Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/c3fcd9-00c8-436b-8c01-a5fea604ad53/1/WfzmVKnFvIfIViAyed8HEy1vIeo.roa
File: WfzmVKnFvIfIViAyed8HEy1vIeo.roa (raw, json)
Hash identifier: BgE04fBBwnOfa93KfHUu2XeE4aCnEr/CZbgy5tQO/xQ=
Subject key identifier: 59:FC:E6:54:A9:C5:BC:87:C8:56:20:32:79:DF:07:13:2D:6F:21:EA
Certificate issuer: /CN=73fdae1505049e446d5b0d144acc860d6c18167c
Certificate serial: 01864EBC5608573670B91730827BE44F6263
Authority key identifier: 73:FD:AE:15:05:04:9E:44:6D:5B:0D:14:4A:CC:86:0D:6C:18:16:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_2uFQUEnkRtWw0USsyGDWwYFnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/c3fcd9-00c8-436b-8c01-a5fea604ad53/1/WfzmVKnFvIfIViAyed8HEy1vIeo.roa
Signing time: Tue 14 Feb 2023 07:03:30 +0000
ROA not before: Tue 14 Feb 2023 07:03:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201601
IP address blocks: 176.112.144.0/22 maxlen: 22
176.112.152.0/24 maxlen: 24
176.112.148.0/22 maxlen: 22
176.112.152.0/22 maxlen: 22
176.112.153.0/24 maxlen: 24
176.112.156.0/22 maxlen: 22
185.68.208.0/24 maxlen: 24
176.112.154.0/24 maxlen: 24
185.68.209.0/24 maxlen: 24
176.112.155.0/24 maxlen: 24
185.68.208.0/22 maxlen: 22
185.68.210.0/24 maxlen: 24
185.68.211.0/24 maxlen: 24
94.177.25.0/24 maxlen: 24
2a05:1cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 17 Apr 2023 09:43:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4e:bc:56:08:57:36:70:b9:17:30:82:7b:e4:4f:62:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73fdae1505049e446d5b0d144acc860d6c18167c
Validity
Not Before: Feb 14 07:03:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59fce654a9c5bc87c856203279df07132d6f21ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e3:dd:9a:5f:66:5c:85:04:1b:a9:95:04:a1:
e7:61:7c:27:69:16:e1:de:15:2c:3e:80:ce:66:90:
a9:4c:7b:41:bd:ad:df:7c:39:be:ac:83:22:07:83:
1c:dd:7c:1e:90:06:2f:15:9f:80:5c:ff:60:ce:22:
db:ac:83:3f:49:e2:e1:16:3f:dd:33:d6:17:24:9e:
8f:2e:7b:1f:d9:f1:54:0d:06:66:47:85:f1:1a:cc:
0e:bd:fa:bc:0e:db:98:3b:13:85:41:39:39:46:7c:
86:c0:ad:54:8c:4c:24:0e:10:96:e4:ca:5a:76:b3:
78:44:64:df:62:d4:81:7b:56:9e:f3:64:50:9f:08:
f1:05:64:67:16:8c:79:f4:4e:bf:df:c3:50:3b:05:
1c:c5:fa:45:f7:93:29:24:b7:0c:20:5e:eb:56:51:
ad:94:d2:8a:08:3e:d4:8f:90:8b:c4:6d:43:34:2a:
43:16:05:81:00:2c:3b:80:13:69:ec:d7:99:16:5a:
02:3b:c4:b2:23:66:ae:f6:6c:47:33:a3:79:fb:c3:
34:1d:40:79:31:6f:91:86:2e:3e:a8:66:46:63:de:
52:64:48:08:a0:85:39:97:79:ef:0d:c4:09:18:4f:
74:01:5a:85:5c:05:8a:73:fd:8a:4c:fe:d5:b7:4b:
c4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:FC:E6:54:A9:C5:BC:87:C8:56:20:32:79:DF:07:13:2D:6F:21:EA
X509v3 Authority Key Identifier:
keyid:73:FD:AE:15:05:04:9E:44:6D:5B:0D:14:4A:CC:86:0D:6C:18:16:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_2uFQUEnkRtWw0USsyGDWwYFnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c3fcd9-00c8-436b-8c01-a5fea604ad53/1/WfzmVKnFvIfIViAyed8HEy1vIeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c3fcd9-00c8-436b-8c01-a5fea604ad53/1/c_2uFQUEnkRtWw0USsyGDWwYFnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.177.25.0/24
176.112.144.0/20
185.68.208.0/22
IPv6:
2a05:1cc0::/29
Signature Algorithm: sha256WithRSAEncryption
03:60:88:ff:d2:15:49:87:7f:52:d2:1c:3e:dc:5b:ea:1c:a5:
62:f5:68:ea:98:c5:24:85:80:c6:4b:db:69:fc:ca:8b:b1:54:
94:ef:ce:c0:ae:90:d2:30:2d:04:45:ab:e4:99:9f:d4:ba:b5:
a3:6e:3f:39:c1:f9:a4:fb:86:e7:25:42:5c:99:bd:98:e6:d0:
13:eb:8f:7e:fb:77:e5:93:6e:47:c2:d4:a6:7a:6d:7f:a7:88:
a8:4f:fa:b1:c3:36:9b:5a:fe:d9:be:1a:bc:5e:1a:a8:76:09:
2e:8c:b5:54:c2:11:92:33:49:2d:91:12:35:da:88:3e:6d:d2:
41:35:74:fd:96:ac:10:ca:0d:6a:97:aa:6c:d5:46:d3:f3:f4:
21:4f:df:bb:23:e6:70:6d:41:f4:6c:cc:f3:ec:99:87:d7:58:
9a:45:f7:a2:b8:cd:c7:4a:a2:65:88:ab:61:42:b3:d6:36:24:
86:96:b5:d9:46:39:dd:e1:ac:6f:32:78:d7:43:e5:46:f2:13:
f7:1c:5b:68:b2:dd:3b:27:eb:c3:6b:71:9e:c9:2b:30:2a:6c:
85:e5:22:a6:d4:42:4f:d3:db:78:21:fb:9c:f2:71:d5:ce:d4:
79:75:02:80:49:ab:e1:41:2e:e5:01:6c:29:8d:2f:28:53:6b:
cd:a3:eb:32
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYZOvFYIVzZwuRcwgnvkT2JjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZmRhZTE1MDUwNDllNDQ2ZDViMGQxNDRhY2M4NjBkNmMx
ODE2N2MwHhcNMjMwMjE0MDcwMzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWZjZTY1NGE5YzViYzg3Yzg1NjIwMzI3OWRmMDcxMzJkNmYyMWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmePdml9mXIUEG6mVBKHnYXwnaRbh
3hUsPoDOZpCpTHtBva3ffDm+rIMiB4Mc3XwekAYvFZ+AXP9gziLbrIM/SeLhFj/d
M9YXJJ6PLnsf2fFUDQZmR4XxGswOvfq8DtuYOxOFQTk5RnyGwK1UjEwkDhCW5Mpa
drN4RGTfYtSBe1ae82RQnwjxBWRnFox59E6/38NQOwUcxfpF95MpJLcMIF7rVlGt
lNKKCD7Uj5CLxG1DNCpDFgWBACw7gBNp7NeZFloCO8SyI2au9mxHM6N5+8M0HUB5
MW+Rhi4+qGZGY95SZEgIoIU5l3nvDcQJGE90AVqFXAWKc/2KTP7Vt0vEDQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFn85lSpxbyHyFYgMnnfBxMtbyHqMB8GA1UdIwQY
MBaAFHP9rhUFBJ5EbVsNFErMhg1sGBZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY18ydUZRVUVua1J0V3cwVVNzeUdEV3dZRm53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jM2ZjZDktMDBjOC00MzZiLThjMDEt
YTVmZWE2MDRhZDUzLzEvV2Z6bVZLbkZ2SWZJVmlBeWVkOEhFeTF2SWVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jM2ZjZDktMDBjOC00MzZiLThjMDEtYTVmZWE2MDRhZDUz
LzEvY18ydUZRVUVua1J0V3cwVVNzeUdEV3dZRm53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAXrEZAwQE
sHCQAwQCuUTQMA0EAgACMAcDBQMqBRzAMA0GCSqGSIb3DQEBCwUAA4IBAQADYIj/
0hVJh39S0hw+3FvqHKVi9WjqmMUkhYDGS9tp/MqLsVSU787ArpDSMC0ERavkmZ/U
urWjbj85wfmk+4bnJUJcmb2Y5tAT649++3flk25HwtSmem1/p4ioT/qxwzabWv7Z
vhq8XhqodgkujLVUwhGSM0ktkRI12og+bdJBNXT9lqwQyg1ql6ps1UbT8/QhT9+7
I+ZwbUH0bMzz7JmH11iaRfeiuM3HSqJliKthQrPWNiSGlrXZRjnd4axvMnjXQ+VG
8hP3HFtost07J+vDa3GeySswKmyF5SKm1EJP09t4Ifuc8nHVztR5dQKASavhQS7l
AWwpjS8oU2vNo+sy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:48 2024 by rpki-client on console-ams.rpki-client.org