Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/wKP-UGNfhqexWdQEfVF99Ot7-0E.roa
File: wKP-UGNfhqexWdQEfVF99Ot7-0E.roa (raw, json)
Hash identifier: wmtbD6h/ulLMxy0VeGpF/qFlyGJiUD0qmv0I4q6g0A4=
Subject key identifier: C0:A3:FE:50:63:5F:86:A7:B1:59:D4:04:7D:51:7D:F4:EB:7B:FB:41
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018981F5F839F3E4F4468F37F83CE84C8359
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/wKP-UGNfhqexWdQEfVF99Ot7-0E.roa
Signing time: Sun 23 Jul 2023 08:55:27 +0000
ROA not before: Sun 23 Jul 2023 08:55:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.218.103.0/24 maxlen: 24
185.230.52.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.222.28.0/24 maxlen: 24
185.222.30.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.147.0/24 maxlen: 24
185.214.100.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jul 2023 09:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:81:f5:f8:39:f3:e4:f4:46:8f:37:f8:3c:e8:4c:83:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 23 08:55:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0a3fe50635f86a7b159d4047d517df4eb7bfb41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ae:16:c6:58:77:10:f7:27:bc:84:fa:d2:7d:
dd:30:6e:87:50:24:b7:49:6e:91:40:fc:fe:60:c0:
3a:08:30:75:1b:bd:2c:58:18:3a:9f:ff:7b:c6:91:
a5:39:95:26:96:e6:f7:8a:2e:d0:d9:c9:b9:2e:db:
64:6f:76:ec:74:6b:4e:16:49:07:c5:a1:5d:41:9f:
bd:29:66:bd:f5:91:aa:ff:07:75:83:75:85:cc:84:
ad:9e:11:ac:3f:02:00:2e:19:53:1d:3d:4d:7b:b9:
41:38:af:61:d1:c0:77:34:91:b0:89:4b:61:13:10:
ef:4f:6f:22:f8:4c:38:4b:47:49:c7:b9:4d:49:dc:
bc:1a:e9:92:d1:3c:f3:0e:6d:b8:3e:b9:25:26:de:
bc:c7:9c:d1:76:bd:6a:5a:59:52:d0:a8:6b:1e:83:
69:c0:71:98:8c:17:7f:70:07:c9:57:44:a3:f6:40:
a9:6c:fd:80:d2:ad:34:8d:e1:6c:3f:b4:ff:36:bd:
a7:bc:f4:0c:ad:8f:b8:f5:cc:e9:0c:f4:cb:d4:ee:
54:16:a7:7a:9b:99:a2:7c:a1:67:46:63:75:63:d3:
46:cf:fb:a1:d8:76:e4:90:e9:c7:b4:0d:1d:07:5b:
df:89:61:1e:f3:91:3c:1f:6d:27:1b:a5:d8:00:8a:
27:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:A3:FE:50:63:5F:86:A7:B1:59:D4:04:7D:51:7D:F4:EB:7B:FB:41
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/wKP-UGNfhqexWdQEfVF99Ot7-0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.214.100.0/24
185.214.102.0/24
185.218.103.0/24
185.220.248.0/24
185.222.28.0/24
185.222.30.0/23
185.225.0.0/23
185.230.52.0/24
185.246.112.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:be:d4:05:d0:08:d8:7d:33:b6:a6:04:72:80:c7:ab:15:4a:
6d:6f:ba:b2:80:35:41:0c:36:af:b3:13:d6:be:aa:ae:c5:2b:
17:ba:ef:4f:92:c8:92:da:93:0a:1e:99:07:00:f5:aa:48:64:
8e:76:41:a8:3e:98:5d:c4:a1:de:e8:3c:0c:5f:6f:ce:7c:32:
03:3f:f1:ae:35:50:ef:3c:94:1e:07:e2:35:f3:c0:8e:4b:d6:
11:ae:df:8d:69:78:bc:44:aa:38:2d:99:5a:86:53:db:de:47:
bf:3f:df:e6:54:47:57:78:a4:01:cc:65:93:59:eb:a7:bc:69:
df:e6:52:c3:cb:50:4c:4b:06:d6:33:7b:df:5d:dd:d1:55:4f:
24:7f:21:b7:24:b0:e8:04:3f:f3:4a:4b:94:fb:e5:3f:a5:a3:
2b:f2:65:a4:f7:21:e2:88:c7:3e:6e:a6:93:6d:39:36:6a:39:
5a:e6:cb:3b:b0:00:9f:ad:a2:d3:a2:98:23:b7:ab:6a:89:df:
2a:2a:90:dd:29:65:9c:d6:af:5e:4d:05:0b:62:09:46:6e:a4:
11:cf:cb:58:eb:2d:70:8f:ba:8e:e6:7f:7f:09:4a:e0:a0:14:
80:3f:15:e9:f1:c6:73:af:b3:ff:ea:72:aa:a9:a7:29:26:dd:
d4:d2:95:85
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYmB9fg58+T0Ro83+DzoTINZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzIzMDg1NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGEzZmU1MDYzNWY4NmE3YjE1OWQ0MDQ3ZDUxN2RmNGViN2JmYjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqK4Wxlh3EPcnvIT60n3dMG6HUCS3
SW6RQPz+YMA6CDB1G70sWBg6n/97xpGlOZUmlub3ii7Q2cm5Lttkb3bsdGtOFkkH
xaFdQZ+9KWa99ZGq/wd1g3WFzIStnhGsPwIALhlTHT1Ne7lBOK9h0cB3NJGwiUth
ExDvT28i+Ew4S0dJx7lNSdy8GumS0TzzDm24PrklJt68x5zRdr1qWllS0KhrHoNp
wHGYjBd/cAfJV0Sj9kCpbP2A0q00jeFsP7T/Nr2nvPQMrY+49czpDPTL1O5UFqd6
m5mifKFnRmN1Y9NGz/uh2HbkkOnHtA0dB1vfiWEe85E8H20nG6XYAIonlwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMCj/lBjX4ansVnUBH1RffTre/tBMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvd0tQLVVHTmZocWV4V2RRRWZWRjk5T3Q3LTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALQgVAwQA
LZPgAwQAudZkAwQAudZmAwQAudpnAwQAudz4AwQAud4cAwQBud4eAwQBueEAAwQA
ueY0AwQAufZwAwQAufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQBtvtQF0AjY
fTO2pgRygMerFUptb7qygDVBDDavsxPWvqquxSsXuu9PksiS2pMKHpkHAPWqSGSO
dkGoPphdxKHe6DwMX2/OfDIDP/GuNVDvPJQeB+I188COS9YRrt+NaXi8RKo4LZla
hlPb3ke/P9/mVEdXeKQBzGWTWeunvGnf5lLDy1BMSwbWM3vfXd3RVU8kfyG3JLDo
BD/zSkuU++U/paMr8mWk9yHiiMc+bqaTbTk2ajla5ss7sACfraLTopgjt6tqid8q
KpDdKWWc1q9eTQULYglGbqQRz8tY6y1wj7qO5n9/CUrgoBSAPxXp8cZzr7P/6nKq
qacpJt3U0pWF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:30 2024 by rpki-client on console-ams.rpki-client.org