Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/wgFMA2Z5JOs91ilYsSRVPpn9a98.roa
File: wgFMA2Z5JOs91ilYsSRVPpn9a98.roa (raw, json)
Hash identifier: pGIVuhyBZdC52T8hKJBuPMJeZRqvSvvGVO6NxVP4tc0=
Subject key identifier: C2:01:4C:03:66:79:24:EB:3D:D6:29:58:B1:24:55:3E:99:FD:6B:DF
Certificate issuer: /CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Certificate serial: 018CC348F2576BAABD5F37FF560BAA522905
Authority key identifier: 8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/wgFMA2Z5JOs91ilYsSRVPpn9a98.roa
Signing time: Mon 01 Jan 2024 04:29:46 +0000
ROA not before: Mon 01 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 91.209.254.0/24 maxlen: 24
185.156.84.0/24 maxlen: 24
185.156.85.0/24 maxlen: 24
91.221.58.0/24 maxlen: 24
91.221.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 12:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f2:57:6b:aa:bd:5f:37:ff:56:0b:aa:52:29:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Validity
Not Before: Jan 1 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2014c03667924eb3dd62958b124553e99fd6bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c6:a9:02:39:57:ca:cb:17:f7:98:41:55:b9:
d1:25:6c:48:48:12:ce:c1:fe:88:82:a3:9f:59:9e:
6e:bf:f6:c7:69:0b:11:c4:aa:51:63:72:8b:1c:d6:
33:11:9b:55:f6:57:07:de:3f:f9:05:9d:74:20:92:
8a:e4:73:48:8d:85:b9:18:21:df:64:06:7e:0a:9a:
1d:a4:1c:60:ee:9b:e6:dc:cf:1e:88:8e:6f:91:cf:
d7:bb:aa:f6:21:83:31:1b:e2:7b:3a:3c:90:31:14:
92:81:83:f1:2e:c2:39:bc:58:74:5b:01:38:9b:dd:
11:77:ba:5d:22:74:11:f3:c7:00:da:54:78:a7:44:
6b:e8:35:d4:19:30:aa:7d:ec:40:8c:42:4e:1c:a6:
49:44:4b:d9:c2:42:d8:7e:9b:87:01:b9:4b:5d:a3:
d1:aa:1c:17:95:46:71:a8:db:1a:20:8a:0e:48:4f:
97:85:5d:16:70:82:ae:22:07:4a:20:31:e7:ef:df:
55:24:3d:36:7e:65:5e:a2:32:73:e3:b0:0c:ef:74:
82:75:58:9b:06:90:31:20:3f:0a:6b:d7:b0:3d:ef:
2b:ce:c6:42:0c:7d:96:f1:58:2b:18:95:37:c7:20:
8f:43:0d:e3:56:47:76:90:c7:6f:9a:c7:b5:c3:2f:
f6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:01:4C:03:66:79:24:EB:3D:D6:29:58:B1:24:55:3E:99:FD:6B:DF
X509v3 Authority Key Identifier:
keyid:8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/wgFMA2Z5JOs91ilYsSRVPpn9a98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.254.0/24
91.221.58.0/23
185.156.84.0/23
Signature Algorithm: sha256WithRSAEncryption
83:ae:81:26:49:60:2f:e4:5e:af:76:8e:d5:82:b5:6e:c0:bb:
28:cf:f1:b4:b5:05:b7:70:43:37:1f:75:30:f8:2b:40:c2:2f:
63:b9:08:c3:2c:43:15:63:57:ca:d3:96:06:9a:fa:39:0d:d8:
29:f6:df:b6:1a:51:d3:ac:59:fc:8c:9a:bd:16:c7:19:96:57:
e7:07:c4:78:d1:b7:6f:0f:72:89:e7:0a:59:d6:86:eb:4f:b9:
65:1c:4e:05:84:4d:3a:1d:4d:c7:9a:7a:7d:7d:30:17:54:58:
e4:23:e3:72:b2:05:51:c1:10:dc:25:bd:27:cd:9b:34:e6:a5:
37:6d:f7:83:1c:23:f3:1f:bd:8c:5a:a8:01:7d:1e:11:8d:df:
c3:cc:66:a9:96:2f:35:b2:c4:6d:2a:3d:f4:17:45:6d:82:fa:
ec:07:50:7e:94:f9:c6:ef:a3:65:7b:f4:4e:ad:13:e2:22:df:
c0:94:d9:5f:7b:ab:36:d2:9d:61:ee:a3:f8:1d:a7:e1:7b:f6:
af:53:38:47:ce:06:a0:e2:ac:aa:8b:0d:e4:b3:b2:7c:43:2b:
a2:7f:7a:b7:6e:8b:05:8e:f2:e1:24:17:f5:6c:9a:03:70:d9:
01:b1:fb:4e:c5:a8:ef:4a:29:a5:24:99:5e:87:51:d3:f6:b2:
a2:d5:c8:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSPJXa6q9Xzf/VguqUikFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZmYxYjBjZTlmNDg2YTY3ZTYzZDNmMGQwZTY4OGEyNGY3
MDBjN2MwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjAxNGMwMzY2NzkyNGViM2RkNjI5NThiMTI0NTUzZTk5ZmQ2YmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocapAjlXyssX95hBVbnRJWxISBLO
wf6IgqOfWZ5uv/bHaQsRxKpRY3KLHNYzEZtV9lcH3j/5BZ10IJKK5HNIjYW5GCHf
ZAZ+CpodpBxg7pvm3M8eiI5vkc/Xu6r2IYMxG+J7OjyQMRSSgYPxLsI5vFh0WwE4
m90Rd7pdInQR88cA2lR4p0Rr6DXUGTCqfexAjEJOHKZJREvZwkLYfpuHAblLXaPR
qhwXlUZxqNsaIIoOSE+XhV0WcIKuIgdKIDHn799VJD02fmVeojJz47AM73SCdVib
BpAxID8Ka9ewPe8rzsZCDH2W8VgrGJU3xyCPQw3jVkd2kMdvmse1wy/2uQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMIBTANmeSTrPdYpWLEkVT6Z/WvfMB8GA1UdIwQY
MBaAFI3/Gwzp9IamfmPT8NDmiKJPcAx8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEt
ZDg3YjcwMjZhM2ZmLzEvd2dGTUEyWjVKT3M5MWlsWXNTUlZQcG45YTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEtZDg3YjcwMjZhM2Zm
LzEvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9H+AwQB
W906AwQBuZxUMA0GCSqGSIb3DQEBCwUAA4IBAQCDroEmSWAv5F6vdo7VgrVuwLso
z/G0tQW3cEM3H3Uw+CtAwi9juQjDLEMVY1fK05YGmvo5Ddgp9t+2GlHTrFn8jJq9
FscZllfnB8R40bdvD3KJ5wpZ1obrT7llHE4FhE06HU3Hmnp9fTAXVFjkI+NysgVR
wRDcJb0nzZs05qU3bfeDHCPzH72MWqgBfR4Rjd/DzGapli81ssRtKj30F0Vtgvrs
B1B+lPnG76Nle/ROrRPiIt/AlNlfe6s20p1h7qP4Hafhe/avUzhHzgag4qyqiw3k
s7J8Qyuif3q3bosFjvLhJBf1bJoDcNkBsftOxajvSimlJJleh1HT9rKi1chs
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:00 2025 by rpki-client