Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Wjjn4xDyrcAs1wKWG8J6X_N44Vg.roa
File: Wjjn4xDyrcAs1wKWG8J6X_N44Vg.roa (raw, json)
Hash identifier: u97kHrXeVIE+FXd9NjINncq5UOeHpv/JKVYLtM0fnOU=
Subject key identifier: 5A:38:E7:E3:10:F2:AD:C0:2C:D7:02:96:1B:C2:7A:5F:F3:78:E1:58
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CD68352252A5BCF1036C51568202AA00F
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Wjjn4xDyrcAs1wKWG8J6X_N44Vg.roa
Signing time: Thu 04 Jan 2024 22:06:19 +0000
ROA not before: Thu 04 Jan 2024 22:06:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 393427
IP address blocks: 84.234.16.0/20 maxlen: 24
194.88.96.0/21 maxlen: 24
5.35.192.0/21 maxlen: 24
85.204.160.0/22 maxlen: 24
194.88.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 04:40:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d6:83:52:25:2a:5b:cf:10:36:c5:15:68:20:2a:a0:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 4 22:06:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a38e7e310f2adc02cd702961bc27a5ff378e158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:bf:06:4a:0f:dc:d0:92:61:36:4a:fb:8f:18:
0f:41:ad:36:62:ae:7f:90:56:f4:44:49:4f:6b:ec:
f9:d1:b3:c6:a5:f4:22:6f:c8:1f:d2:d5:12:dd:f8:
51:8d:7f:13:0c:58:78:8a:fd:ec:93:f2:d3:b1:e4:
1b:da:ff:f4:21:c1:92:ad:63:ac:b9:9d:c3:32:4b:
fd:bd:d1:12:69:4a:6b:b4:81:fe:44:ec:b2:08:4b:
46:dc:26:c8:94:15:77:27:7d:6c:d8:8a:64:dc:8b:
5a:36:2f:69:61:25:de:5a:42:33:a3:8e:a4:73:c1:
f2:be:51:2c:2a:02:60:63:36:08:60:7a:41:4d:e6:
5a:e1:e6:33:4a:43:4b:e4:d2:8e:ca:64:61:61:6c:
68:8c:76:ca:9e:53:8d:cc:85:6b:70:19:db:d4:bc:
b0:bb:7c:26:0c:70:ae:3d:a4:c9:71:83:5a:a8:2d:
6c:80:6b:cd:6a:b0:01:06:5f:65:4a:9c:d7:1f:07:
3b:95:00:44:0b:d3:cd:14:85:d8:31:3e:87:40:d5:
2d:b9:43:71:58:4a:19:5a:01:ab:03:7b:08:12:f2:
69:fa:83:74:5b:9d:4b:48:cd:60:f8:8d:f7:d3:ef:
f5:a4:25:6a:44:6b:88:de:97:3c:0c:a7:29:1b:29:
30:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:38:E7:E3:10:F2:AD:C0:2C:D7:02:96:1B:C2:7A:5F:F3:78:E1:58
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Wjjn4xDyrcAs1wKWG8J6X_N44Vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
84.234.16.0/20
85.204.160.0/22
194.88.96.0/21
194.88.112.0/20
Signature Algorithm: sha256WithRSAEncryption
36:42:5b:9a:cd:d3:33:34:99:2d:f1:a2:66:6b:cf:c0:5d:75:
8b:54:10:09:8f:52:84:73:c6:cd:43:80:c0:b2:b1:aa:fb:56:
85:f1:8e:72:35:52:1e:00:1a:28:25:38:65:5a:42:bc:31:33:
01:66:81:6d:3e:db:cd:1c:9c:f7:15:89:f0:c2:7d:97:a1:a7:
0a:96:c7:a4:1a:65:ea:13:eb:c1:0a:8c:5a:08:23:d2:84:4b:
80:e5:8c:f6:1c:1f:89:77:79:ea:55:9d:3f:3c:b5:92:63:4b:
5c:e9:a5:d4:c1:2b:fe:69:ff:48:4d:f0:12:62:83:30:d2:95:
3a:94:17:3b:38:d2:ea:be:40:3e:56:95:0d:54:52:9c:bb:c7:
9e:57:f5:81:92:b2:79:4f:e1:a8:12:24:8b:11:9c:92:96:40:
c5:96:c6:45:5a:33:c4:df:d7:bd:ab:2e:70:8a:a0:1c:73:2f:
c1:f1:73:1b:f5:04:46:db:55:40:5c:38:de:70:4a:30:ba:13:
c5:ff:07:0b:81:fa:e0:f7:ea:0b:fb:35:1b:b8:1c:76:c5:37:
20:11:79:9f:d3:6a:cc:66:3b:f8:af:65:9d:6e:e9:fd:38:74:
37:47:d3:8a:37:bb:54:97:59:aa:98:12:88:e8:ae:fc:c5:b5:
7a:a5:a9:95
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzWg1IlKlvPEDbFFWggKqAPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTA0MjIwNjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTM4ZTdlMzEwZjJhZGMwMmNkNzAyOTYxYmMyN2E1ZmYzNzhlMTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw78GSg/c0JJhNkr7jxgPQa02Yq5/
kFb0RElPa+z50bPGpfQib8gf0tUS3fhRjX8TDFh4iv3sk/LTseQb2v/0IcGSrWOs
uZ3DMkv9vdESaUprtIH+ROyyCEtG3CbIlBV3J31s2Ipk3ItaNi9pYSXeWkIzo46k
c8HyvlEsKgJgYzYIYHpBTeZa4eYzSkNL5NKOymRhYWxojHbKnlONzIVrcBnb1Lyw
u3wmDHCuPaTJcYNaqC1sgGvNarABBl9lSpzXHwc7lQBEC9PNFIXYMT6HQNUtuUNx
WEoZWgGrA3sIEvJp+oN0W51LSM1g+I330+/1pCVqRGuI3pc8DKcpGykwJwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFo45+MQ8q3ALNcClhvCel/zeOFYMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvV2pqbjR4RHlyY0FzMXdLV0c4SjZYX040NFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDBSPAAwQE
VOoQAwQCVcygAwQDwlhgAwQEwlhwMA0GCSqGSIb3DQEBCwUAA4IBAQA2QluazdMz
NJkt8aJma8/AXXWLVBAJj1KEc8bNQ4DAsrGq+1aF8Y5yNVIeABooJThlWkK8MTMB
ZoFtPtvNHJz3FYnwwn2XoacKlsekGmXqE+vBCoxaCCPShEuA5Yz2HB+Jd3nqVZ0/
PLWSY0tc6aXUwSv+af9ITfASYoMw0pU6lBc7ONLqvkA+VpUNVFKcu8eeV/WBkrJ5
T+GoEiSLEZySlkDFlsZFWjPE39e9qy5wiqAccy/B8XMb9QRG21VAXDjecEowuhPF
/wcLgfrg9+oL+zUbuBx2xTcgEXmf02rMZjv4r2Wdbun9OHQ3R9OKN7tUl1mqmBKI
6K78xbV6pamV
-----END CERTIFICATE-----
Generated at Mon Mar 4 06:07:26 2024 by rpki-client on console-ams.rpki-client.org