Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/wb6bnaXLyGlRpBL4YSbfGrYte4s.roa
File: wb6bnaXLyGlRpBL4YSbfGrYte4s.roa (raw, json)
Hash identifier: CW+Lq0o0cAzC7juYGLBr2YM7CSco7glGyzA1nFep4SE=
Subject key identifier: C1:BE:9B:9D:A5:CB:C8:69:51:A4:12:F8:61:26:DF:1A:B6:2D:7B:8B
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01859264435300156AB03E46ABEDD7170F10
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/wb6bnaXLyGlRpBL4YSbfGrYte4s.roa
Signing time: Sun 08 Jan 2023 17:18:42 +0000
ROA not before: Sun 08 Jan 2023 17:18:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3280
IP address blocks: 2.56.166.0/24 maxlen: 24
78.108.217.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.243.0/24 maxlen: 24
2a0b:b86::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 18 Jan 2023 17:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:92:64:43:53:00:15:6a:b0:3e:46:ab:ed:d7:17:0f:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 8 17:18:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1be9b9da5cbc86951a412f86126df1ab62d7b8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:89:c0:6e:ec:24:15:96:95:2f:28:23:71:8e:
04:43:a5:23:91:a2:40:ff:8e:59:ea:f1:ea:91:18:
00:ed:3d:14:9c:76:05:ee:1a:9d:84:3b:60:54:cd:
d0:af:d6:42:0a:f7:ee:c7:43:5f:70:98:fe:5b:ce:
55:dc:1f:04:5d:21:d6:1d:84:29:c3:71:36:57:50:
09:ca:b6:41:50:4d:67:63:e2:e6:0b:b1:c7:96:a6:
f9:c8:49:43:bc:a7:53:6e:b9:30:a5:ca:6d:06:03:
c4:6e:cc:20:8e:7a:9a:04:c9:ca:7c:47:c4:ce:fe:
0a:f5:3d:4b:1e:15:01:eb:a2:4b:ba:50:6f:b3:c1:
2a:e0:0d:f8:0d:d9:71:e6:64:b0:cd:c3:21:8c:f8:
9f:12:a8:34:e7:35:2e:b5:8b:9f:e8:c4:4e:d6:6f:
55:db:0a:9a:a2:7e:7f:25:eb:d1:73:0d:1f:34:53:
2e:a3:aa:6e:3d:3f:c7:05:ae:27:13:8b:77:be:3a:
82:8e:0d:48:52:d0:8c:50:5a:2b:a2:7f:a2:fe:1d:
1c:95:1c:e9:6a:f5:47:4c:f2:7d:9b:75:48:c9:36:
3e:a4:fd:b7:a4:49:bc:89:b2:85:a1:c1:2e:6a:7d:
37:13:44:06:f0:ef:80:65:ca:59:e9:59:97:f1:08:
48:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:BE:9B:9D:A5:CB:C8:69:51:A4:12:F8:61:26:DF:1A:B6:2D:7B:8B
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/wb6bnaXLyGlRpBL4YSbfGrYte4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.166.0/24
45.90.146.0/24
77.83.243.0/24
78.108.217.0/24
IPv6:
2a0b:b86::/40
Signature Algorithm: sha256WithRSAEncryption
61:94:fc:63:c0:4c:17:1f:94:aa:7e:62:51:32:08:f8:54:24:
9b:10:d5:ec:0c:ac:1c:c5:a9:0b:29:02:52:5d:f4:36:54:f6:
b7:8c:e1:37:9e:40:cf:36:7f:26:04:2a:27:a3:1e:f6:62:4f:
bd:44:9f:69:a9:33:21:47:b3:38:8e:20:e0:d2:8c:fc:98:94:
f3:52:95:24:73:20:27:8f:cc:b6:f7:f6:d7:e4:26:a8:57:8b:
b0:9f:59:3a:04:c1:79:4f:23:4f:4b:79:9c:a4:a5:20:33:ed:
86:f7:5f:97:d3:a3:0c:13:66:07:c3:69:a8:02:63:ec:38:9f:
26:b5:9b:63:cd:4b:be:25:22:91:5a:ad:6b:f4:a7:76:da:36:
b9:88:79:d8:b8:10:dd:a6:3b:27:42:f7:d0:37:e7:4b:0e:51:
2c:70:92:9e:a0:af:01:61:12:4f:47:bb:f5:e8:a8:e3:e9:da:
ae:77:96:4f:46:a9:34:50:e2:f5:7d:f7:b6:9f:f5:4b:df:6c:
0d:0d:66:6d:78:37:22:67:0c:3b:ba:60:17:6d:6a:aa:cf:9d:
52:e7:18:9c:14:60:32:ef:3c:73:23:1c:4b:96:5a:e3:6f:d7:
49:fd:16:16:d1:c7:d1:d0:18:0d:7b:c0:45:70:22:27:0e:25:
cb:eb:19:95
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYWSZENTABVqsD5Gq+3XFw8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTA4MTcxODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWJlOWI5ZGE1Y2JjODY5NTFhNDEyZjg2MTI2ZGYxYWI2MmQ3YjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4nAbuwkFZaVLygjcY4EQ6UjkaJA
/45Z6vHqkRgA7T0UnHYF7hqdhDtgVM3Qr9ZCCvfux0NfcJj+W85V3B8EXSHWHYQp
w3E2V1AJyrZBUE1nY+LmC7HHlqb5yElDvKdTbrkwpcptBgPEbswgjnqaBMnKfEfE
zv4K9T1LHhUB66JLulBvs8Eq4A34Ddlx5mSwzcMhjPifEqg05zUutYuf6MRO1m9V
2wqaon5/JevRcw0fNFMuo6puPT/HBa4nE4t3vjqCjg1IUtCMUForon+i/h0clRzp
avVHTPJ9m3VIyTY+pP23pEm8ibKFocEuan03E0QG8O+AZcpZ6VmX8QhIZwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMG+m52ly8hpUaQS+GEm3xq2LXuLMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvd2I2Ym5hWEx5R2xScEJMNFlTYmZHcll0ZTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQAAjimAwQA
LVqSAwQATVPzAwQATmzZMA4EAgACMAgDBgAqCwuGADANBgkqhkiG9w0BAQsFAAOC
AQEAYZT8Y8BMFx+Uqn5iUTII+FQkmxDV7AysHMWpCykCUl30NlT2t4zhN55AzzZ/
JgQqJ6Me9mJPvUSfaakzIUezOI4g4NKM/JiU81KVJHMgJ4/Mtvf21+QmqFeLsJ9Z
OgTBeU8jT0t5nKSlIDPthvdfl9OjDBNmB8NpqAJj7DifJrWbY81LviUikVqta/Sn
dto2uYh52LgQ3aY7J0L30DfnSw5RLHCSnqCvAWEST0e79eio4+narneWT0apNFDi
9X33tp/1S99sDQ1mbXg3ImcMO7pgF21qqs+dUucYnBRgMu88cyMcS5Za42/XSf0W
FtHH0dAYDXvARXAiJw4ly+sZlQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org