Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/WMFHvTEKwpLTNE3d0mUC2hMtk4w.roa
File: WMFHvTEKwpLTNE3d0mUC2hMtk4w.roa (raw, json)
Hash identifier: 5LKcpNobBXjGwhjgrV+VgO4knhMMYbgKsnBF0trXBOk=
Subject key identifier: 58:C1:47:BD:31:0A:C2:92:D3:34:4D:DD:D2:65:02:DA:13:2D:93:8C
Certificate issuer: /CN=ad0b79e4b59c5fcda493a20ad18e9455859d031b
Certificate serial: 01878EEBA97B9BA9FF876D882E148E93E67B
Authority key identifier: AD:0B:79:E4:B5:9C:5F:CD:A4:93:A2:0A:D1:8E:94:55:85:9D:03:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQt55LWcX82kk6IK0Y6UVYWdAxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/WMFHvTEKwpLTNE3d0mUC2hMtk4w.roa
Signing time: Mon 17 Apr 2023 11:13:41 +0000
ROA not before: Mon 17 Apr 2023 11:13:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21119
IP address blocks: 193.169.42.0/23 maxlen: 24
185.36.28.0/22 maxlen: 24
5.226.160.0/21 maxlen: 24
89.233.96.0/21 maxlen: 24
2a03:6240::/32 maxlen: 64
Validation: Failed, certificate revoked on Fri 21 Apr 2023 12:25:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:eb:a9:7b:9b:a9:ff:87:6d:88:2e:14:8e:93:e6:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0b79e4b59c5fcda493a20ad18e9455859d031b
Validity
Not Before: Apr 17 11:13:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58c147bd310ac292d3344dddd26502da132d938c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:66:c3:c4:aa:bf:33:e0:c0:b2:5c:fc:23:84:
cb:34:37:95:c2:04:88:37:ed:f1:36:d4:36:f8:7b:
11:29:54:c2:3c:b0:b6:47:21:77:3d:78:81:08:61:
f1:6b:ca:00:47:5c:a9:a9:a8:b5:86:ac:37:e8:40:
43:95:7a:dc:e7:ba:7e:0b:e9:f6:2d:40:53:d8:df:
09:f6:c6:bc:eb:67:d1:a8:d4:6a:20:7a:78:00:b8:
00:48:9f:2f:a4:1b:44:ee:98:6a:6f:04:41:35:82:
5e:50:53:8f:1e:de:49:86:36:ca:59:29:32:40:4a:
66:85:88:e6:29:b7:ca:4a:ae:33:44:44:93:af:71:
da:06:bc:6c:d3:e8:b6:69:5d:15:a1:4f:f7:51:e5:
b9:d5:74:18:0a:1a:bc:17:f2:47:59:b9:d6:c9:19:
04:6a:df:0a:59:3f:ec:00:54:51:24:b9:87:27:c6:
2f:fd:ba:d4:36:0d:0b:3e:4b:89:c8:05:8a:96:08:
d5:58:fb:0b:f1:ac:77:fb:be:25:e1:c3:da:94:a7:
2b:bf:22:a5:de:ac:ad:4a:d1:42:04:2e:f6:65:24:
94:2b:7c:0c:ce:10:d9:ce:f7:17:48:18:62:5f:a6:
d6:d8:cb:a9:f4:07:4e:ba:c2:c7:0e:48:b4:40:08:
8c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:C1:47:BD:31:0A:C2:92:D3:34:4D:DD:D2:65:02:DA:13:2D:93:8C
X509v3 Authority Key Identifier:
keyid:AD:0B:79:E4:B5:9C:5F:CD:A4:93:A2:0A:D1:8E:94:55:85:9D:03:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQt55LWcX82kk6IK0Y6UVYWdAxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/WMFHvTEKwpLTNE3d0mUC2hMtk4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/rQt55LWcX82kk6IK0Y6UVYWdAxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.160.0/21
89.233.96.0/21
185.36.28.0/22
193.169.42.0/23
IPv6:
2a03:6240::/32
Signature Algorithm: sha256WithRSAEncryption
2c:65:ff:ed:7c:b1:4f:03:a5:03:54:ae:b8:b1:3c:69:c9:a7:
73:3d:2e:3b:79:7f:8c:84:ee:2f:1c:65:a9:6f:e9:a1:cd:28:
3e:e8:fe:52:52:e9:91:55:b0:97:84:3a:d7:1a:7d:ff:c9:7e:
6e:09:7f:e1:eb:a9:75:c8:0f:b1:c0:4b:71:af:b5:f8:a6:d2:
f2:30:d9:ba:85:79:d3:7f:72:b0:ba:ff:f3:54:7a:fe:ee:43:
3f:ee:fe:fa:70:f0:69:7e:76:f9:c2:dd:7a:7b:1c:6e:aa:2c:
08:56:f6:e8:39:5f:88:c3:bc:29:7b:90:e6:78:ea:30:31:a9:
b3:17:e6:b9:41:40:de:9f:39:d7:9b:bf:7b:01:9c:df:5d:04:
57:50:2c:ce:e0:a6:61:6e:f5:d6:cf:b5:6c:fa:3c:45:70:02:
bc:da:65:27:d9:4b:d3:64:bd:5d:2b:e2:b6:e1:81:e5:97:3e:
14:e3:0b:be:14:45:a5:ab:7e:3b:c5:d1:45:a8:fd:a7:ba:60:
3f:fe:48:a4:f7:01:65:f6:dc:fc:d2:13:d1:ce:a3:8f:b3:44:
0c:c9:02:d8:69:44:cd:a1:70:ad:57:a2:b1:9b:69:b8:9c:a4:
26:3f:af:fa:fa:58:41:c1:3f:54:37:95:c0:fd:46:8c:57:00:
c3:dc:d8:b2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYeO66l7m6n/h22ILhSOk+Z7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGI3OWU0YjU5YzVmY2RhNDkzYTIwYWQxOGU5NDU1ODU5
ZDAzMWIwHhcNMjMwNDE3MTExMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGMxNDdiZDMxMGFjMjkyZDMzNDRkZGRkMjY1MDJkYTEzMmQ5MzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWbDxKq/M+DAslz8I4TLNDeVwgSI
N+3xNtQ2+HsRKVTCPLC2RyF3PXiBCGHxa8oAR1ypqai1hqw36EBDlXrc57p+C+n2
LUBT2N8J9sa862fRqNRqIHp4ALgASJ8vpBtE7phqbwRBNYJeUFOPHt5JhjbKWSky
QEpmhYjmKbfKSq4zRESTr3HaBrxs0+i2aV0VoU/3UeW51XQYChq8F/JHWbnWyRkE
at8KWT/sAFRRJLmHJ8Yv/brUNg0LPkuJyAWKlgjVWPsL8ax3+74l4cPalKcrvyKl
3qytStFCBC72ZSSUK3wMzhDZzvcXSBhiX6bW2Mup9AdOusLHDki0QAiMiQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFjBR70xCsKS0zRN3dJlAtoTLZOMMB8GA1UdIwQY
MBaAFK0LeeS1nF/NpJOiCtGOlFWFnQMbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclF0NTVMV2NYODJrazZJSzBZNlVWWVdkQXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9jZDU1NWItZjczZS00OGFkLWI1NDQt
ZTNlYjRlOGEzOGRiLzEvV01GSHZURUt3cExUTkUzZDBtVUMyaE10azR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9jZDU1NWItZjczZS00OGFkLWI1NDQtZTNlYjRlOGEzOGRi
LzEvclF0NTVMV2NYODJrazZJSzBZNlVWWVdkQXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBeKgAwQD
WelgAwQCuSQcAwQBwakqMA0EAgACMAcDBQAqA2JAMA0GCSqGSIb3DQEBCwUAA4IB
AQAsZf/tfLFPA6UDVK64sTxpyadzPS47eX+MhO4vHGWpb+mhzSg+6P5SUumRVbCX
hDrXGn3/yX5uCX/h66l1yA+xwEtxr7X4ptLyMNm6hXnTf3Kwuv/zVHr+7kM/7v76
cPBpfnb5wt16exxuqiwIVvboOV+Iw7wpe5DmeOowMamzF+a5QUDenznXm797AZzf
XQRXUCzO4KZhbvXWz7Vs+jxFcAK82mUn2UvTZL1dK+K24YHllz4U4wu+FEWlq347
xdFFqP2numA//kik9wFl9tz80hPRzqOPs0QMyQLYaUTNoXCtV6Kxm2m4nKQmP6/6
+lhBwT9UN5XA/UaMVwDD3Niy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:23 2024 by rpki-client on console-fra.rpki-client.org