Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/wWmkcq48DYk3sHUPfKDYrzj4JbQ.roa
File: wWmkcq48DYk3sHUPfKDYrzj4JbQ.roa (raw, json)
Hash identifier: 9EhbrAiR+Bkjgxx/xh1wIuishrQwEXN89mLxCYdAb5c=
Subject key identifier: C1:69:A4:72:AE:3C:0D:89:37:B0:75:0F:7C:A0:D8:AF:38:F8:25:B4
Certificate issuer: /CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Certificate serial: 0185700B9AB48FB70E25B80847885A0A3B8E
Authority key identifier: 99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/wWmkcq48DYk3sHUPfKDYrzj4JbQ.roa
Signing time: Mon 02 Jan 2023 01:14:46 +0000
ROA not before: Mon 02 Jan 2023 01:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34762
IP address blocks: 185.194.84.0/23 maxlen: 24
91.230.171.0/24 maxlen: 24
91.230.170.0/24 maxlen: 24
91.230.178.0/24 maxlen: 24
91.230.177.0/24 maxlen: 24
91.230.176.0/24 maxlen: 24
194.213.114.0/23 maxlen: 24
194.213.115.0/24 maxlen: 24
194.213.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:0b:9a:b4:8f:b7:0e:25:b8:08:47:88:5a:0a:3b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Validity
Not Before: Jan 2 01:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c169a472ae3c0d8937b0750f7ca0d8af38f825b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2a:20:34:12:64:92:bb:97:5f:a3:83:69:db:
69:e3:60:5f:8f:d0:89:9a:57:9f:c9:d0:50:66:7b:
63:6f:26:91:90:05:e2:fa:0d:a4:a0:7f:d0:c1:f6:
12:50:65:e8:14:e7:da:8b:fd:3d:2c:31:8d:d6:8b:
80:67:89:4f:01:bc:00:39:ac:e3:16:4a:37:98:58:
02:c8:c4:ac:d5:a3:38:9b:d9:74:f8:b3:e3:7a:8c:
e5:62:9a:24:3c:a6:ac:1f:af:1e:52:24:be:7d:aa:
ae:98:17:b6:f0:1f:a8:ce:e8:e5:50:a5:ae:54:ee:
92:54:94:5d:11:ee:b8:02:55:2d:d2:b6:0a:90:93:
af:11:39:5d:8f:ff:f2:3e:6a:68:f3:4a:72:59:84:
c2:9a:0a:a6:af:d0:3c:db:fd:ea:27:74:73:52:d4:
27:5c:35:af:fb:1f:1a:af:72:43:3e:cc:09:08:06:
f0:c8:67:55:f8:df:2b:cd:b0:b4:8d:20:f6:20:3d:
e5:ed:09:0b:c5:85:02:a1:49:3c:65:83:d3:f2:de:
38:d6:30:a0:31:63:2a:83:72:4b:cd:d0:6f:27:81:
5c:5d:ba:1d:43:6c:ed:ec:57:db:3c:cc:fd:42:4a:
ce:f1:71:f7:c2:63:c5:a7:4e:0f:51:d0:60:68:29:
ad:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:69:A4:72:AE:3C:0D:89:37:B0:75:0F:7C:A0:D8:AF:38:F8:25:B4
X509v3 Authority Key Identifier:
keyid:99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/wWmkcq48DYk3sHUPfKDYrzj4JbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/maLC7PWMRLNaDaKVf_TcouYLaGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.170.0/23
91.230.176.0-91.230.178.255
185.194.84.0/23
194.213.114.0/23
Signature Algorithm: sha256WithRSAEncryption
09:8b:38:bc:13:2f:64:0a:0c:77:fc:ae:10:2d:b4:95:a1:e0:
ed:1b:2f:20:6c:fb:0e:ce:a1:e8:91:ad:93:ab:61:75:be:ed:
1a:b7:6f:91:00:19:f9:6d:e4:35:86:64:db:06:f5:e9:4b:37:
71:bc:ff:ac:b7:ec:c6:b2:4f:ee:20:71:a1:74:8d:73:23:b7:
f9:26:d7:ae:49:b8:e2:07:d7:9e:c9:37:de:32:9d:cf:b3:d0:
bf:b6:78:92:cb:a1:fb:af:d8:d6:d8:9e:38:83:91:57:ae:52:
e5:f4:87:52:1b:72:52:11:83:cd:e4:db:07:22:fa:3c:b1:c9:
69:12:00:2a:a1:a8:7f:19:0a:d5:df:35:7b:a4:fc:00:c4:c2:
d6:b6:ed:13:94:d7:9b:bb:76:eb:b2:30:a8:67:ff:08:6a:5c:
c7:cc:e1:87:41:79:c0:36:8b:e4:7c:43:e4:f0:de:46:b5:23:
89:b6:c3:7b:84:5e:9f:ed:79:26:68:1c:7b:3e:0a:b4:cf:08:
66:37:0d:a3:2c:2d:6b:82:0f:10:00:c9:ca:f3:a0:71:54:08:
a1:78:de:72:74:93:f2:0e:ef:3b:7c:7a:be:ac:46:11:d4:0d:
42:c8:18:78:73:a4:ef:e8:2d:28:3c:cb:76:61:37:21:5d:33:
e3:a0:cd:61
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVwC5q0j7cOJbgIR4haCjuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTJjMmVjZjU4YzQ0YjM1YTBkYTI5NTdmZjRkY2EyZTYw
YjY4NmEwHhcNMjMwMTAyMDExNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTY5YTQ3MmFlM2MwZDg5MzdiMDc1MGY3Y2EwZDhhZjM4ZjgyNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiogNBJkkruXX6ODadtp42Bfj9CJ
mlefydBQZntjbyaRkAXi+g2koH/QwfYSUGXoFOfai/09LDGN1ouAZ4lPAbwAOazj
Fko3mFgCyMSs1aM4m9l0+LPjeozlYpokPKasH68eUiS+faqumBe28B+ozujlUKWu
VO6SVJRdEe64AlUt0rYKkJOvETldj//yPmpo80pyWYTCmgqmr9A82/3qJ3RzUtQn
XDWv+x8ar3JDPswJCAbwyGdV+N8rzbC0jSD2ID3l7QkLxYUCoUk8ZYPT8t441jCg
MWMqg3JLzdBvJ4FcXbodQ2zt7FfbPMz9QkrO8XH3wmPFp04PUdBgaCmtZQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMFppHKuPA2JN7B1D3yg2K84+CW0MB8GA1UdIwQY
MBaAFJmiwuz1jESzWg2ilX/03KLmC2hqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFMQzdQV01STE5hRGFLVmZfVGNvdVlMYUdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iYTk2NzQtZTU3MS00ZTM1LWFiMjAt
ZTVkNTA3YTgyNmJmLzEvd1dta2NxNDhEWWszc0hVUGZLRFlyemo0SmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iYTk2NzQtZTU3MS00ZTM1LWFiMjAtZTVkNTA3YTgyNmJm
LzEvbWFMQzdQV01STE5hRGFLVmZfVGNvdVlMYUdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBW+aqMAwD
BARb5rADBABb5rIDBAG5wlQDBAHC1XIwDQYJKoZIhvcNAQELBQADggEBAAmLOLwT
L2QKDHf8rhAttJWh4O0bLyBs+w7OoeiRrZOrYXW+7Rq3b5EAGflt5DWGZNsG9elL
N3G8/6y37MayT+4gcaF0jXMjt/km165JuOIH157JN94ync+z0L+2eJLLofuv2NbY
njiDkVeuUuX0h1IbclIRg83k2wci+jyxyWkSACqhqH8ZCtXfNXuk/ADEwta27ROU
15u7duuyMKhn/whqXMfM4YdBecA2i+R8Q+Tw3ka1I4m2w3uEXp/teSZoHHs+CrTP
CGY3DaMsLWuCDxAAycrzoHFUCKF43nJ0k/IO7zt8er6sRhHUDULIGHhzpO/oLSg8
y3ZhNyFdM+OgzWE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:04 2024 by rpki-client on console-ams.rpki-client.org