Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/41eaf9-656d-40d9-9f7a-334de3d76fe5/1/wYnONVou0AppehQvc_2xukZkgAk.roa
File: wYnONVou0AppehQvc_2xukZkgAk.roa (raw, json)
Hash identifier: g+KT5OUvu6dRPRDpjOsYgHVPzCxPGBmPNZ1gA/U0+WQ=
Subject key identifier: C1:89:CE:35:5A:2E:D0:0A:69:7A:14:2F:73:FD:B1:BA:46:64:80:09
Certificate issuer: /CN=a6bb3045aea78e8fa7648129714fb736068dc37b
Certificate serial: 0186A16B4D365FCF13F8278DDE27CD8A60B4
Authority key identifier: A6:BB:30:45:AE:A7:8E:8F:A7:64:81:29:71:4F:B7:36:06:8D:C3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/prswRa6njo-nZIEpcU-3NgaNw3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/41eaf9-656d-40d9-9f7a-334de3d76fe5/1/wYnONVou0AppehQvc_2xukZkgAk.roa
Signing time: Thu 02 Mar 2023 08:23:29 +0000
ROA not before: Thu 02 Mar 2023 08:23:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 185.184.176.0/22 maxlen: 22
77.111.232.0/22 maxlen: 22
188.227.200.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a1:6b:4d:36:5f:cf:13:f8:27:8d:de:27:cd:8a:60:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6bb3045aea78e8fa7648129714fb736068dc37b
Validity
Not Before: Mar 2 08:23:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c189ce355a2ed00a697a142f73fdb1ba46648009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:73:c1:db:ba:f6:c1:dc:b8:33:9b:99:1e:a2:
8d:3c:bb:49:1b:63:4d:cf:62:c1:b4:62:cf:bb:45:
e6:55:2e:e8:65:33:6b:df:28:82:ef:a8:49:30:b3:
f8:a0:59:2a:e0:ac:f6:b0:1e:23:69:ea:14:0f:8d:
5d:5a:a2:21:78:db:0a:e2:97:70:7b:39:3a:ca:ca:
ab:c7:02:84:b0:11:bb:e4:9e:23:74:50:86:a1:31:
52:9a:f6:97:95:9d:c6:1a:51:48:f1:7a:7c:ff:91:
26:e2:ca:ac:7c:50:09:38:e3:48:69:51:b9:9e:92:
99:93:bf:9b:f2:2f:6b:48:16:ac:a2:d6:3a:4b:75:
2c:5d:ee:35:82:84:6e:68:7e:44:b0:83:cf:6e:c4:
60:6a:c9:29:e7:ad:65:1c:bc:44:6c:af:68:da:00:
45:a5:03:d3:a0:f6:ea:a1:38:d1:cd:d0:f0:33:b5:
f4:c1:86:be:f6:b9:06:40:f4:70:89:15:95:63:81:
ca:22:59:ba:ca:19:18:c0:58:7e:69:75:08:af:67:
1a:84:e7:a9:a9:71:f6:36:75:2b:8e:30:4f:31:a0:
1c:5d:0d:5f:f7:2f:4f:4d:7f:c5:4d:68:4f:a3:6a:
89:7e:e6:d7:a7:ca:0a:86:a1:79:11:5a:b8:0d:0e:
32:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:89:CE:35:5A:2E:D0:0A:69:7A:14:2F:73:FD:B1:BA:46:64:80:09
X509v3 Authority Key Identifier:
keyid:A6:BB:30:45:AE:A7:8E:8F:A7:64:81:29:71:4F:B7:36:06:8D:C3:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/prswRa6njo-nZIEpcU-3NgaNw3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/41eaf9-656d-40d9-9f7a-334de3d76fe5/1/wYnONVou0AppehQvc_2xukZkgAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/41eaf9-656d-40d9-9f7a-334de3d76fe5/1/prswRa6njo-nZIEpcU-3NgaNw3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.232.0/22
185.184.176.0/22
188.227.200.0/22
Signature Algorithm: sha256WithRSAEncryption
30:20:11:df:a3:c4:5a:11:6e:73:4c:68:1d:35:6f:a8:a9:35:
16:16:a9:83:7c:94:6f:42:2a:83:fc:cc:62:b3:06:08:cc:af:
23:54:a1:82:35:94:57:bb:e2:1e:91:30:34:9a:0d:8b:ef:0a:
2b:6c:b7:27:c9:d3:09:12:5f:16:53:f7:22:4a:ba:2b:5f:0c:
9b:f6:ca:bf:cb:85:69:dd:44:e5:a0:50:71:fa:4b:b5:88:1c:
90:21:5f:b6:4a:98:88:11:05:8d:ee:46:42:ba:1b:f7:92:f6:
2f:7b:a8:3d:10:99:7b:3f:34:29:fb:6e:ee:ef:3a:96:39:48:
67:b5:da:33:e5:a8:38:20:1e:c4:bd:41:a1:3d:a3:76:f5:f7:
d2:0b:f0:2a:d3:8a:9a:e4:03:b4:97:03:f4:60:67:e5:af:fd:
4c:7f:19:72:a1:ba:97:e2:c3:b0:94:ab:1e:ae:59:5c:f0:65:
e1:ad:6b:85:93:b3:22:b9:25:e2:6a:41:42:9d:61:b8:5a:3d:
52:aa:fe:37:26:82:55:44:66:4c:9f:57:c8:49:2c:b9:36:ca:
e4:c7:36:da:8c:df:7c:04:04:1b:36:2d:31:35:7d:b5:8a:65:
58:1f:8e:dc:7a:5d:ac:41:cd:4d:59:d7:05:a3:6d:ce:59:95:
4e:10:f9:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYaha002X88T+CeN3ifNimC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YmIzMDQ1YWVhNzhlOGZhNzY0ODEyOTcxNGZiNzM2MDY4
ZGMzN2IwHhcNMjMwMzAyMDgyMzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTg5Y2UzNTVhMmVkMDBhNjk3YTE0MmY3M2ZkYjFiYTQ2NjQ4MDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHPB27r2wdy4M5uZHqKNPLtJG2NN
z2LBtGLPu0XmVS7oZTNr3yiC76hJMLP4oFkq4Kz2sB4jaeoUD41dWqIheNsK4pdw
ezk6ysqrxwKEsBG75J4jdFCGoTFSmvaXlZ3GGlFI8Xp8/5Em4sqsfFAJOONIaVG5
npKZk7+b8i9rSBasotY6S3UsXe41goRuaH5EsIPPbsRgaskp561lHLxEbK9o2gBF
pQPToPbqoTjRzdDwM7X0wYa+9rkGQPRwiRWVY4HKIlm6yhkYwFh+aXUIr2cahOep
qXH2NnUrjjBPMaAcXQ1f9y9PTX/FTWhPo2qJfubXp8oKhqF5EVq4DQ4y8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMGJzjVaLtAKaXoUL3P9sbpGZIAJMB8GA1UdIwQY
MBaAFKa7MEWup46Pp2SBKXFPtzYGjcN7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHJzd1JhNm5qby1uWklFcGNVLTNOZ2FOdzNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80MWVhZjktNjU2ZC00MGQ5LTlmN2Et
MzM0ZGUzZDc2ZmU1LzEvd1luT05Wb3UwQXBwZWhRdmNfMnh1a1prZ0FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80MWVhZjktNjU2ZC00MGQ5LTlmN2EtMzM0ZGUzZDc2ZmU1
LzEvcHJzd1JhNm5qby1uWklFcGNVLTNOZ2FOdzNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCTW/oAwQC
ubiwAwQCvOPIMA0GCSqGSIb3DQEBCwUAA4IBAQAwIBHfo8RaEW5zTGgdNW+oqTUW
FqmDfJRvQiqD/MxiswYIzK8jVKGCNZRXu+IekTA0mg2L7worbLcnydMJEl8WU/ci
SrorXwyb9sq/y4Vp3UTloFBx+ku1iByQIV+2SpiIEQWN7kZCuhv3kvYve6g9EJl7
PzQp+27u7zqWOUhntdoz5ag4IB7EvUGhPaN29ffSC/Aq04qa5AO0lwP0YGflr/1M
fxlyobqX4sOwlKserllc8GXhrWuFk7MiuSXiakFCnWG4Wj1Sqv43JoJVRGZMn1fI
SSy5NsrkxzbajN98BAQbNi0xNX21imVYH47cel2sQc1NWdcFo23OWZVOEPnV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:48 2024 by rpki-client on console-ams.rpki-client.org