Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/wKBc4NWPCxF4-AhZJ5iHW2OuZGA.roa
File: wKBc4NWPCxF4-AhZJ5iHW2OuZGA.roa (raw, json)
Hash identifier: n6qEQ0L6UBELl6RxgTDpIY4ir7yxhLnOPBpY8Ty4hgo=
Subject key identifier: C0:A0:5C:E0:D5:8F:0B:11:78:F8:08:59:27:98:87:5B:63:AE:64:60
Certificate issuer: /CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Certificate serial: 01856DEF61C68990AE4E452476F96E7A90D1
Authority key identifier: 8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/wKBc4NWPCxF4-AhZJ5iHW2OuZGA.roa
Signing time: Sun 01 Jan 2023 15:24:42 +0000
ROA not before: Sun 01 Jan 2023 15:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3330
IP address blocks: 194.112.192.0/18 maxlen: 18
62.249.64.0/18 maxlen: 18
194.112.128.0/18 maxlen: 18
193.186.161.0/24 maxlen: 24
185.92.100.0/22 maxlen: 22
2a02:5e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:61:c6:89:90:ae:4e:45:24:76:f9:6e:7a:90:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Validity
Not Before: Jan 1 15:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0a05ce0d58f0b1178f808592798875b63ae6460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:9a:de:f9:b0:85:48:af:a0:8b:11:d0:6a:dd:
cb:35:7d:46:2e:28:42:32:3b:46:31:69:e6:de:92:
79:65:9a:b1:e1:f0:fb:81:4b:bf:d4:49:8f:c9:8e:
76:8b:17:af:e9:6e:30:44:12:d2:3b:e4:34:5f:13:
7b:9f:d4:80:de:fe:e2:d9:bc:5e:c7:99:4d:29:ea:
8c:64:a6:51:fc:ec:0d:a9:43:ff:62:d3:1a:aa:f4:
50:17:70:92:aa:38:c5:b3:15:9e:a0:3b:5b:6d:52:
04:f0:27:43:b0:b1:0a:c9:28:57:af:03:e1:fc:df:
18:65:4c:10:58:86:4d:d0:07:83:ad:b4:2f:96:3b:
3d:47:30:11:68:5c:29:bf:07:9f:dc:78:9b:ce:61:
16:32:02:16:c6:7a:a4:0c:93:39:9e:f8:55:1a:28:
04:41:42:b5:71:40:c0:40:38:7f:71:44:77:89:97:
f0:37:2f:a5:03:ca:80:44:72:dc:4e:78:ca:5e:db:
5a:93:bc:f6:eb:ed:75:ba:57:58:1e:1f:92:bd:4b:
e3:40:2a:6b:f1:a0:99:b3:d0:53:8e:a8:38:70:f5:
65:14:96:3f:7a:23:bf:27:a0:d6:c9:7c:9a:56:a8:
25:5b:b3:a5:9d:20:8c:66:72:3c:4e:36:0c:66:95:
ae:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:A0:5C:E0:D5:8F:0B:11:78:F8:08:59:27:98:87:5B:63:AE:64:60
X509v3 Authority Key Identifier:
keyid:8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/wKBc4NWPCxF4-AhZJ5iHW2OuZGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.249.64.0/18
185.92.100.0/22
193.186.161.0/24
194.112.128.0/17
IPv6:
2a02:5e0::/32
Signature Algorithm: sha256WithRSAEncryption
25:55:79:d0:cf:2b:59:f1:2f:af:a5:a3:fb:df:43:7a:e4:30:
e7:5f:c6:1d:14:cc:ae:f7:e6:8d:6e:8d:6c:88:36:88:18:f6:
17:bc:0a:23:ab:f0:ac:81:c8:8b:07:12:07:97:b8:90:3a:b3:
76:78:d5:78:0d:8a:e5:37:82:5c:0c:f1:d5:2f:a0:fd:94:46:
85:1a:fe:e5:23:69:52:22:03:f6:37:8b:56:bf:d0:a4:56:1d:
76:ec:10:d6:22:35:62:86:ff:b6:35:a7:40:eb:d7:ec:9a:ba:
2b:0a:70:88:19:cc:4c:eb:f7:4b:7e:2e:28:e6:3e:bb:f9:bb:
51:ab:65:a2:79:73:c6:80:f3:e5:99:42:a9:fa:88:28:79:11:
32:2c:78:ae:ab:72:17:48:b0:bc:15:50:15:e3:d2:90:45:4e:
0c:8b:7e:f1:d6:c4:99:e3:9f:19:9f:13:68:ce:9b:bc:b0:34:
9d:69:2e:1d:6d:cb:54:cf:99:50:f9:4f:1e:09:b1:50:2d:e4:
44:41:88:fa:1d:83:17:fe:86:f2:06:af:02:e0:a0:c0:ee:7c:
cf:7d:c8:de:d4:8d:dc:97:3a:eb:2d:0c:22:a6:c6:bf:74:4c:
19:7f:96:e0:56:b3:27:69:24:fb:15:ab:59:78:ff:ff:28:0c:
b1:e7:ad:87
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVt72HGiZCuTkUkdvluepDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDI0MDYwM2VjNmViY2Q2MmY3MmQ0NmYxZGMwMGNiN2Ux
ZjBiMmUwHhcNMjMwMTAxMTUyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGEwNWNlMGQ1OGYwYjExNzhmODA4NTkyNzk4ODc1YjYzYWU2NDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Jre+bCFSK+gixHQat3LNX1GLihC
MjtGMWnm3pJ5ZZqx4fD7gUu/1EmPyY52ixev6W4wRBLSO+Q0XxN7n9SA3v7i2bxe
x5lNKeqMZKZR/OwNqUP/YtMaqvRQF3CSqjjFsxWeoDtbbVIE8CdDsLEKyShXrwPh
/N8YZUwQWIZN0AeDrbQvljs9RzARaFwpvwef3HibzmEWMgIWxnqkDJM5nvhVGigE
QUK1cUDAQDh/cUR3iZfwNy+lA8qARHLcTnjKXttak7z26+11uldYHh+SvUvjQCpr
8aCZs9BTjqg4cPVlFJY/eiO/J6DWyXyaVqglW7OlnSCMZnI8TjYMZpWutwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMCgXODVjwsRePgIWSeYh1tjrmRgMB8GA1UdIwQY
MBaAFIrSQGA+xuvNYvctRvHcAMt+HwsuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUt
ZDc2YzhjNzM5ODYxLzEvd0tCYzROV1BDeEY0LUFoWko1aUhXMk91WkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUtZDc2YzhjNzM5ODYx
LzEvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGPvlAAwQC
uVxkAwQAwbqhAwQHwnCAMA0EAgACMAcDBQAqAgXgMA0GCSqGSIb3DQEBCwUAA4IB
AQAlVXnQzytZ8S+vpaP730N65DDnX8YdFMyu9+aNbo1siDaIGPYXvAojq/CsgciL
BxIHl7iQOrN2eNV4DYrlN4JcDPHVL6D9lEaFGv7lI2lSIgP2N4tWv9CkVh127BDW
IjVihv+2NadA69fsmrorCnCIGcxM6/dLfi4o5j67+btRq2WieXPGgPPlmUKp+ogo
eREyLHiuq3IXSLC8FVAV49KQRU4Mi37x1sSZ458ZnxNozpu8sDSdaS4dbctUz5lQ
+U8eCbFQLeREQYj6HYMX/obyBq8C4KDA7nzPfcje1I3clzrrLQwipsa/dEwZf5bg
VrMnaST7FatZeP//KAyx562H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:09 2024 by rpki-client on console-ams.rpki-client.org