67:37:0e:d7:32:
47:cc:39:6e:58:75:df:f9:20:89:74:8a:88:f1:62:79:94:54:
08:7e:eb:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxtipmjJVmsgnq7fmNXdr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAyMDkwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTI3ZDkzMGMyNDgzOTRjMGNjMTU2ODI0NjgyZDk4MWE1OTlmMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpEocU+8LBZRJ500nJwyHf20/iMD
YeiBK17niDn7D432zUfGWV3DKAkv3CigUId5xnMdkTlSSXc82PXIRfpcnI4w9WI2
RzLgC9Z4jQJmk0VSaXbgf8CdXOWlOyk9/YfcaP5DFr//Dewxr5i5mc30n2aaVVFO
dXHAln7aOMh7+QblGIv1UVz6il06AhPsUHWvs2xftTgxBg+6oMt2+h+B4bel3a9g
o6KjXNAMpHL6L9LYrfmy/UejhLpYgjx71BQW+9X8HGpxXEeZk9cbDISmKF+NWrgq
OuPe6KfxpzN8wOUhLz+751Id7ZG7Ckl1IRWiTSHJEIEg9DLrViO1W49yCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFkn2TDCSDlMDMFWgkaC2YGlmfJkMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvV1NmWk1NSklPVXdNd1ZhQ1JvTFpnYVdaOG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQgUAwQA
ufB6MA0GCSqGSIb3DQEBCwUAA4IBAQCBou/4bNYVPz14PJ3bi3z8fy3sOJMBwiiH
u32Xoo8Z29z13yOZfELtI59g67b6stgUZdz0q4Ze0UBUhPh17lL9MuXzffjp91a0
8sMQe34OFfFBnr3xxAhY5fOVnSOE9M0WocqbLF5AEn2Sn77EWbwifNI67u09jL4L
tZ3x/JAh9zMnkNm3Ls7FGni4sn9w8UPzuncnv1L1kXGRhJM9bwW25gWP2BANXdNk
R9q+uDFKmQ77wB/+JDhb6Roql4yk4w/dWQK/QfBDeHvyRRkc77Aws4qdcmH+GV6J
dQyUzCu64VENkaaBZzcO1zJHzDluWHXf+SCJdIqI8WJ5lFQIfut3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org