Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/07ade3-be80-4a87-9617-a16aebb8c9ef/1/WocAYTGX8EBKYKkJYPyS3QzNP7M.roa
File: WocAYTGX8EBKYKkJYPyS3QzNP7M.roa (raw, json)
Hash identifier: /Gtkwr+dIU1X1F63yVwcqne9jOF8B4dwbzrrcN4eiT4=
Subject key identifier: 5A:87:00:61:31:97:F0:40:4A:60:A9:09:60:FC:92:DD:0C:CD:3F:B3
Certificate issuer: /CN=cac8e29f35583b5b2a9673dd76a25903b35ec593
Certificate serial: 01904BC4D994831C8F76BE5C7BCB8463922C
Authority key identifier: CA:C8:E2:9F:35:58:3B:5B:2A:96:73:DD:76:A2:59:03:B3:5E:C5:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ysjinzVYO1sqlnPddqJZA7NexZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/07ade3-be80-4a87-9617-a16aebb8c9ef/1/WocAYTGX8EBKYKkJYPyS3QzNP7M.roa
Signing time: Mon 24 Jun 2024 19:41:50 +0000
ROA not before: Mon 24 Jun 2024 19:41:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203623
IP address blocks: 185.127.108.0/24 maxlen: 24
185.127.109.0/24 maxlen: 24
185.127.110.0/24 maxlen: 24
185.127.111.0/24 maxlen: 24
2a06:c8c0::/30 maxlen: 30
2a06:c8c4::/30 maxlen: 30
2a06:c8c4:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 27 Jun 2024 09:23:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4b:c4:d9:94:83:1c:8f:76:be:5c:7b:cb:84:63:92:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cac8e29f35583b5b2a9673dd76a25903b35ec593
Validity
Not Before: Jun 24 19:41:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a8700613197f0404a60a90960fc92dd0ccd3fb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:49:e6:aa:c0:6d:cd:be:99:a5:8c:bd:bd:5d:
75:62:18:d8:3c:f3:db:75:7e:43:6a:00:e5:83:bd:
29:2d:b7:d7:6c:c0:b4:ee:8f:77:35:14:71:87:db:
78:26:77:1b:6f:62:c4:f5:8f:3c:83:d9:8c:0b:59:
92:5a:17:7e:ca:26:aa:59:79:11:99:b7:3d:59:05:
a6:29:bb:b7:52:da:b8:32:3a:c9:80:95:0b:fa:9a:
a4:28:23:8d:61:50:73:49:23:d1:06:2d:79:bf:71:
ca:bf:07:6f:d1:f0:2d:c1:e6:42:a0:d8:90:d0:58:
f4:1d:56:05:27:31:af:f8:14:9c:c7:b1:62:78:4e:
2c:00:65:aa:5d:d0:e5:a4:dc:a9:11:97:4b:29:3b:
4f:ed:4c:5a:a3:9c:45:08:f3:94:cd:2c:19:95:0d:
ca:51:fc:87:ac:4a:55:f3:5f:c0:7a:74:e4:42:b0:
fa:87:a5:b4:0f:1d:a7:58:8e:63:09:a7:2b:11:ba:
cb:a6:65:e1:d2:19:11:9c:b5:ef:5c:72:5e:0f:f2:
85:0c:da:fa:78:9f:5e:23:b1:af:4c:b3:6a:c7:bf:
60:a0:35:15:73:d9:af:30:c8:2d:0d:7d:1f:36:0e:
17:60:44:f8:48:0a:e9:9a:7a:12:a7:9d:a0:e2:f3:
bb:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:87:00:61:31:97:F0:40:4A:60:A9:09:60:FC:92:DD:0C:CD:3F:B3
X509v3 Authority Key Identifier:
keyid:CA:C8:E2:9F:35:58:3B:5B:2A:96:73:DD:76:A2:59:03:B3:5E:C5:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ysjinzVYO1sqlnPddqJZA7NexZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/07ade3-be80-4a87-9617-a16aebb8c9ef/1/WocAYTGX8EBKYKkJYPyS3QzNP7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/07ade3-be80-4a87-9617-a16aebb8c9ef/1/ysjinzVYO1sqlnPddqJZA7NexZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.108.0/22
IPv6:
2a06:c8c0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:41:ba:e8:b0:8b:fb:32:a2:4f:e7:a9:1e:32:5c:c7:56:e8:
f2:74:fb:2b:c0:9a:85:cb:36:85:33:61:d5:e4:c9:e7:00:89:
ca:8d:ff:3e:f1:7a:42:7f:95:6b:22:14:89:95:9a:1b:38:9e:
3d:82:d9:c5:95:5a:39:d9:43:28:75:5b:35:0d:5b:89:79:be:
d2:a9:13:da:f4:e4:1b:9b:db:73:87:6b:7e:6f:1b:9f:11:25:
5e:7a:09:7b:34:19:ba:c2:2b:43:2a:22:d5:f3:c0:ae:61:d4:
92:06:99:e3:82:2a:fa:1f:cf:89:ad:0a:2e:93:73:42:b3:05:
fe:18:55:9e:24:5f:f9:1c:84:d3:9b:e5:25:0c:16:94:b3:2c:
bd:83:0b:21:4d:8a:70:3f:4b:9b:f6:4b:b1:71:0a:78:8b:72:
ec:73:96:51:ee:b0:65:ce:dc:d5:38:c4:df:10:c2:f0:35:79:
8f:e4:e3:61:aa:b9:27:fa:29:10:4f:b0:22:25:96:df:06:c7:
54:c0:d6:c0:98:e0:8c:19:81:ac:40:6b:3b:71:22:c9:8e:8c:
99:33:58:24:ea:87:e6:60:c6:33:db:2b:02:01:49:7b:28:e3:
41:1f:57:ed:a9:47:45:d3:00:5a:01:3e:c9:72:3b:49:5f:dd:
04:c2:fb:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZBLxNmUgxyPdr5ce8uEY5IsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYzhlMjlmMzU1ODNiNWIyYTk2NzNkZDc2YTI1OTAzYjM1
ZWM1OTMwHhcNMjQwNjI0MTk0MTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTg3MDA2MTMxOTdmMDQwNGE2MGE5MDk2MGZjOTJkZDBjY2QzZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoknmqsBtzb6ZpYy9vV11YhjYPPPb
dX5DagDlg70pLbfXbMC07o93NRRxh9t4Jncbb2LE9Y88g9mMC1mSWhd+yiaqWXkR
mbc9WQWmKbu3Utq4MjrJgJUL+pqkKCONYVBzSSPRBi15v3HKvwdv0fAtweZCoNiQ
0Fj0HVYFJzGv+BScx7FieE4sAGWqXdDlpNypEZdLKTtP7Uxao5xFCPOUzSwZlQ3K
UfyHrEpV81/AenTkQrD6h6W0Dx2nWI5jCacrEbrLpmXh0hkRnLXvXHJeD/KFDNr6
eJ9eI7GvTLNqx79goDUVc9mvMMgtDX0fNg4XYET4SArpmnoSp52g4vO7awIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFqHAGExl/BASmCpCWD8kt0MzT+zMB8GA1UdIwQY
MBaAFMrI4p81WDtbKpZz3XaiWQOzXsWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXNqaW56VllPMXNxbG5QZGRxSlpBN05leFpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8wN2FkZTMtYmU4MC00YTg3LTk2MTct
YTE2YWViYjhjOWVmLzEvV29jQVlUR1g4RUJLWUtrSllQeVMzUXpOUDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8wN2FkZTMtYmU4MC00YTg3LTk2MTctYTE2YWViYjhjOWVm
LzEveXNqaW56VllPMXNxbG5QZGRxSlpBN05leFpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuX9sMA0E
AgACMAcDBQMqBsjAMA0GCSqGSIb3DQEBCwUAA4IBAQCLQbrosIv7MqJP56keMlzH
VujydPsrwJqFyzaFM2HV5MnnAInKjf8+8XpCf5VrIhSJlZobOJ49gtnFlVo52UMo
dVs1DVuJeb7SqRPa9OQbm9tzh2t+bxufESVeegl7NBm6witDKiLV88CuYdSSBpnj
gir6H8+JrQouk3NCswX+GFWeJF/5HITTm+UlDBaUsyy9gwshTYpwP0ub9kuxcQp4
i3Lsc5ZR7rBlztzVOMTfEMLwNXmP5ONhqrkn+ikQT7AiJZbfBsdUwNbAmOCMGYGs
QGs7cSLJjoyZM1gk6ofmYMYz2ysCAUl7KONBH1ftqUdF0wBaAT7JcjtJX90Ewvv+
-----END CERTIFICATE-----
Generated at Thu Jun 27 13:47:36 2024 by rpki-client on console-fra.rpki-client.org