Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/W2GBb6B7nFV45Q5b8YMLtG1nFzc.roa
File: W2GBb6B7nFV45Q5b8YMLtG1nFzc.roa (raw, json)
Hash identifier: lyiTW7+3sgv+V2n6fWH57G7vb9HtL0TRSPHZrIribXk=
Subject key identifier: 5B:61:81:6F:A0:7B:9C:55:78:E5:0E:5B:F1:83:0B:B4:6D:67:17:37
Certificate issuer: /CN=4ab6d7c468d092c921314d66473cfa53851cd686
Certificate serial: 01880AC78A8E16132E6065B7BD63AFA47854
Authority key identifier: 4A:B6:D7:C4:68:D0:92:C9:21:31:4D:66:47:3C:FA:53:85:1C:D6:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SrbXxGjQkskhMU1mRzz6U4Uc1oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/W2GBb6B7nFV45Q5b8YMLtG1nFzc.roa
Signing time: Thu 11 May 2023 12:27:09 +0000
ROA not before: Thu 11 May 2023 12:27:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35047
IP address blocks: 92.60.16.0/20 maxlen: 20
77.242.16.0/20 maxlen: 20
77.242.18.0/23 maxlen: 23
77.242.20.0/24 maxlen: 24
77.242.22.0/23 maxlen: 23
77.242.21.0/24 maxlen: 24
77.242.24.0/24 maxlen: 24
77.242.31.0/24 maxlen: 24
77.242.29.0/24 maxlen: 24
77.242.28.0/22 maxlen: 22
77.242.30.0/24 maxlen: 24
77.242.25.0/24 maxlen: 24
77.242.26.0/24 maxlen: 24
109.236.32.0/20 maxlen: 20
185.55.150.0/24 maxlen: 24
185.55.148.0/22 maxlen: 24
185.9.44.0/22 maxlen: 24
31.44.64.0/20 maxlen: 20
31.44.68.0/22 maxlen: 22
80.91.117.0/24 maxlen: 24
80.91.116.0/24 maxlen: 24
31.44.72.0/22 maxlen: 22
80.91.112.0/20 maxlen: 24
80.91.120.0/21 maxlen: 24
80.91.122.0/24 maxlen: 24
80.91.123.0/24 maxlen: 24
80.91.127.0/24 maxlen: 24
80.91.126.0/24 maxlen: 24
2a01:4f00:2233::/48 maxlen: 48
2a01:4f00::/32 maxlen: 32
2a01:4f00::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0a:c7:8a:8e:16:13:2e:60:65:b7:bd:63:af:a4:78:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ab6d7c468d092c921314d66473cfa53851cd686
Validity
Not Before: May 11 12:27:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b61816fa07b9c5578e50e5bf1830bb46d671737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:66:70:ca:9e:9e:9d:5b:ce:19:a2:11:af:9c:
52:26:43:91:d6:6f:97:31:19:4e:67:3c:6f:fd:99:
89:44:c2:a5:f4:0e:71:2c:38:34:19:6b:22:06:ea:
d9:df:5a:62:b2:cb:47:7a:41:f1:4d:f7:3d:72:e1:
29:ac:96:f0:a1:b5:7f:44:35:2d:28:01:70:2e:13:
cc:13:da:9b:80:9a:91:cf:6f:19:c3:26:25:8d:8d:
4d:73:b0:4a:d5:42:e8:b6:88:13:2d:13:2a:82:b0:
16:d0:36:cd:dd:f5:ee:0c:6b:09:5f:1e:0b:3c:be:
6f:35:01:ba:67:e5:74:55:58:85:99:e2:30:d1:da:
43:9b:68:ff:a8:a1:40:27:ce:5d:19:8b:cc:fc:82:
a8:72:c4:f9:c1:c4:24:80:eb:7e:b7:f6:44:92:6e:
41:51:34:74:03:ec:b6:24:62:4e:92:d3:b5:d7:14:
e8:67:07:0c:5b:f8:e4:d0:9d:b5:97:72:95:87:85:
ff:72:07:c0:aa:21:c8:b2:a4:05:c4:ca:3f:42:4c:
b0:63:1c:bf:64:ea:38:f4:0b:0a:ed:54:bc:eb:31:
b3:99:65:cd:77:94:28:4d:51:4c:0c:f5:05:b1:19:
90:45:e5:9e:5e:fc:f0:4f:d5:fa:cf:0c:b7:c0:9f:
8c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:61:81:6F:A0:7B:9C:55:78:E5:0E:5B:F1:83:0B:B4:6D:67:17:37
X509v3 Authority Key Identifier:
keyid:4A:B6:D7:C4:68:D0:92:C9:21:31:4D:66:47:3C:FA:53:85:1C:D6:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SrbXxGjQkskhMU1mRzz6U4Uc1oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/W2GBb6B7nFV45Q5b8YMLtG1nFzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/SrbXxGjQkskhMU1mRzz6U4Uc1oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.64.0/20
77.242.16.0/20
80.91.112.0/20
92.60.16.0/20
109.236.32.0/20
185.9.44.0/22
185.55.148.0/22
IPv6:
2a01:4f00::/32
Signature Algorithm: sha256WithRSAEncryption
86:3f:aa:48:6f:d6:d3:22:c6:dd:99:c6:77:78:4e:a9:3e:2a:
c7:b4:4a:80:fb:10:1d:24:b9:de:0d:10:4e:6d:11:05:f8:c1:
2a:6b:f4:99:b7:14:6e:37:91:99:72:62:8d:34:8f:de:0a:cb:
f0:1a:83:52:f4:8f:0d:a3:1e:5d:1d:96:db:d9:e3:bd:53:c3:
75:ce:ab:6e:12:a6:c1:87:bd:c2:be:9b:72:3c:b4:d4:fd:87:
a7:8d:4d:50:41:8c:fd:e1:df:f8:49:0b:6a:5b:25:e0:cc:67:
89:fa:71:33:fe:2a:7c:8d:45:e4:85:2d:c5:13:db:c6:95:de:
69:91:ba:63:d0:ae:13:ae:a3:9c:8a:fe:4e:e2:91:50:d4:a2:
42:e0:87:92:90:f2:13:f3:d6:db:65:2d:00:6b:ca:7b:61:a4:
bb:55:22:96:0f:27:cc:b0:15:a0:14:39:d0:bd:d7:a5:c1:d0:
81:5c:f8:6a:13:c3:12:79:7f:68:19:52:1d:34:99:c5:f8:d9:
b4:76:34:d9:25:77:3b:44:9b:8b:4f:d4:91:9c:71:e8:ee:f1:
30:4a:c0:88:49:55:45:d3:53:f7:58:53:af:9d:6f:8c:30:75:
cf:41:60:50:29:d3:50:1e:c4:37:06:9f:33:09:63:3f:41:72:
64:b2:55:0e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYgKx4qOFhMuYGW3vWOvpHhUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYjZkN2M0NjhkMDkyYzkyMTMxNGQ2NjQ3M2NmYTUzODUx
Y2Q2ODYwHhcNMjMwNTExMTIyNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjYxODE2ZmEwN2I5YzU1NzhlNTBlNWJmMTgzMGJiNDZkNjcxNzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWZwyp6enVvOGaIRr5xSJkOR1m+X
MRlOZzxv/ZmJRMKl9A5xLDg0GWsiBurZ31pisstHekHxTfc9cuEprJbwobV/RDUt
KAFwLhPME9qbgJqRz28ZwyYljY1Nc7BK1ULotogTLRMqgrAW0DbN3fXuDGsJXx4L
PL5vNQG6Z+V0VViFmeIw0dpDm2j/qKFAJ85dGYvM/IKocsT5wcQkgOt+t/ZEkm5B
UTR0A+y2JGJOktO11xToZwcMW/jk0J21l3KVh4X/cgfAqiHIsqQFxMo/QkywYxy/
ZOo49AsK7VS86zGzmWXNd5QoTVFMDPUFsRmQReWeXvzwT9X6zwy3wJ+MvQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFthgW+ge5xVeOUOW/GDC7RtZxc3MB8GA1UdIwQY
MBaAFEq218Ro0JLJITFNZkc8+lOFHNaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3JiWHhHalFrc2toTVUxbVJ6ejZVNFVjMW9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy81MGYwOGYtZjkwNy00NGRlLWJlOTQt
MDU3NjRjN2VkYWE3LzEvVzJHQmI2QjduRlY0NVE1YjhZTUx0RzFuRnpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy81MGYwOGYtZjkwNy00NGRlLWJlOTQtMDU3NjRjN2VkYWE3
LzEvU3JiWHhHalFrc2toTVUxbVJ6ejZVNFVjMW9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEHyxAAwQE
TfIQAwQEUFtwAwQEXDwQAwQEbewgAwQCuQksAwQCuTeUMA0EAgACMAcDBQAqAU8A
MA0GCSqGSIb3DQEBCwUAA4IBAQCGP6pIb9bTIsbdmcZ3eE6pPirHtEqA+xAdJLne
DRBObREF+MEqa/SZtxRuN5GZcmKNNI/eCsvwGoNS9I8Nox5dHZbb2eO9U8N1zqtu
EqbBh73CvptyPLTU/YenjU1QQYz94d/4SQtqWyXgzGeJ+nEz/ip8jUXkhS3FE9vG
ld5pkbpj0K4TrqOciv5O4pFQ1KJC4IeSkPIT89bbZS0Aa8p7YaS7VSKWDyfMsBWg
FDnQvdelwdCBXPhqE8MSeX9oGVIdNJnF+Nm0djTZJXc7RJuLT9SRnHHo7vEwSsCI
SVVF01P3WFOvnW+MMHXPQWBQKdNQHsQ3Bp8zCWM/QXJkslUO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:17 2024 by rpki-client on console-fra.rpki-client.org