Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/Wgxh0_Rr9uSvSbNTusRbZieOVQ0.roa
File: Wgxh0_Rr9uSvSbNTusRbZieOVQ0.roa (raw, json)
Hash identifier: Iu6pdv6YziSQFzcxH4k417jmzldakgSbjDYYj8kC7tc=
Subject key identifier: 5A:0C:61:D3:F4:6B:F6:E4:AF:49:B3:53:BA:C4:5B:66:27:8E:55:0D
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 018A6FE81158372A75B4387A059538515EDA
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/Wgxh0_Rr9uSvSbNTusRbZieOVQ0.roa
Signing time: Thu 07 Sep 2023 13:49:54 +0000
ROA not before: Thu 07 Sep 2023 13:49:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200702
IP address blocks: 91.212.220.0/24 maxlen: 24
91.212.226.0/24 maxlen: 24
45.159.16.0/22 maxlen: 22
91.212.198.0/24 maxlen: 24
91.212.201.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:e8:11:58:37:2a:75:b4:38:7a:05:95:38:51:5e:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Sep 7 13:49:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a0c61d3f46bf6e4af49b353bac45b66278e550d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0e:51:f5:1b:cb:d2:48:45:77:5f:ae:e7:3e:
c7:e1:35:f7:b7:3a:88:61:c6:6b:3f:1a:7e:78:89:
10:f3:b0:ac:8d:80:71:b2:91:2b:f0:2f:37:82:2b:
36:df:82:ec:15:bb:a7:19:9c:03:ab:bb:f2:19:bf:
e9:a5:7e:c1:a7:1f:26:59:d9:77:60:45:cb:bb:0b:
85:97:38:73:15:5b:37:38:6c:53:52:7c:1c:12:c6:
14:be:dd:c4:99:37:00:07:ae:33:1e:ea:69:35:57:
07:ed:83:bd:d0:d8:af:01:84:8a:a2:6d:b7:69:44:
69:a7:2b:f2:a4:37:d4:6d:2d:37:3c:a7:18:69:23:
0d:f3:d0:ce:40:7c:e0:40:45:b9:8c:da:f6:05:7b:
a8:3f:71:b9:fe:16:75:8f:5a:22:f3:21:f3:a4:c3:
68:9e:41:91:99:06:fc:60:a3:bf:dc:94:a8:54:d9:
a4:05:12:ae:75:e7:5f:cf:73:2c:14:33:ff:80:86:
a9:1b:c7:91:8f:0b:32:9e:f2:24:26:05:0b:1c:d6:
54:d1:90:46:58:01:a0:1f:30:56:91:20:2d:b5:4f:
09:42:0b:00:4d:64:47:5a:22:3f:55:2e:e4:c0:cc:
a9:5c:23:27:89:4e:34:f9:a5:69:90:43:fb:da:a2:
3d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:0C:61:D3:F4:6B:F6:E4:AF:49:B3:53:BA:C4:5B:66:27:8E:55:0D
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/Wgxh0_Rr9uSvSbNTusRbZieOVQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.16.0/22
91.212.198.0/24
91.212.201.0/24
91.212.220.0/24
91.212.226.0/24
Signature Algorithm: sha256WithRSAEncryption
88:93:a5:6d:99:8f:ab:0d:00:b3:cb:95:03:9d:df:2f:86:b6:
d6:a5:84:b9:df:18:a2:7f:13:56:8a:ac:3e:99:2a:bf:63:1b:
23:8e:37:b9:34:8f:ab:8c:01:5a:e9:26:81:9e:e1:b2:b9:d2:
cc:35:ca:9a:3f:e4:35:b4:34:0e:db:35:c4:90:05:ec:92:79:
be:64:c8:43:29:e2:d5:a4:80:8f:78:fe:09:54:33:dc:d5:95:
89:63:84:00:5e:aa:ac:92:dc:8a:50:e6:cb:0b:3a:37:57:36:
51:1e:13:3d:a8:b8:29:d1:7d:bb:6a:30:48:19:1e:a4:71:46:
3d:46:20:17:80:fa:65:03:53:56:8c:e5:09:39:fa:bb:0c:c1:
29:8e:3d:36:12:63:99:08:9d:93:2d:ed:58:27:f8:cc:60:49:
1a:f2:64:90:18:1a:96:69:f5:48:1e:43:9c:00:9b:5e:6f:77:
51:d1:20:49:1b:13:58:26:19:b2:e9:36:7d:6f:3a:45:04:81:
59:2e:b8:e8:52:87:3f:4a:dd:fe:2f:7a:8b:03:ce:41:c9:73:
7a:95:3a:78:c6:df:0e:c3:3f:64:0f:2e:ab:e6:62:bd:61:e8:
59:8c:c8:9f:e3:83:2c:91:c5:d1:4c:6a:17:18:45:9e:81:4b:
d1:36:f5:b5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYpv6BFYNyp1tDh6BZU4UV7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwOTA3MTM0OTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTBjNjFkM2Y0NmJmNmU0YWY0OWIzNTNiYWM0NWI2NjI3OGU1NTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQ5R9RvL0khFd1+u5z7H4TX3tzqI
YcZrPxp+eIkQ87CsjYBxspEr8C83gis234LsFbunGZwDq7vyGb/ppX7Bpx8mWdl3
YEXLuwuFlzhzFVs3OGxTUnwcEsYUvt3EmTcAB64zHuppNVcH7YO90NivAYSKom23
aURppyvypDfUbS03PKcYaSMN89DOQHzgQEW5jNr2BXuoP3G5/hZ1j1oi8yHzpMNo
nkGRmQb8YKO/3JSoVNmkBRKudedfz3MsFDP/gIapG8eRjwsynvIkJgULHNZU0ZBG
WAGgHzBWkSAttU8JQgsATWRHWiI/VS7kwMypXCMniU40+aVpkEP72qI9JQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFoMYdP0a/bkr0mzU7rEW2YnjlUNMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvV2d4aDBfUnI5dVN2U2JOVHVzUmJaaWVPVlEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLZ8QAwQA
W9TGAwQAW9TJAwQAW9TcAwQAW9TiMA0GCSqGSIb3DQEBCwUAA4IBAQCIk6VtmY+r
DQCzy5UDnd8vhrbWpYS53xiifxNWiqw+mSq/Yxsjjje5NI+rjAFa6SaBnuGyudLM
NcqaP+Q1tDQO2zXEkAXsknm+ZMhDKeLVpICPeP4JVDPc1ZWJY4QAXqqsktyKUObL
Czo3VzZRHhM9qLgp0X27ajBIGR6kcUY9RiAXgPplA1NWjOUJOfq7DMEpjj02EmOZ
CJ2TLe1YJ/jMYEka8mSQGBqWafVIHkOcAJteb3dR0SBJGxNYJhmy6TZ9bzpFBIFZ
LrjoUoc/St3+L3qLA85ByXN6lTp4xt8Owz9kDy6r5mK9YehZjMif44MskcXRTGoX
GEWegUvRNvW1
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:03:09 2024 by rpki-client on console-ams.rpki-client.org