Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/Wjuhfi4IZzw4uU7JNYFCL4vqzP0.roa
File: Wjuhfi4IZzw4uU7JNYFCL4vqzP0.roa (raw, json)
Hash identifier: jMj2KNsMO+vUkDB0rVUkqcP8IXb3xfvyXXt4GlnaFtA=
Subject key identifier: 5A:3B:A1:7E:2E:08:67:3C:38:B9:4E:C9:35:81:42:2F:8B:EA:CC:FD
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018CB4C992B035D2B8D63EDC2E3EBD708291
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/Wjuhfi4IZzw4uU7JNYFCL4vqzP0.roa
Signing time: Fri 29 Dec 2023 08:55:58 +0000
ROA not before: Fri 29 Dec 2023 08:55:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 91.92.33.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
45.141.232.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b4:c9:92:b0:35:d2:b8:d6:3e:dc:2e:3e:bd:70:82:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Dec 29 08:55:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a3ba17e2e08673c38b94ec93581422f8beaccfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:17:04:ad:bd:e0:47:56:f2:86:7c:e7:cb:57:
e5:dc:c6:d1:45:10:20:05:4e:2d:70:70:12:62:f7:
47:9b:a5:84:fe:60:30:a0:9e:e3:03:9f:7e:6d:b8:
a8:4f:dd:d6:8c:49:ba:de:2a:33:41:5e:cd:10:35:
79:7e:ea:3c:dd:57:e7:c1:0c:a9:7d:52:ac:be:76:
1a:5b:82:39:25:03:d2:40:b2:50:29:29:aa:72:a7:
4a:87:4c:be:0e:4f:7d:bb:96:c2:94:d5:6f:bf:08:
ba:77:96:27:85:c3:e5:3c:0e:b8:85:e1:2a:df:c2:
b2:45:a7:9b:3a:ab:69:07:86:4d:2a:e2:c5:93:6d:
45:43:6d:88:b2:38:f4:aa:00:bc:74:9a:d7:c6:40:
d8:af:d5:9f:76:16:31:fe:5d:ca:14:6d:67:45:29:
2f:c0:83:a4:53:88:12:d8:70:cf:fc:07:ce:40:2d:
7f:00:82:20:ce:b6:6c:4f:1c:bd:b4:86:23:c3:75:
26:cd:cd:28:eb:df:ec:e2:31:af:9f:97:d6:0c:32:
0f:84:b4:02:df:75:83:e9:83:75:c3:e8:5e:bd:1e:
8f:07:ec:2a:aa:e1:66:5b:52:97:79:e5:ec:2b:39:
b2:b6:a7:a0:5f:50:4e:7b:7b:1f:4e:ca:38:1f:33:
2e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:3B:A1:7E:2E:08:67:3C:38:B9:4E:C9:35:81:42:2F:8B:EA:CC:FD
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/Wjuhfi4IZzw4uU7JNYFCL4vqzP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
91.92.33.0/24
91.92.49.0/24
93.152.209.0/24
93.152.214.0/24
93.152.220.0/24
93.152.225.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:a5:eb:b3:ce:56:22:c2:75:e8:59:dc:ea:0f:e9:ce:c4:24:
cc:d5:4e:0c:46:85:68:4f:2b:26:e4:a5:0b:c0:cd:4a:fa:c2:
35:33:24:ff:55:29:cb:4f:46:29:dc:9b:b8:33:02:19:94:81:
77:09:d8:4b:8b:61:df:d1:6c:db:3f:bb:dc:5a:5b:0f:14:e6:
e0:9e:fa:d3:f9:36:f8:0d:1a:49:8c:7d:3f:99:89:41:e1:f1:
37:7e:2a:f9:e9:07:10:e7:26:63:17:5f:7d:8d:13:82:3d:55:
60:a6:20:35:3f:b6:a6:ca:91:0e:51:6d:78:8a:92:4b:49:cf:
a8:8d:86:eb:0e:c2:d1:bf:3e:19:ce:d6:c3:c9:c0:0b:cc:99:
52:0b:00:5e:d5:41:74:59:07:f5:95:4e:b1:9b:39:86:57:7f:
46:3c:d0:00:e1:f1:4d:42:d1:28:ab:98:15:53:83:b4:9b:46:
f0:b3:66:e6:43:49:c5:00:06:ee:72:07:24:5e:74:3d:68:ac:
a9:98:7f:10:99:4d:c4:ca:fa:9c:5b:30:c9:a0:9c:4e:74:7d:
a0:1b:83:ec:b9:ab:44:93:9e:e3:50:fd:0b:21:bf:6b:87:91:
4e:83:e8:03:0b:4a:5a:ee:fe:fa:56:5e:08:c0:a4:99:60:b8:
c9:1a:67:57
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYy0yZKwNdK41j7cLj69cIKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMxMjI5MDg1NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTNiYTE3ZTJlMDg2NzNjMzhiOTRlYzkzNTgxNDIyZjhiZWFjY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhcErb3gR1byhnzny1fl3MbRRRAg
BU4tcHASYvdHm6WE/mAwoJ7jA59+bbioT93WjEm63iozQV7NEDV5fuo83VfnwQyp
fVKsvnYaW4I5JQPSQLJQKSmqcqdKh0y+Dk99u5bClNVvvwi6d5YnhcPlPA64heEq
38KyRaebOqtpB4ZNKuLFk21FQ22Isjj0qgC8dJrXxkDYr9WfdhYx/l3KFG1nRSkv
wIOkU4gS2HDP/AfOQC1/AIIgzrZsTxy9tIYjw3Umzc0o69/s4jGvn5fWDDIPhLQC
33WD6YN1w+hevR6PB+wqquFmW1KXeeXsKzmytqegX1BOe3sfTso4HzMuuQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFo7oX4uCGc8OLlOyTWBQi+L6sz9MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvV2p1aGZpNElaenc0dVU3Sk5ZRkNMNHZxelAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALY3oAwQA
W1whAwQAW1wxAwQAXZjRAwQAXZjWAwQAXZjcAwQAXZjhMA0GCSqGSIb3DQEBCwUA
A4IBAQBspeuzzlYiwnXoWdzqD+nOxCTM1U4MRoVoTysm5KULwM1K+sI1MyT/VSnL
T0Yp3Ju4MwIZlIF3CdhLi2Hf0WzbP7vcWlsPFObgnvrT+Tb4DRpJjH0/mYlB4fE3
fir56QcQ5yZjF199jROCPVVgpiA1P7amypEOUW14ipJLSc+ojYbrDsLRvz4ZztbD
ycALzJlSCwBe1UF0WQf1lU6xmzmGV39GPNAA4fFNQtEoq5gVU4O0m0bws2bmQ0nF
AAbucgckXnQ9aKypmH8QmU3EyvqcWzDJoJxOdH2gG4PsuatEk57jUP0LIb9rh5FO
g+gDC0pa7v76Vl4IwKSZYLjJGmdX
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:59 2024 by rpki-client on console-fra.rpki-client.org