Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/WpYM4bZGWHgdghgh3sDJ58XPZ1E.roa
File: WpYM4bZGWHgdghgh3sDJ58XPZ1E.roa (raw, json)
Hash identifier: BRK/L528KdJZBDOJ6lx0x0AV7AykD9BdqxblfJaEi3I=
Subject key identifier: 5A:96:0C:E1:B6:46:58:78:1D:82:18:21:DE:C0:C9:E7:C5:CF:67:51
Certificate issuer: /CN=64d4e8723450d0a710c32d90ffea18529104e538
Certificate serial: 018CC5DBFCF59E75FB25363E6EAEA2B1FCAB
Authority key identifier: 64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/WpYM4bZGWHgdghgh3sDJ58XPZ1E.roa
Signing time: Mon 01 Jan 2024 16:29:37 +0000
ROA not before: Mon 01 Jan 2024 16:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 195.211.40.0/23 maxlen: 23
91.226.212.0/23 maxlen: 23
176.103.48.0/20 maxlen: 20
91.207.60.0/24 maxlen: 24
193.169.86.0/23 maxlen: 23
91.217.91.0/24 maxlen: 24
2a13:f580:1::/48 maxlen: 48
2001:678:334::/48 maxlen: 48
2a13:f580:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 13 Apr 2024 07:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:fc:f5:9e:75:fb:25:36:3e:6e:ae:a2:b1:fc:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d4e8723450d0a710c32d90ffea18529104e538
Validity
Not Before: Jan 1 16:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a960ce1b64658781d821821dec0c9e7c5cf6751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6c:a9:22:db:79:29:40:4b:a2:89:f9:a2:3d:
da:c6:d5:f6:75:24:86:05:36:88:32:b2:27:55:1b:
b0:60:60:c1:c2:4f:b6:80:fa:ad:d1:67:9f:ff:6f:
0a:4f:b0:17:f2:3b:d2:d6:1e:3c:9a:40:78:d6:c0:
7e:16:a8:10:19:81:a2:f9:37:ce:c5:f0:26:b0:a5:
d9:6c:53:c2:92:df:33:b5:0f:fd:6d:ef:ef:75:f0:
05:81:79:9b:15:59:6c:5a:56:c5:28:c0:59:76:08:
82:3f:5a:7f:21:8b:49:17:de:59:3f:f8:75:51:50:
86:a4:45:c9:49:8a:da:89:4a:cf:ee:d1:cf:02:5b:
6b:d4:fb:9e:da:45:eb:2f:58:71:5b:ff:cc:94:c3:
0f:01:67:e0:4f:14:76:11:6d:75:d2:2f:c5:64:cd:
a8:85:a1:d1:3f:1e:6e:80:48:7c:95:16:23:19:62:
ca:2b:71:13:2e:ee:94:4b:cd:27:52:76:63:2e:17:
05:7a:e2:7f:48:04:a7:7a:c7:ac:55:e7:17:91:ad:
f7:4c:24:1c:50:d0:db:f7:05:d7:6f:e5:50:ee:a2:
a4:42:f3:6f:ad:ea:89:76:0b:9b:4c:5f:d1:ba:e4:
4b:7e:02:09:e4:c7:ea:19:d5:a2:1a:05:2a:75:d8:
59:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:96:0C:E1:B6:46:58:78:1D:82:18:21:DE:C0:C9:E7:C5:CF:67:51
X509v3 Authority Key Identifier:
keyid:64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/WpYM4bZGWHgdghgh3sDJ58XPZ1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.60.0/24
91.217.91.0/24
91.226.212.0/23
176.103.48.0/20
193.169.86.0/23
195.211.40.0/23
IPv6:
2001:678:334::/48
2a13:f580:1::/48
2a13:f580:4::/48
Signature Algorithm: sha256WithRSAEncryption
65:4f:8c:50:6a:5f:b6:85:8f:2a:34:63:ed:1b:01:c9:c5:49:
f0:19:12:44:03:df:9d:13:63:0f:af:05:d7:54:09:7c:06:b3:
7c:b2:5c:9d:0c:08:dc:ff:e6:2e:d7:f6:6e:87:de:6b:ea:e9:
ed:fe:06:24:75:91:0b:9d:74:17:2d:e0:bc:c0:b8:52:55:85:
7b:e6:c3:df:b4:97:e0:f7:5d:a4:81:c7:0c:8a:a1:f2:ab:69:
e3:02:1b:25:44:c9:8b:9e:23:4d:55:a8:b6:78:52:8c:da:66:
47:ba:f7:ee:35:58:ce:8a:3f:b4:3d:b2:d1:a2:0e:0b:85:aa:
7c:4e:18:86:ff:4e:5b:0c:bb:8a:a2:3f:17:bd:e4:17:ae:40:
7c:5b:3c:37:9d:49:ad:1c:e7:6b:07:07:4f:08:d9:6c:b7:e6:
3e:ed:04:4a:dd:61:4d:7c:a2:27:40:5c:33:c5:77:e5:d2:df:
28:03:cf:48:1a:98:f0:9e:cc:aa:5d:32:d6:61:93:1d:19:9f:
1f:fd:01:b9:91:71:53:6d:95:32:e2:7f:51:9c:73:e4:b8:91:
6d:a1:a2:26:a4:7c:a7:3e:0f:e6:11:bd:0d:06:e9:da:d8:a0:
bd:d0:fc:4b:39:11:73:0f:cf:2d:c6:57:5d:23:28:43:af:ce:
97:a4:ba:7a
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYzF2/z1nnX7JTY+bq6isfyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDRlODcyMzQ1MGQwYTcxMGMzMmQ5MGZmZWExODUyOTEw
NGU1MzgwHhcNMjQwMTAxMTYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTk2MGNlMWI2NDY1ODc4MWQ4MjE4MjFkZWMwYzllN2M1Y2Y2NzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmypItt5KUBLoon5oj3axtX2dSSG
BTaIMrInVRuwYGDBwk+2gPqt0Wef/28KT7AX8jvS1h48mkB41sB+FqgQGYGi+TfO
xfAmsKXZbFPCkt8ztQ/9be/vdfAFgXmbFVlsWlbFKMBZdgiCP1p/IYtJF95ZP/h1
UVCGpEXJSYraiUrP7tHPAltr1Pue2kXrL1hxW//MlMMPAWfgTxR2EW110i/FZM2o
haHRPx5ugEh8lRYjGWLKK3ETLu6US80nUnZjLhcFeuJ/SASnesesVecXka33TCQc
UNDb9wXXb+VQ7qKkQvNvreqJdgubTF/RuuRLfgIJ5MfqGdWiGgUqddhZ0wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFqWDOG2Rlh4HYIYId7AyefFz2dRMB8GA1UdIwQY
MBaAFGTU6HI0UNCnEMMtkP/qGFKRBOU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzIt
NDIyYWVkM2E3NzAyLzEvV3BZTTRiWkdXSGdkZ2hnaDNzREo1OFhQWjFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzItNDIyYWVkM2E3NzAy
LzEvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAqBAIAATAkAwQAW888AwQA
W9lbAwQBW+LUAwQEsGcwAwQBwalWAwQBw9MoMCEEAgACMBsDBwAgAQZ4AzQDBwAq
E/WAAAEDBwAqE/WAAAQwDQYJKoZIhvcNAQELBQADggEBAGVPjFBqX7aFjyo0Y+0b
AcnFSfAZEkQD350TYw+vBddUCXwGs3yyXJ0MCNz/5i7X9m6H3mvq6e3+BiR1kQud
dBct4LzAuFJVhXvmw9+0l+D3XaSBxwyKofKraeMCGyVEyYueI01VqLZ4UozaZke6
9+41WM6KP7Q9stGiDguFqnxOGIb/TlsMu4qiPxe95BeuQHxbPDedSa0c52sHB08I
2Wy35j7tBErdYU18oidAXDPFd+XS3ygDz0gamPCezKpdMtZhkx0Znx/9AbmRcVNt
lTLif1Gcc+S4kW2hoiakfKc+D+YRvQ0G6drYoL3Q/Es5EXMPzy3GV10jKEOvzpek
uno=
-----END CERTIFICATE-----
Generated at Sat Apr 13 10:21:40 2024 by rpki-client on console.sobornost.net