Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/WFzU_vBdeCeTLY8szMO0kGOLvV0.roa
File: WFzU_vBdeCeTLY8szMO0kGOLvV0.roa (raw, json)
Hash identifier: FVBPYysvD25gCZlJzfbpM/2Urxj9D8vsWtfvVFksSNw=
Subject key identifier: 58:5C:D4:FE:F0:5D:78:27:93:2D:8F:2C:CC:C3:B4:90:63:8B:BD:5D
Certificate issuer: /CN=ae501827144a3188bea1ccee58656fd6429d8f95
Certificate serial: 018CC56EE524D9C438A9411FF76784438F91
Authority key identifier: AE:50:18:27:14:4A:31:88:BE:A1:CC:EE:58:65:6F:D6:42:9D:8F:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rlAYJxRKMYi-oczuWGVv1kKdj5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/WFzU_vBdeCeTLY8szMO0kGOLvV0.roa
Signing time: Mon 01 Jan 2024 14:30:28 +0000
ROA not before: Mon 01 Jan 2024 14:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48152
IP address blocks: 185.173.76.0/22 maxlen: 24
137.221.32.0/19 maxlen: 24
2a0b:3d00::/30 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Jan 2024 17:14:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:e5:24:d9:c4:38:a9:41:1f:f7:67:84:43:8f:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae501827144a3188bea1ccee58656fd6429d8f95
Validity
Not Before: Jan 1 14:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=585cd4fef05d7827932d8f2cccc3b490638bbd5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c2:d5:5b:5b:65:24:9a:b5:b0:b0:fa:f7:3f:
9d:cc:c1:1e:ac:b9:01:54:12:59:c8:ba:86:38:34:
cf:a1:83:e0:80:a4:1f:56:6d:af:72:73:b8:1d:b1:
f7:03:7e:e8:92:6a:63:91:4c:53:95:6f:a7:42:57:
ab:31:12:48:cc:a2:e4:65:62:0a:29:bb:85:84:b5:
10:b9:36:b6:31:46:3d:7d:bb:08:71:7d:4f:29:90:
b7:0a:4a:28:04:97:45:bc:80:ee:38:1a:99:95:89:
b8:18:b4:08:ff:ad:cd:27:c7:23:cc:65:3e:46:d8:
28:67:b8:bb:e3:28:32:8a:ba:d3:90:d7:e7:0a:6d:
05:77:f2:df:18:b2:df:36:21:ae:ef:ad:d7:99:9c:
62:d9:ba:44:9f:bc:b9:84:0b:c0:97:3f:45:7f:0a:
12:30:e5:34:d4:93:76:11:7c:aa:44:c2:65:f5:f4:
5a:74:ca:3f:68:df:eb:2b:69:28:eb:bf:32:65:a7:
62:4c:5c:17:38:4d:8b:50:b6:4d:04:b5:d3:f1:4a:
67:ab:e3:d9:92:22:14:78:a8:2e:9f:d4:a2:b6:3a:
65:fb:c6:33:16:d1:c0:eb:e9:f8:a7:b3:87:32:bb:
a6:c4:95:d9:35:84:8e:63:2b:70:ca:9e:67:c6:a2:
9d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:5C:D4:FE:F0:5D:78:27:93:2D:8F:2C:CC:C3:B4:90:63:8B:BD:5D
X509v3 Authority Key Identifier:
keyid:AE:50:18:27:14:4A:31:88:BE:A1:CC:EE:58:65:6F:D6:42:9D:8F:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rlAYJxRKMYi-oczuWGVv1kKdj5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/WFzU_vBdeCeTLY8szMO0kGOLvV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/rlAYJxRKMYi-oczuWGVv1kKdj5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.221.32.0/19
185.173.76.0/22
IPv6:
2a0b:3d00::/30
Signature Algorithm: sha256WithRSAEncryption
c2:f5:16:cd:7f:b1:61:4f:d6:10:84:2e:62:34:eb:74:3a:0d:
59:2f:ea:3a:c5:f0:40:f1:70:1c:86:bb:56:60:99:7c:86:82:
b8:4a:27:49:37:5e:a1:08:e2:55:fa:23:d3:ee:da:d1:0d:04:
b0:21:a1:eb:16:fe:ae:35:96:8b:2b:45:11:f8:b3:0e:b4:63:
a0:3d:f3:98:32:8f:3e:95:d7:b1:09:aa:bd:68:5d:51:ef:bf:
96:18:d1:57:29:e7:f3:da:48:98:90:1a:a0:c1:c4:fa:0c:1c:
97:5c:51:b3:0a:56:5a:81:a6:c0:f9:fc:4f:43:33:ad:cf:d1:
16:8b:5a:9c:f4:72:3d:59:a6:b1:0e:e0:5b:14:5e:8e:bf:7f:
07:e1:4d:e6:e4:35:aa:f5:c1:a2:14:dc:6d:d8:84:96:68:c7:
f2:89:de:b3:9b:91:3a:38:6f:10:fa:0b:8a:e7:ea:ac:28:d4:
49:26:7d:df:c6:08:f2:a3:9b:ff:05:11:fc:41:b6:7e:a4:01:
20:bf:eb:63:79:5f:38:f9:da:dc:dc:4e:61:97:ba:92:d8:a1:
03:1e:02:7b:d9:6c:4c:d0:a3:45:7d:c7:a1:31:15:69:95:17:
41:9f:fb:77:dd:81:8a:20:b7:a3:12:b3:fa:8b:66:50:87:42:
63:d6:ab:7c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbuUk2cQ4qUEf92eEQ4+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNTAxODI3MTQ0YTMxODhiZWExY2NlZTU4NjU2ZmQ2NDI5
ZDhmOTUwHhcNMjQwMTAxMTQzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODVjZDRmZWYwNWQ3ODI3OTMyZDhmMmNjY2MzYjQ5MDYzOGJiZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsLVW1tlJJq1sLD69z+dzMEerLkB
VBJZyLqGODTPoYPggKQfVm2vcnO4HbH3A37okmpjkUxTlW+nQlerMRJIzKLkZWIK
KbuFhLUQuTa2MUY9fbsIcX1PKZC3CkooBJdFvIDuOBqZlYm4GLQI/63NJ8cjzGU+
RtgoZ7i74ygyirrTkNfnCm0Fd/LfGLLfNiGu763XmZxi2bpEn7y5hAvAlz9FfwoS
MOU01JN2EXyqRMJl9fRadMo/aN/rK2ko678yZadiTFwXOE2LULZNBLXT8Upnq+PZ
kiIUeKgun9Sitjpl+8YzFtHA6+n4p7OHMrumxJXZNYSOYytwyp5nxqKdUwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFhc1P7wXXgnky2PLMzDtJBji71dMB8GA1UdIwQY
MBaAFK5QGCcUSjGIvqHM7lhlb9ZCnY+VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmxBWUp4UktNWWktb2N6dVdHVnYxa0tkajVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81ZjU2YWYtZWJmYi00Yzg4LWEwODIt
MDk4NmQ4YjBjNmQ5LzEvV0Z6VV92QmRlQ2VUTFk4c3pNTzBrR09MdlYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81ZjU2YWYtZWJmYi00Yzg4LWEwODItMDk4NmQ4YjBjNmQ5
LzEvcmxBWUp4UktNWWktb2N6dVdHVnYxa0tkajVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFid0gAwQC
ua1MMA0EAgACMAcDBQIqCz0AMA0GCSqGSIb3DQEBCwUAA4IBAQDC9RbNf7FhT9YQ
hC5iNOt0Og1ZL+o6xfBA8XAchrtWYJl8hoK4SidJN16hCOJV+iPT7trRDQSwIaHr
Fv6uNZaLK0UR+LMOtGOgPfOYMo8+ldexCaq9aF1R77+WGNFXKefz2kiYkBqgwcT6
DByXXFGzClZagabA+fxPQzOtz9EWi1qc9HI9WaaxDuBbFF6Ov38H4U3m5DWq9cGi
FNxt2ISWaMfyid6zm5E6OG8Q+guK5+qsKNRJJn3fxgjyo5v/BRH8QbZ+pAEgv+tj
eV84+drc3E5hl7qS2KEDHgJ72WxM0KNFfcehMRVplRdBn/t33YGKILejErP6i2ZQ
h0Jj1qt8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:54 2024 by rpki-client on console-ams.rpki-client.org