Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/1-wEbkniUOe2ltWhSxzgvxRhQUb4.roa
File: 1-wEbkniUOe2ltWhSxzgvxRhQUb4.roa (raw, json)
Hash identifier: fTaQuyAHDo8Jh5iSFlCBtPIy4hZ/CWIajVsA2RCalAI=
Subject key identifier: FB:01:1B:92:78:94:39:ED:A5:B5:68:52:C7:38:2F:C5:18:50:51:BE
Certificate issuer: /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial: 0185BB5BEDCDFE0341E8E52B18C2C21B163B
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/1-wEbkniUOe2ltWhSxzgvxRhQUb4.roa
Signing time: Mon 16 Jan 2023 16:14:01 +0000
ROA not before: Mon 16 Jan 2023 16:14:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15576
IP address blocks: 77.95.120.0/21 maxlen: 21
194.187.88.0/22 maxlen: 24
194.187.88.0/24 maxlen: 24
217.11.208.0/20 maxlen: 20
217.146.160.0/20 maxlen: 20
217.146.165.0/24 maxlen: 24
185.63.149.0/24 maxlen: 24
185.63.148.0/22 maxlen: 22
212.103.64.0/24 maxlen: 24
212.103.64.0/19 maxlen: 19
212.103.65.0/24 maxlen: 24
2a00:c38::/32 maxlen: 32
2a00:c38:1a5::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Apr 2023 06:41:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bb:5b:ed:cd:fe:03:41:e8:e5:2b:18:c2:c2:1b:16:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Validity
Not Before: Jan 16 16:14:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb011b92789439eda5b56852c7382fc5185051be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c5:2e:83:39:e3:29:0c:63:66:36:ee:9c:3c:
8c:17:57:cd:a5:0c:cb:e9:79:ed:f4:d9:17:43:2b:
25:0a:af:53:72:17:90:51:f1:31:8f:a4:88:e2:d9:
91:17:40:d3:c7:fe:e6:f2:94:6e:c0:73:13:4a:ed:
11:07:de:e0:3c:a3:90:58:af:08:3f:67:0b:84:dd:
95:18:e9:fb:6b:81:0b:76:f5:64:90:51:c7:59:c6:
7f:e2:a3:d1:07:ed:e3:3b:f8:7e:c5:39:99:85:8f:
b2:fd:8b:33:a2:4e:ed:d5:90:d2:a4:a4:b9:61:7b:
aa:18:fa:b7:0b:dc:fd:3e:17:96:d0:5c:9c:5d:fc:
1b:ea:d6:87:3b:07:95:97:61:39:6f:e7:e7:fb:27:
73:83:16:c7:5c:94:c4:9c:4f:77:a1:58:48:95:50:
6b:93:80:85:95:0c:5e:97:96:d4:79:02:a8:a1:b9:
4f:e5:bd:98:06:05:af:57:66:15:e7:6d:c5:71:30:
d2:64:2f:e2:21:1d:08:93:1b:30:da:0a:3b:e2:41:
9b:1f:3d:32:a4:14:20:87:72:81:ec:fb:9b:f0:e5:
33:dc:63:f9:53:4a:a4:b0:cd:b1:16:7a:ff:94:0c:
cd:e5:00:cb:a3:6f:89:c1:ba:9d:75:b0:33:be:92:
e6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:01:1B:92:78:94:39:ED:A5:B5:68:52:C7:38:2F:C5:18:50:51:BE
X509v3 Authority Key Identifier:
keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/1-wEbkniUOe2ltWhSxzgvxRhQUb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.120.0/21
185.63.148.0/22
194.187.88.0/22
212.103.64.0/19
217.11.208.0/20
217.146.160.0/20
IPv6:
2a00:c38::/32
Signature Algorithm: sha256WithRSAEncryption
1d:cd:d5:ac:e8:96:41:84:f7:95:e8:26:08:3f:bb:0c:2d:01:
dd:ee:6b:14:74:c6:f9:1e:48:06:8b:02:d7:3c:6d:f8:4d:d5:
1e:e3:18:b7:d4:0e:83:fc:77:ef:db:ee:48:c7:8f:14:84:90:
24:c9:7a:97:95:2a:ff:9d:ae:bd:ad:cb:57:23:94:30:81:90:
9d:6e:96:a1:9c:82:ee:e5:0c:7b:b8:ce:a8:d0:0d:f1:49:d0:
4d:58:c5:5c:78:e3:a8:c4:90:5c:2d:fe:03:ed:27:e0:1b:93:
4a:a4:f7:e4:b0:ec:62:bf:ed:61:25:d5:e9:15:f2:02:14:ee:
f7:45:6a:5c:15:55:7f:ee:80:e0:3c:51:e8:a0:ff:c9:90:73:
89:a4:4f:b6:88:45:73:11:d7:03:5a:6a:36:0a:11:a8:78:51:
70:39:54:40:58:02:85:0f:79:f9:4a:18:9e:55:a1:38:dc:cc:
0e:ee:f8:6e:10:12:8f:99:eb:94:d4:7e:be:96:c7:7d:33:6f:
9a:5b:7c:3d:41:e5:9a:bf:1e:7b:79:8c:a3:58:5c:f1:b2:69:
17:a0:85:57:b6:1f:40:d2:bb:7d:e2:d6:c8:75:dc:1a:e2:61:
b7:cc:de:5c:10:32:26:16:ce:0b:c8:50:fb:b1:74:18:ea:60:
fc:f0:10:e4
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYW7W+3N/gNB6OUrGMLCGxY7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE1Y2M4ZGExZjFiYmYzNDNlMjZhYjIwOGRmOGJiMjZm
ZDUzYWUwHhcNMjMwMTE2MTYxNDAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjAxMWI5Mjc4OTQzOWVkYTViNTY4NTJjNzM4MmZjNTE4NTA1MWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcUugznjKQxjZjbunDyMF1fNpQzL
6Xnt9NkXQyslCq9TcheQUfExj6SI4tmRF0DTx/7m8pRuwHMTSu0RB97gPKOQWK8I
P2cLhN2VGOn7a4ELdvVkkFHHWcZ/4qPRB+3jO/h+xTmZhY+y/Yszok7t1ZDSpKS5
YXuqGPq3C9z9PheW0FycXfwb6taHOweVl2E5b+fn+ydzgxbHXJTEnE93oVhIlVBr
k4CFlQxel5bUeQKooblP5b2YBgWvV2YV523FcTDSZC/iIR0Ikxsw2go74kGbHz0y
pBQgh3KB7Pub8OUz3GP5U0qksM2xFnr/lAzN5QDLo2+JwbqddbAzvpLmDwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPsBG5J4lDntpbVoUsc4L8UYUFG+MB8GA1UdIwQY
MBaAFFgBXMjaHxu/ND4mqyCN+Lsm/VOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYt
OGVlMjFiNzRkZDU2LzEvMS13RWJrbmlVT2UybHRXaFN4emd2eFJoUVViNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTUvZDQxNzVkLTE5MmMtNDE4Yy05NzJmLThlZTIxYjc0ZGQ1
Ni8xL1dBRmN5Tm9mRzc4MFBpYXJJSTM0dXliOVU2NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBMBggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEA01feAME
Ark/lAMEAsK7WAMEBdRnQAMEBNkL0AMEBNmSoDANBAIAAjAHAwUAKgAMODANBgkq
hkiG9w0BAQsFAAOCAQEAHc3VrOiWQYT3legmCD+7DC0B3e5rFHTG+R5IBosC1zxt
+E3VHuMYt9QOg/x379vuSMePFISQJMl6l5Uq/52uva3LVyOUMIGQnW6WoZyC7uUM
e7jOqNAN8UnQTVjFXHjjqMSQXC3+A+0n4BuTSqT35LDsYr/tYSXV6RXyAhTu90Vq
XBVVf+6A4DxR6KD/yZBziaRPtohFcxHXA1pqNgoRqHhRcDlUQFgChQ95+UoYnlWh
ONzMDu74bhASj5nrlNR+vpbHfTNvmlt8PUHlmr8ee3mMo1hc8bJpF6CFV7YfQNK7
feLWyHXcGuJht8zeXBAyJhbOC8hQ+7F0GOpg/PAQ5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:37 2024 by rpki-client on console-fra.rpki-client.org