Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/wnb8yjO2NEfc9KDnGPv_BtTDP44.roa
File: wnb8yjO2NEfc9KDnGPv_BtTDP44.roa (raw, json)
Hash identifier: p/AKbgZGzYPq+Rad69K5Wv9QY+/Dy/xHXKusl03nqMc=
Subject key identifier: C2:76:FC:CA:33:B6:34:47:DC:F4:A0:E7:18:FB:FF:06:D4:C3:3F:8E
Certificate issuer: /CN=6a4623f76bd5bb2df0af66f360ff74ff1c00db02
Certificate serial: 01856D9D450B779638CBADEF74179CF56988
Authority key identifier: 6A:46:23:F7:6B:D5:BB:2D:F0:AF:66:F3:60:FF:74:FF:1C:00:DB:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/akYj92vVuy3wr2bzYP90_xwA2wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/wnb8yjO2NEfc9KDnGPv_BtTDP44.roa
Signing time: Sun 01 Jan 2023 13:55:01 +0000
ROA not before: Sun 01 Jan 2023 13:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199246
IP address blocks: 185.4.132.0/22 maxlen: 22
185.138.40.0/22 maxlen: 24
2a02:c500::/29 maxlen: 32
2a07:8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:45:0b:77:96:38:cb:ad:ef:74:17:9c:f5:69:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a4623f76bd5bb2df0af66f360ff74ff1c00db02
Validity
Not Before: Jan 1 13:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c276fcca33b63447dcf4a0e718fbff06d4c33f8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:77:6f:2a:ed:82:c7:44:6c:e2:42:69:f0:9c:
f8:cb:79:10:d5:0e:2c:af:52:fe:1c:13:54:30:96:
bf:53:03:97:39:f8:27:50:57:58:68:f9:d1:14:13:
1a:c3:a9:2f:56:42:a1:91:98:15:f0:54:0d:03:50:
e6:f1:9e:ea:80:dc:1e:2f:45:af:b0:b4:b5:6a:4b:
a0:ab:48:9a:ce:c0:21:01:df:7f:c1:86:31:af:27:
5f:a2:73:05:5f:84:bf:1c:4f:4d:3b:23:0b:37:d2:
9a:7b:90:b7:bc:82:09:25:06:df:74:ae:3f:7e:33:
fc:63:b2:50:cf:46:45:32:2b:88:23:7c:0d:f2:0c:
4e:49:20:47:07:17:3c:10:50:6a:a5:96:64:ec:43:
a8:0e:d5:b1:df:46:15:55:63:5c:3c:1c:f5:e0:d0:
cb:61:9f:96:c7:1d:22:46:77:5f:67:2a:6f:26:99:
9f:d5:8a:bc:bc:63:bc:22:a8:49:38:cb:ee:5e:d9:
13:b9:75:47:5b:21:5d:3f:64:8c:43:a8:68:94:7e:
45:7e:98:f8:9c:23:c0:74:44:27:4c:32:fb:5e:b4:
83:7b:61:5f:f2:61:a8:c4:8f:8f:df:f5:e1:21:82:
15:50:12:52:9e:14:94:ae:34:ff:e9:4a:dc:bf:ac:
8f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:76:FC:CA:33:B6:34:47:DC:F4:A0:E7:18:FB:FF:06:D4:C3:3F:8E
X509v3 Authority Key Identifier:
keyid:6A:46:23:F7:6B:D5:BB:2D:F0:AF:66:F3:60:FF:74:FF:1C:00:DB:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/akYj92vVuy3wr2bzYP90_xwA2wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/wnb8yjO2NEfc9KDnGPv_BtTDP44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/akYj92vVuy3wr2bzYP90_xwA2wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.132.0/22
185.138.40.0/22
IPv6:
2a02:c500::/29
2a07:8c0::/29
Signature Algorithm: sha256WithRSAEncryption
b4:63:49:90:2d:72:a4:2a:95:9f:e9:29:a1:e7:21:db:90:74:
e1:a9:a2:34:6a:2f:18:f2:4e:09:25:df:db:f9:d4:6e:1b:b3:
de:00:8d:03:ca:e2:5d:b1:3d:53:c2:76:f5:b6:43:c2:9e:ff:
31:d8:99:b5:bf:17:45:44:1d:00:8e:85:fd:2b:ef:76:e5:4c:
fe:d3:34:6c:36:07:e6:c3:89:d4:42:64:aa:e3:a9:a6:cb:61:
a5:6e:da:e6:f0:d6:f1:8c:d6:6f:9e:ee:1c:6a:aa:a9:cd:8c:
fd:86:e5:26:a8:b4:4f:9f:4b:9a:f5:ac:3f:f0:f2:84:6e:55:
96:26:3a:2e:d9:b6:ab:8a:c1:4e:08:6e:f5:86:6e:01:25:76:
4a:4d:a7:8d:61:23:fb:ce:bd:65:81:6f:99:3e:d7:d0:d0:1b:
33:39:20:00:b5:20:04:8b:23:01:25:9e:11:ea:8b:96:2b:63:
39:28:24:bc:fa:8f:2e:35:ea:13:6d:0f:34:1e:01:70:a1:8e:
65:be:a9:8b:f1:be:f8:87:8d:0d:1a:74:bc:58:94:c4:ad:09:
85:6d:bc:f1:cc:29:48:e6:63:99:3f:d2:62:10:27:85:7a:55:
b9:14:e4:14:e4:dd:25:3a:45:e6:b1:31:93:12:a4:ee:a1:3d:
08:87:55:ba
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVtnUULd5Y4y63vdBec9WmIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNDYyM2Y3NmJkNWJiMmRmMGFmNjZmMzYwZmY3NGZmMWMw
MGRiMDIwHhcNMjMwMTAxMTM1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjc2ZmNjYTMzYjYzNDQ3ZGNmNGEwZTcxOGZiZmYwNmQ0YzMzZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3dvKu2Cx0Rs4kJp8Jz4y3kQ1Q4s
r1L+HBNUMJa/UwOXOfgnUFdYaPnRFBMaw6kvVkKhkZgV8FQNA1Dm8Z7qgNweL0Wv
sLS1akugq0iazsAhAd9/wYYxrydfonMFX4S/HE9NOyMLN9Kae5C3vIIJJQbfdK4/
fjP8Y7JQz0ZFMiuII3wN8gxOSSBHBxc8EFBqpZZk7EOoDtWx30YVVWNcPBz14NDL
YZ+Wxx0iRndfZypvJpmf1Yq8vGO8IqhJOMvuXtkTuXVHWyFdP2SMQ6holH5Ffpj4
nCPAdEQnTDL7XrSDe2Ff8mGoxI+P3/XhIYIVUBJSnhSUrjT/6Urcv6yPcwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMJ2/MoztjRH3PSg5xj7/wbUwz+OMB8GA1UdIwQY
MBaAFGpGI/dr1bst8K9m82D/dP8cANsCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWtZajkydlZ1eTN3cjJiellQOTBfeHdBMndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OTk1MjgtYjg5ZC00NDAyLWE4MDgt
NmM4MzIwNTBlNzdhLzEvd25iOHlqTzJORWZjOUtEbkdQdl9CdFREUDQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OTk1MjgtYjg5ZC00NDAyLWE4MDgtNmM4MzIwNTBlNzdh
LzEvYWtZajkydlZ1eTN3cjJiellQOTBfeHdBMndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuQSEAwQC
uYooMBQEAgACMA4DBQMqAsUAAwUDKgcIwDANBgkqhkiG9w0BAQsFAAOCAQEAtGNJ
kC1ypCqVn+kpoech25B04amiNGovGPJOCSXf2/nUbhuz3gCNA8riXbE9U8J29bZD
wp7/MdiZtb8XRUQdAI6F/SvvduVM/tM0bDYH5sOJ1EJkquOppsthpW7a5vDW8YzW
b57uHGqqqc2M/YblJqi0T59LmvWsP/DyhG5VliY6Ltm2q4rBTghu9YZuASV2Sk2n
jWEj+869ZYFvmT7X0NAbMzkgALUgBIsjASWeEeqLlitjOSgkvPqPLjXqE20PNB4B
cKGOZb6pi/G++IeNDRp0vFiUxK0JhW288cwpSOZjmT/SYhAnhXpVuRTkFOTdJTpF
5rExkxKk7qE9CIdVug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:36 2024 by rpki-client on console-ams.rpki-client.org