Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/wNdlEiul58xzMRl411K-wrlihSE.roa
File: wNdlEiul58xzMRl411K-wrlihSE.roa (raw, json)
Hash identifier: 2KRdRO2XSLR0Ctxg/1kfRT4ca+UhDOzHHO0DdgxtO+M=
Subject key identifier: C0:D7:65:12:2B:A5:E7:CC:73:31:19:78:D7:52:BE:C2:B9:62:85:21
Certificate issuer: /CN=0c037dd22b7aabe282225afb256b8d9dcbeba353
Certificate serial: 018DF9BFBB88370D3F31D57E886EE287C033
Authority key identifier: 0C:03:7D:D2:2B:7A:AB:E2:82:22:5A:FB:25:6B:8D:9D:CB:EB:A3:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DAN90it6q-KCIlr7JWuNncvro1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/wNdlEiul58xzMRl411K-wrlihSE.roa
Signing time: Fri 01 Mar 2024 11:21:48 +0000
ROA not before: Fri 01 Mar 2024 11:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50023
IP address blocks: 85.204.48.0/22 maxlen: 22
85.204.49.0/24 maxlen: 24
109.68.12.0/22 maxlen: 22
185.14.212.0/22 maxlen: 22
185.137.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 15 Apr 2024 11:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:bf:bb:88:37:0d:3f:31:d5:7e:88:6e:e2:87:c0:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c037dd22b7aabe282225afb256b8d9dcbeba353
Validity
Not Before: Mar 1 11:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0d765122ba5e7cc73311978d752bec2b9628521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c6:f8:c7:11:99:b4:88:85:80:06:cb:65:14:
0e:9a:13:71:20:17:78:b8:b8:ae:d8:3a:f7:61:f7:
b7:09:f8:04:28:c2:24:3c:32:f0:18:46:d6:4d:a8:
c2:5f:36:d3:e1:c0:27:98:87:46:94:ac:ad:0c:09:
c2:9f:f6:d8:b2:0e:1e:bb:7e:91:2b:16:3f:24:be:
44:1f:97:81:ca:4d:0e:3b:6c:94:88:20:3f:86:85:
53:7d:7d:09:fd:c6:16:50:84:85:ef:2b:17:cb:15:
5e:36:a2:69:ad:25:5f:32:31:0a:a1:d0:9d:26:85:
bd:6a:65:17:c1:14:74:10:dd:ff:39:d9:1d:4c:7c:
33:6c:f4:8f:b9:17:cf:0f:e8:c6:c2:7a:40:43:a8:
40:38:d5:99:86:40:3f:a6:1f:c7:39:e7:f8:0d:e4:
2f:89:f7:a0:ff:14:9c:ac:34:01:a1:7d:d4:78:e2:
4a:10:b3:7f:59:fe:bc:87:a2:31:10:76:bd:b4:ce:
5e:6b:d9:fe:bb:f8:95:2d:fb:6e:0b:33:67:df:f8:
31:ac:84:33:fc:35:94:a0:2b:8a:37:d1:67:70:ac:
bc:11:27:c1:d4:a7:f8:bc:0d:be:7d:3d:12:c4:ee:
b4:45:4a:62:73:df:97:d4:5b:00:0c:27:43:2f:3d:
53:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:D7:65:12:2B:A5:E7:CC:73:31:19:78:D7:52:BE:C2:B9:62:85:21
X509v3 Authority Key Identifier:
keyid:0C:03:7D:D2:2B:7A:AB:E2:82:22:5A:FB:25:6B:8D:9D:CB:EB:A3:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DAN90it6q-KCIlr7JWuNncvro1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/wNdlEiul58xzMRl411K-wrlihSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/DAN90it6q-KCIlr7JWuNncvro1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.48.0/22
109.68.12.0/22
185.14.212.0/22
185.137.64.0/22
Signature Algorithm: sha256WithRSAEncryption
27:08:d6:b5:aa:c6:cc:65:75:05:34:e3:9c:e6:b7:32:9f:3f:
5f:e8:d3:37:f7:fd:80:e5:67:10:62:bd:81:6c:fa:29:3b:7b:
90:58:81:f6:8f:01:dd:e0:73:d3:ae:ae:da:a2:a8:d1:e8:44:
dc:b0:df:5a:95:0f:21:52:2f:e2:05:b5:2f:64:07:e1:d2:66:
53:e6:03:35:e9:f4:da:66:27:15:67:08:80:1b:8c:63:84:b2:
5f:ce:19:08:5f:9f:33:6b:e3:11:fc:94:5c:20:e9:8c:a4:53:
1c:02:5b:1c:d3:b1:87:7b:a6:ae:15:b1:50:ad:93:0c:20:96:
ad:c9:49:e1:17:c8:b8:14:c0:93:bb:55:b7:c9:45:58:5b:68:
95:3d:28:dc:82:4f:b6:11:41:45:0d:93:c3:35:3c:55:5e:19:
5f:14:d0:17:73:28:e8:f7:61:ee:e8:b8:84:2d:15:71:4d:65:
4b:63:9b:9f:70:a9:40:f1:65:3e:f5:58:fb:c5:e1:5d:4a:68:
77:ec:8d:31:5b:b4:17:b6:1a:02:a7:c8:c0:81:9e:33:88:64:
3d:85:02:66:6d:04:fe:a9:eb:cf:e7:88:fb:cc:7b:35:ab:e2:
95:27:71:d8:30:91:c8:9a:b3:d1:01:40:30:99:72:13:03:83:
de:41:42:fe
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY35v7uINw0/MdV+iG7ih8AzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMDM3ZGQyMmI3YWFiZTI4MjIyNWFmYjI1NmI4ZDlkY2Jl
YmEzNTMwHhcNMjQwMzAxMTEyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGQ3NjUxMjJiYTVlN2NjNzMzMTE5NzhkNzUyYmVjMmI5NjI4NTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8b4xxGZtIiFgAbLZRQOmhNxIBd4
uLiu2Dr3Yfe3CfgEKMIkPDLwGEbWTajCXzbT4cAnmIdGlKytDAnCn/bYsg4eu36R
KxY/JL5EH5eByk0OO2yUiCA/hoVTfX0J/cYWUISF7ysXyxVeNqJprSVfMjEKodCd
JoW9amUXwRR0EN3/OdkdTHwzbPSPuRfPD+jGwnpAQ6hAONWZhkA/ph/HOef4DeQv
ifeg/xScrDQBoX3UeOJKELN/Wf68h6IxEHa9tM5ea9n+u/iVLftuCzNn3/gxrIQz
/DWUoCuKN9FncKy8ESfB1Kf4vA2+fT0SxO60RUpic9+X1FsADCdDLz1T6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMDXZRIrpefMczEZeNdSvsK5YoUhMB8GA1UdIwQY
MBaAFAwDfdIreqvigiJa+yVrjZ3L66NTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREFOOTBpdDZxLUtDSWxyN0pXdU5uY3ZybzFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9kYTgxY2ItMTk3Mi00YzliLTlkYWIt
ZThmM2E2NmVmNTU4LzEvd05kbEVpdWw1OHh6TVJsNDExSy13cmxpaFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9kYTgxY2ItMTk3Mi00YzliLTlkYWItZThmM2E2NmVmNTU4
LzEvREFOOTBpdDZxLUtDSWxyN0pXdU5uY3ZybzFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCVcwwAwQC
bUQMAwQCuQ7UAwQCuYlAMA0GCSqGSIb3DQEBCwUAA4IBAQAnCNa1qsbMZXUFNOOc
5rcynz9f6NM39/2A5WcQYr2BbPopO3uQWIH2jwHd4HPTrq7aoqjR6ETcsN9alQ8h
Ui/iBbUvZAfh0mZT5gM16fTaZicVZwiAG4xjhLJfzhkIX58za+MR/JRcIOmMpFMc
Alsc07GHe6auFbFQrZMMIJatyUnhF8i4FMCTu1W3yUVYW2iVPSjcgk+2EUFFDZPD
NTxVXhlfFNAXcyjo92Hu6LiELRVxTWVLY5ufcKlA8WU+9Vj7xeFdSmh37I0xW7QX
thoCp8jAgZ4ziGQ9hQJmbQT+qevP54j7zHs1q+KVJ3HYMJHImrPRAUAwmXITA4Pe
QUL+
-----END CERTIFICATE-----
Generated at Mon Apr 15 13:25:27 2024 by rpki-client on console-fra.rpki-client.org