Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/WM-nzKfnerPErd5POLM8CwQjiKA.roa
File: WM-nzKfnerPErd5POLM8CwQjiKA.roa (raw, json)
Hash identifier: KHw0H5kPB4zIjMWCNcW48PUho03M35HaWsqytqsJjYg=
Subject key identifier: 58:CF:A7:CC:A7:E7:7A:B3:C4:AD:DE:4F:38:B3:3C:0B:04:23:88:A0
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 01856FF988BC1F6A9F11D8999BBC61DCD811
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/WM-nzKfnerPErd5POLM8CwQjiKA.roa
Signing time: Mon 02 Jan 2023 00:55:02 +0000
ROA not before: Mon 02 Jan 2023 00:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202209
IP address blocks: 212.91.177.0/24 maxlen: 24
217.79.33.0/24 maxlen: 24
85.118.85.0/24 maxlen: 24
85.118.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Mar 2023 07:38:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:88:bc:1f:6a:9f:11:d8:99:9b:bc:61:dc:d8:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 00:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58cfa7cca7e77ab3c4adde4f38b33c0b042388a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:52:6f:0a:ba:80:77:33:95:d7:db:5c:9a:a0:
cb:01:7e:66:ab:17:56:87:f6:77:6b:e0:7c:cf:02:
b2:cf:49:b0:7d:2f:f2:d4:ec:aa:65:a4:66:27:ba:
0e:7f:ed:93:66:61:74:21:3f:e2:20:9b:b1:9d:74:
f7:4d:07:e3:b2:e5:39:c5:69:b9:0b:78:8c:8c:4f:
36:33:50:80:b8:b7:d7:0b:d6:ec:9c:1b:d6:1a:89:
ab:76:83:ed:c9:68:9d:5f:f6:94:5a:57:49:ad:3b:
ba:bf:dd:93:03:a8:84:fa:c5:8c:c8:71:ce:5c:5d:
0a:24:f2:26:b1:d8:c0:24:8c:ac:d8:ae:98:b0:b9:
78:06:3c:27:7c:ca:b0:a4:fc:c4:41:1c:e8:33:17:
1a:7f:91:04:f4:da:75:da:96:6f:0e:b2:48:a9:9f:
3e:4b:d8:25:0d:15:ff:c5:30:93:10:0d:f8:34:47:
b0:39:cc:2d:e8:17:ec:3a:50:4f:8c:83:84:ed:f8:
b5:a8:0a:39:e5:01:01:13:73:a8:89:7b:62:98:b5:
d4:62:eb:a9:e6:60:b4:5f:4e:d4:92:35:e3:31:11:
e5:5f:b8:73:cd:fa:d8:8c:4d:6d:20:c6:9f:7c:87:
86:40:47:8e:6d:48:35:00:a1:1d:67:64:96:38:a1:
c4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:CF:A7:CC:A7:E7:7A:B3:C4:AD:DE:4F:38:B3:3C:0B:04:23:88:A0
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/WM-nzKfnerPErd5POLM8CwQjiKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.85.0-85.118.86.255
212.91.177.0/24
217.79.33.0/24
Signature Algorithm: sha256WithRSAEncryption
71:d8:cf:a1:ed:6d:34:0a:50:4e:7b:cf:28:14:ce:5b:90:05:
b4:21:8a:69:03:97:13:4b:16:d0:a3:1c:63:0e:52:a8:49:aa:
b1:ce:63:ad:80:ae:3a:32:ca:fa:82:e4:ce:91:66:08:34:92:
b0:2f:38:b2:55:d9:45:16:9f:c1:bb:38:91:41:7d:f4:c0:61:
4f:88:15:62:2a:7c:cb:4e:a2:ee:d4:b9:bc:b9:55:32:78:c9:
77:bc:8d:c6:74:80:80:f5:e5:14:2e:48:72:04:ee:bc:54:f7:
c8:3f:56:65:f8:f0:de:82:00:be:df:1d:85:23:21:94:c8:cf:
a9:98:1a:29:4f:3d:16:02:34:a0:61:fa:66:a9:20:e1:f8:a7:
14:53:d0:fb:e1:20:25:2c:c6:ad:47:1c:ec:38:8d:7b:f4:c8:
90:ae:39:62:99:82:97:d5:d1:63:c2:c7:a2:27:ce:69:d6:bd:
43:6f:b1:b1:6b:57:99:9a:0e:50:27:02:20:e1:85:50:d8:8d:
e1:83:9b:a1:80:63:e9:0c:f6:72:a8:78:92:ed:ed:5b:f1:48:
a9:ac:c5:73:79:65:94:21:94:78:74:ee:9f:09:88:bf:e4:df:
51:4b:b5:b5:31:a3:2f:c4:6a:70:a5:8e:3f:3e:db:59:a1:2c:
84:f7:96:da
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVv+Yi8H2qfEdiZm7xh3NgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjMwMTAyMDA1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGNmYTdjY2E3ZTc3YWIzYzRhZGRlNGYzOGIzM2MwYjA0MjM4OGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFJvCrqAdzOV19tcmqDLAX5mqxdW
h/Z3a+B8zwKyz0mwfS/y1OyqZaRmJ7oOf+2TZmF0IT/iIJuxnXT3TQfjsuU5xWm5
C3iMjE82M1CAuLfXC9bsnBvWGomrdoPtyWidX/aUWldJrTu6v92TA6iE+sWMyHHO
XF0KJPImsdjAJIys2K6YsLl4BjwnfMqwpPzEQRzoMxcaf5EE9Np12pZvDrJIqZ8+
S9glDRX/xTCTEA34NEewOcwt6BfsOlBPjIOE7fi1qAo55QEBE3OoiXtimLXUYuup
5mC0X07UkjXjMRHlX7hzzfrYjE1tIMaffIeGQEeObUg1AKEdZ2SWOKHE8wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFjPp8yn53qzxK3eTzizPAsEI4igMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvV00tbnpLZm5lclBFcmQ1UE9MTThDd1FqaUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABVdlUD
BABVdlYDBADUW7EDBADZTyEwDQYJKoZIhvcNAQELBQADggEBAHHYz6HtbTQKUE57
zygUzluQBbQhimkDlxNLFtCjHGMOUqhJqrHOY62ArjoyyvqC5M6RZgg0krAvOLJV
2UUWn8G7OJFBffTAYU+IFWIqfMtOou7Uuby5VTJ4yXe8jcZ0gID15RQuSHIE7rxU
98g/VmX48N6CAL7fHYUjIZTIz6mYGilPPRYCNKBh+mapIOH4pxRT0PvhICUsxq1H
HOw4jXv0yJCuOWKZgpfV0WPCx6InzmnWvUNvsbFrV5maDlAnAiDhhVDYjeGDm6GA
Y+kM9nKoeJLt7VvxSKmsxXN5ZZQhlHh07p8JiL/k31FLtbUxoy/EanCljj8+21mh
LIT3lto=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:52 2024 by rpki-client on console-ams.rpki-client.org