Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/WZMEGwa-aMr8eW58zqkk6u0T0wA.roa
File: WZMEGwa-aMr8eW58zqkk6u0T0wA.roa (raw, json)
Hash identifier: MZI/CKFEZLIDRBp632BskWjUzv8K14Jw5YFZQOmy0kE=
Subject key identifier: 59:93:04:1B:06:BE:68:CA:FC:79:6E:7C:CE:A9:24:EA:ED:13:D3:00
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0188D304BFA196747789DBE0C292EB1C54C2
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/WZMEGwa-aMr8eW58zqkk6u0T0wA.roa
Signing time: Mon 19 Jun 2023 09:38:03 +0000
ROA not before: Mon 19 Jun 2023 09:38:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.42.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
91.226.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Jun 2023 21:09:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d3:04:bf:a1:96:74:77:89:db:e0:c2:92:eb:1c:54:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 19 09:38:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5993041b06be68cafc796e7ccea924eaed13d300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5c:0f:28:fb:37:36:37:b9:57:7e:85:fa:57:
b9:de:e1:ba:5a:97:bd:15:de:ff:fa:8e:60:19:a1:
23:ae:d3:1d:38:8f:1e:a9:59:27:37:e1:6d:c1:14:
66:3f:64:60:c0:98:5a:34:21:73:d1:fd:ff:b0:ad:
d7:52:ee:d7:76:d9:43:27:d6:24:77:90:9d:37:e3:
c4:2d:55:0a:da:cf:ff:bb:36:78:50:53:e1:22:27:
2a:4a:26:83:ba:30:a6:bc:c4:6b:09:13:ea:b6:f5:
44:ed:2d:b6:87:4f:1f:e6:ad:b4:4f:c9:9c:af:5b:
1c:51:05:4b:98:d0:be:26:30:26:7c:12:ca:55:56:
d8:ca:7e:c2:d3:36:12:61:7a:53:24:1b:5f:92:35:
28:40:d6:80:f1:95:49:41:dd:f6:12:f4:0b:1e:17:
74:6c:f1:c2:75:96:c3:98:e7:f3:73:be:2b:93:bc:
9c:97:a8:f7:ce:de:db:1b:a2:1f:21:67:8b:8c:ca:
99:24:dc:5a:f5:d8:bb:6c:3b:b9:c3:4e:af:c9:79:
f7:33:ce:36:fb:a0:13:f2:92:ac:8c:8e:51:62:3c:
24:4d:dd:b4:d6:9e:fc:c3:fe:5e:48:03:79:a8:be:
6d:1a:6d:95:ff:af:d3:3e:87:e7:4d:bc:29:16:3e:
90:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:93:04:1B:06:BE:68:CA:FC:79:6E:7C:CE:A9:24:EA:ED:13:D3:00
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/WZMEGwa-aMr8eW58zqkk6u0T0wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.57.0/24
109.122.42.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
46:af:be:eb:4d:5d:dc:4d:d7:e5:5e:3b:86:2e:00:95:2d:8e:
ff:ef:74:6e:2d:43:2a:0b:d6:8d:aa:5a:2f:5f:6f:59:c0:28:
87:7e:58:6f:c8:63:c5:2c:4a:09:06:30:c4:6b:fd:eb:30:d1:
c3:82:d0:56:6a:c1:1a:df:1b:2d:77:e1:b2:95:b7:ef:df:79:
b8:e9:b4:70:53:63:93:7b:35:d3:4f:98:b9:bc:3d:23:fd:e3:
bd:ce:14:d1:f1:a3:0f:53:0f:4f:17:2e:a8:7c:3a:12:c2:7b:
fe:c2:9d:83:33:04:2a:23:f2:4a:ab:05:59:71:38:76:53:6b:
ec:f1:a0:e1:fa:9a:80:c8:ea:49:94:65:57:1e:b4:ef:37:ad:
52:f0:5d:3a:9a:f8:09:79:78:31:55:24:70:23:04:23:89:02:
79:98:94:92:e8:0e:0a:49:49:4c:76:2f:5c:80:9e:5c:94:6e:
d5:1f:2f:6f:d1:c0:16:12:55:7b:27:ac:0d:4d:32:92:47:8b:
53:9a:1c:38:a0:68:f5:e6:96:03:6d:42:b7:0c:b7:f8:90:8a:
4f:27:eb:97:b7:34:91:ac:44:62:0e:67:23:ea:1e:87:5c:4c:
0f:4e:fa:de:cc:3a:51:35:6d:33:4c:d7:c4:fd:ba:72:a9:5f:
3e:36:c0:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjTBL+hlnR3idvgwpLrHFTCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNjE5MDkzODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTkzMDQxYjA2YmU2OGNhZmM3OTZlN2NjZWE5MjRlYWVkMTNkMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVwPKPs3Nje5V36F+le53uG6Wpe9
Fd7/+o5gGaEjrtMdOI8eqVknN+FtwRRmP2RgwJhaNCFz0f3/sK3XUu7XdtlDJ9Yk
d5CdN+PELVUK2s//uzZ4UFPhIicqSiaDujCmvMRrCRPqtvVE7S22h08f5q20T8mc
r1scUQVLmNC+JjAmfBLKVVbYyn7C0zYSYXpTJBtfkjUoQNaA8ZVJQd32EvQLHhd0
bPHCdZbDmOfzc74rk7ycl6j3zt7bG6IfIWeLjMqZJNxa9di7bDu5w06vyXn3M842
+6AT8pKsjI5RYjwkTd201p78w/5eSAN5qL5tGm2V/6/TPofnTbwpFj6Q/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFmTBBsGvmjK/HlufM6pJOrtE9MAMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvV1pNRUd3YS1hTXI4ZVc1OHpxa2s2dTBUMHdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+I5AwQA
bXoqAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQBGr77rTV3cTdflXjuGLgCVLY7/
73RuLUMqC9aNqlovX29ZwCiHflhvyGPFLEoJBjDEa/3rMNHDgtBWasEa3xstd+Gy
lbfv33m46bRwU2OTezXTT5i5vD0j/eO9zhTR8aMPUw9PFy6ofDoSwnv+wp2DMwQq
I/JKqwVZcTh2U2vs8aDh+pqAyOpJlGVXHrTvN61S8F06mvgJeXgxVSRwIwQjiQJ5
mJSS6A4KSUlMdi9cgJ5clG7VHy9v0cAWElV7J6wNTTKSR4tTmhw4oGj15pYDbUK3
DLf4kIpPJ+uXtzSRrERiDmcj6h6HXEwPTvrezDpRNW0zTNfE/bpyqV8+NsCz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org