Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/WbEXJcI6czUhGDy_VsSm-FIslpg.roa
File: WbEXJcI6czUhGDy_VsSm-FIslpg.roa (raw, json)
Hash identifier: AWan2QET3oktXp8oTy3WPz135yb+guFkmI4uaoK9vqM=
Subject key identifier: 59:B1:17:25:C2:3A:73:35:21:18:3C:BF:56:C4:A6:F8:52:2C:96:98
Certificate issuer: /CN=92fb8fa10dff3473e653dbf61c9a86432180a5c7
Certificate serial: 01856B40D12524ED4A8CE838BCFBE2756670
Authority key identifier: 92:FB:8F:A1:0D:FF:34:73:E6:53:DB:F6:1C:9A:86:43:21:80:A5:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/WbEXJcI6czUhGDy_VsSm-FIslpg.roa
Signing time: Sun 01 Jan 2023 02:54:47 +0000
ROA not before: Sun 01 Jan 2023 02:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211331
IP address blocks: 91.220.10.0/24 maxlen: 24
185.119.10.0/24 maxlen: 24
185.119.10.0/23 maxlen: 23
185.119.11.0/24 maxlen: 24
2a10:80c0::/29 maxlen: 29
2a10:80c0::/48 maxlen: 48
2a10:80c0:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 26 Dec 2023 23:05:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:40:d1:25:24:ed:4a:8c:e8:38:bc:fb:e2:75:66:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92fb8fa10dff3473e653dbf61c9a86432180a5c7
Validity
Not Before: Jan 1 02:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59b11725c23a733521183cbf56c4a6f8522c9698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b9:cd:04:35:52:82:c1:1b:89:12:00:db:f4:
86:f5:b9:e3:6b:c2:a1:29:28:e6:5f:58:22:f5:5c:
9b:1e:12:02:6a:0c:43:6b:91:6c:7a:22:23:53:c0:
01:45:ae:15:50:82:9f:70:62:12:69:08:5f:a6:64:
79:83:90:e5:db:a0:9c:5c:0e:1f:32:21:d6:ee:17:
9b:2e:d7:19:a9:3e:9e:06:14:4f:6d:27:81:40:69:
db:aa:b4:55:84:18:1d:38:30:89:9c:d2:2d:4e:d4:
c5:13:c3:cf:da:94:01:0d:16:e1:a3:89:32:87:c4:
80:c9:83:ca:1b:d9:3d:a6:25:e5:0b:24:9a:e3:2c:
c7:8d:86:12:37:74:b7:a8:dc:d6:fc:bf:8d:f6:60:
56:86:25:b3:fb:40:ad:c4:54:4d:c9:30:a0:0f:ca:
cb:95:cf:d9:be:40:3c:92:0f:91:ba:92:eb:b6:c4:
4a:5f:36:0e:c4:c2:be:7f:73:6e:54:cd:64:24:2b:
40:63:d1:be:0c:2b:ba:41:6a:33:e4:f5:d7:b9:d2:
7d:61:6c:b9:ac:93:6e:94:69:ed:a8:17:51:0a:3f:
58:ce:35:e3:56:5c:43:04:74:d8:4b:6e:3c:6c:28:
73:bd:46:1d:54:8b:60:a2:60:32:c5:3b:8a:24:de:
65:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:B1:17:25:C2:3A:73:35:21:18:3C:BF:56:C4:A6:F8:52:2C:96:98
X509v3 Authority Key Identifier:
keyid:92:FB:8F:A1:0D:FF:34:73:E6:53:DB:F6:1C:9A:86:43:21:80:A5:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/WbEXJcI6czUhGDy_VsSm-FIslpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/kvuPoQ3_NHPmU9v2HJqGQyGApcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.10.0/24
185.119.10.0/23
IPv6:
2a10:80c0::/29
Signature Algorithm: sha256WithRSAEncryption
97:78:e9:b1:68:53:e2:37:15:37:85:ab:59:04:df:5c:af:59:
d5:78:0e:ec:ce:1c:86:5d:3c:8a:a1:7b:d7:41:b9:4c:9e:b1:
08:c3:75:1c:9a:3c:92:1e:20:71:e5:7b:21:2e:af:fa:d9:ec:
79:b8:61:a1:30:a0:5a:f6:84:10:78:fd:59:7c:46:3b:fc:32:
bd:25:65:72:5c:d7:95:d3:37:50:de:55:f1:88:43:b2:71:45:
c2:bb:3c:79:b1:59:43:74:1c:18:ce:ab:3a:8b:8b:a5:64:16:
17:ad:e7:ab:a6:69:f2:38:ce:ac:0c:2c:c7:7b:34:e8:b9:82:
6a:5b:c3:eb:6b:16:d8:1f:c4:22:03:21:97:ed:37:52:4f:1a:
a7:85:15:bc:2a:1b:b9:03:16:2c:d3:9d:fd:b4:a7:b5:67:62:
ed:a4:d0:b9:eb:d2:3a:89:48:9b:03:ab:c0:10:bf:76:63:fb:
8b:c6:0d:90:78:99:b1:31:66:85:4e:25:37:be:2d:45:5e:6f:
04:ad:a7:65:fc:76:aa:be:66:13:ab:0a:7e:d1:92:56:d4:c3:
19:01:ef:e4:16:c5:0c:a2:36:e2:47:e8:cf:5c:40:90:e3:06:
00:cf:77:94:c7:7c:98:95:59:1f:58:4a:ca:16:04:fa:fc:d6:
a2:de:dc:99
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVrQNElJO1KjOg4vPvidWZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZmI4ZmExMGRmZjM0NzNlNjUzZGJmNjFjOWE4NjQzMjE4
MGE1YzcwHhcNMjMwMTAxMDI1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWIxMTcyNWMyM2E3MzM1MjExODNjYmY1NmM0YTZmODUyMmM5Njk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7nNBDVSgsEbiRIA2/SG9bnja8Kh
KSjmX1gi9VybHhICagxDa5FseiIjU8ABRa4VUIKfcGISaQhfpmR5g5Dl26CcXA4f
MiHW7hebLtcZqT6eBhRPbSeBQGnbqrRVhBgdODCJnNItTtTFE8PP2pQBDRbho4ky
h8SAyYPKG9k9piXlCySa4yzHjYYSN3S3qNzW/L+N9mBWhiWz+0CtxFRNyTCgD8rL
lc/ZvkA8kg+RupLrtsRKXzYOxMK+f3NuVM1kJCtAY9G+DCu6QWoz5PXXudJ9YWy5
rJNulGntqBdRCj9YzjXjVlxDBHTYS248bChzvUYdVItgomAyxTuKJN5lSQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFmxFyXCOnM1IRg8v1bEpvhSLJaYMB8GA1UdIwQY
MBaAFJL7j6EN/zRz5lPb9hyahkMhgKXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3Z1UG9RM19OSFBtVTl2MkhKcUdReUdBcGNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jNjRkNTAtZmNkZC00YTlmLTkwNDct
MjkzZjYxMjJhMTlkLzEvV2JFWEpjSTZjelVoR0R5X1ZzU20tRklzbHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jNjRkNTAtZmNkZC00YTlmLTkwNDctMjkzZjYxMjJhMTlk
LzEva3Z1UG9RM19OSFBtVTl2MkhKcUdReUdBcGNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9wKAwQB
uXcKMA0EAgACMAcDBQMqEIDAMA0GCSqGSIb3DQEBCwUAA4IBAQCXeOmxaFPiNxU3
hatZBN9cr1nVeA7szhyGXTyKoXvXQblMnrEIw3UcmjySHiBx5XshLq/62ex5uGGh
MKBa9oQQeP1ZfEY7/DK9JWVyXNeV0zdQ3lXxiEOycUXCuzx5sVlDdBwYzqs6i4ul
ZBYXreerpmnyOM6sDCzHezTouYJqW8PraxbYH8QiAyGX7TdSTxqnhRW8Khu5AxYs
0539tKe1Z2LtpNC569I6iUibA6vAEL92Y/uLxg2QeJmxMWaFTiU3vi1FXm8Eradl
/HaqvmYTqwp+0ZJW1MMZAe/kFsUMojbiR+jPXECQ4wYAz3eUx3yYlVkfWErKFgT6
/Nai3tyZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:37 2024 by rpki-client on console-ams.rpki-client.org