Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/Wh3r6W2-tcsmhAQEQ5HuKIyW8wM.roa
File: Wh3r6W2-tcsmhAQEQ5HuKIyW8wM.roa (raw, json)
Hash identifier: c1MGW0lMinnW51nwSEAJy3CXTJMWKTmmYlL9Yk3E0FM=
Subject key identifier: 5A:1D:EB:E9:6D:BE:B5:CB:26:84:04:04:43:91:EE:28:8C:96:F3:03
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 018CC50038CDA278783C65E0B8C1C05D32B5
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/Wh3r6W2-tcsmhAQEQ5HuKIyW8wM.roa
Signing time: Mon 01 Jan 2024 12:29:35 +0000
ROA not before: Mon 01 Jan 2024 12:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213274
IP address blocks: 89.252.142.0/24 maxlen: 24
89.252.144.0/24 maxlen: 24
89.252.147.0/24 maxlen: 24
89.252.152.0/24 maxlen: 24
89.252.156.0/24 maxlen: 24
89.252.157.0/24 maxlen: 24
94.102.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 08:41:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:38:cd:a2:78:78:3c:65:e0:b8:c1:c0:5d:32:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 1 12:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a1debe96dbeb5cb268404044391ee288c96f303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:62:ac:a0:28:8b:1d:cf:5d:8e:c7:83:84:70:
e0:e2:72:c4:ff:9a:21:d4:15:91:60:db:40:c8:e3:
b7:93:10:75:aa:18:83:9f:a7:18:72:50:9f:6c:9b:
88:3d:a5:a7:8f:49:08:e2:c3:7c:9d:69:21:96:6b:
2a:9e:6f:ed:3e:0a:c4:e0:de:7d:ed:99:36:12:cd:
41:0a:2c:37:f6:a5:a4:59:1a:2e:db:40:96:d1:90:
66:7c:a7:a3:30:19:c3:a2:da:62:2e:11:30:25:73:
70:21:6c:4e:9c:ec:e3:87:11:da:3e:78:e0:0e:f2:
3c:8e:50:af:7f:e2:f0:fa:23:43:60:c9:42:35:08:
d6:70:b8:d7:a6:86:24:55:ee:5f:be:32:3e:88:18:
d0:a7:1a:13:e7:f2:58:02:26:87:1c:dc:43:1f:83:
93:0d:cc:49:f5:7a:2a:d8:b9:c7:a9:7a:be:91:d4:
84:ff:e4:c6:70:35:68:01:9d:23:e3:a5:7a:1b:75:
62:56:75:7d:23:8a:85:54:d9:89:25:66:f1:e1:01:
39:c6:39:b3:52:11:9f:81:10:64:d9:e2:cf:cb:e2:
7d:55:9c:6d:3a:75:3b:b4:93:62:b5:84:7d:a7:e4:
8d:4d:17:eb:0d:9e:ba:5d:46:82:10:00:21:87:fb:
ca:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1D:EB:E9:6D:BE:B5:CB:26:84:04:04:43:91:EE:28:8C:96:F3:03
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/Wh3r6W2-tcsmhAQEQ5HuKIyW8wM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.142.0/24
89.252.144.0/24
89.252.147.0/24
89.252.152.0/24
89.252.156.0/23
94.102.12.0/24
Signature Algorithm: sha256WithRSAEncryption
86:5e:5a:8b:dc:d0:aa:51:5c:1d:06:e0:1b:3c:b6:5a:34:7f:
76:46:8e:de:95:42:fa:ce:46:1d:71:bd:43:df:e8:93:d1:9a:
c3:6e:b7:dc:cd:85:0e:23:c2:05:11:a5:2d:59:f5:90:1e:40:
a9:3f:41:36:b7:95:40:c3:81:6d:8e:a2:3f:8c:0c:ae:19:dc:
6a:6c:18:ef:c1:83:d1:04:32:9c:cc:c6:38:f4:01:e4:82:39:
56:5c:de:38:6d:c2:58:e2:79:f0:4a:7e:72:63:aa:60:df:b0:
61:3c:91:53:2a:0c:cc:2e:b3:0e:c6:d2:9f:02:82:8d:6c:77:
0a:35:83:13:a6:e2:d3:15:dc:94:8a:c1:99:49:4c:a2:32:77:
61:4f:53:3a:e0:ab:38:f8:8a:94:2a:82:24:c0:48:2b:95:f2:
f3:2c:0f:8e:af:a9:08:58:e5:e0:9c:c1:80:4b:5b:cc:41:3c:
63:09:59:65:37:0d:ce:50:f5:64:75:be:cd:82:60:09:4a:b2:
c3:cd:c0:61:fc:ef:64:18:f4:9b:57:04:55:39:77:b0:bc:cd:
47:29:b0:bf:ed:09:e5:c8:e3:8b:c0:b0:ab:8e:3e:12:f5:fd:
27:4a:30:8b:18:62:59:a2:a4:63:c8:75:c7:1a:46:8d:2f:6e:
e8:0d:de:4d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzFADjNonh4PGXguMHAXTK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjQwMTAxMTIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTFkZWJlOTZkYmViNWNiMjY4NDA0MDQ0MzkxZWUyODhjOTZmMzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmKsoCiLHc9djseDhHDg4nLE/5oh
1BWRYNtAyOO3kxB1qhiDn6cYclCfbJuIPaWnj0kI4sN8nWkhlmsqnm/tPgrE4N59
7Zk2Es1BCiw39qWkWRou20CW0ZBmfKejMBnDotpiLhEwJXNwIWxOnOzjhxHaPnjg
DvI8jlCvf+Lw+iNDYMlCNQjWcLjXpoYkVe5fvjI+iBjQpxoT5/JYAiaHHNxDH4OT
DcxJ9Xoq2LnHqXq+kdSE/+TGcDVoAZ0j46V6G3ViVnV9I4qFVNmJJWbx4QE5xjmz
UhGfgRBk2eLPy+J9VZxtOnU7tJNitYR9p+SNTRfrDZ66XUaCEAAhh/vK9QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFod6+ltvrXLJoQEBEOR7iiMlvMDMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvV2gzcjZXMi10Y3NtaEFRRVE1SHVLSXlXOHdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWfyOAwQA
WfyQAwQAWfyTAwQAWfyYAwQBWfycAwQAXmYMMA0GCSqGSIb3DQEBCwUAA4IBAQCG
XlqL3NCqUVwdBuAbPLZaNH92Ro7elUL6zkYdcb1D3+iT0ZrDbrfczYUOI8IFEaUt
WfWQHkCpP0E2t5VAw4FtjqI/jAyuGdxqbBjvwYPRBDKczMY49AHkgjlWXN44bcJY
4nnwSn5yY6pg37BhPJFTKgzMLrMOxtKfAoKNbHcKNYMTpuLTFdyUisGZSUyiMndh
T1M64Ks4+IqUKoIkwEgrlfLzLA+Or6kIWOXgnMGAS1vMQTxjCVllNw3OUPVkdb7N
gmAJSrLDzcBh/O9kGPSbVwRVOXewvM1HKbC/7QnlyOOLwLCrjj4S9f0nSjCLGGJZ
oqRjyHXHGkaNL27oDd5N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:52 2024 by rpki-client on console-fra.rpki-client.org