Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/WbxMD_SavACMulVK2TFesCrRQ0Y.roa
File: WbxMD_SavACMulVK2TFesCrRQ0Y.roa (raw, json)
Hash identifier: VMMxbfw5L7XxlpKzE6GTS8ySu/SUCP4eYj3JtG3KeZ4=
Subject key identifier: 59:BC:4C:0F:F4:9A:BC:00:8C:BA:55:4A:D9:31:5E:B0:2A:D1:43:46
Certificate issuer: /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial: 018CC50079C7EAE8550BE9DF356A5095BB00
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/WbxMD_SavACMulVK2TFesCrRQ0Y.roa
Signing time: Mon 01 Jan 2024 12:29:51 +0000
ROA not before: Mon 01 Jan 2024 12:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59675
IP address blocks: 31.220.150.0/24 maxlen: 24
185.5.10.0/23 maxlen: 23
185.5.8.0/23 maxlen: 23
213.185.78.0/23 maxlen: 23
213.185.80.0/22 maxlen: 22
213.185.80.0/24 maxlen: 24
213.185.84.0/23 maxlen: 23
128.0.144.0/23 maxlen: 23
128.0.150.0/24 maxlen: 24
128.0.151.0/24 maxlen: 24
128.0.152.0/24 maxlen: 24
128.0.148.0/23 maxlen: 23
128.0.146.0/23 maxlen: 23
128.0.154.0/24 maxlen: 24
128.0.153.0/24 maxlen: 24
2a02:45c0::/32 maxlen: 32
2a02:45c0:3::/48 maxlen: 48
2a02:45c0:19::/48 maxlen: 48
2a02:45c0:7::/48 maxlen: 48
2a02:45c0:18::/48 maxlen: 48
2a02:45c0:10::/48 maxlen: 48
2a02:45c0:13::/48 maxlen: 48
2a02:45c0:9::/48 maxlen: 48
2a02:45c0:8::/48 maxlen: 48
2a02:45c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Sep 2024 09:39:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:79:c7:ea:e8:55:0b:e9:df:35:6a:50:95:bb:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Validity
Not Before: Jan 1 12:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59bc4c0ff49abc008cba554ad9315eb02ad14346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:63:d1:1e:25:dc:3b:5d:40:61:5d:3a:42:4d:
8c:2c:bd:5f:29:85:49:b3:57:8e:09:bb:96:aa:2a:
60:df:fb:e2:d9:92:db:12:3e:69:09:c5:0d:ed:9f:
e3:3a:80:aa:92:f5:cd:f2:43:d4:4a:34:a6:67:98:
aa:03:2f:7c:7d:26:a2:60:21:81:fe:b3:cf:28:38:
18:81:80:cc:55:0f:6e:c8:ad:32:70:87:b9:40:ae:
0f:a3:e0:c3:41:80:33:eb:bf:de:d0:3a:a9:13:4d:
d6:4a:71:f3:cf:67:8c:7e:9a:06:60:cd:c6:a6:83:
69:84:95:82:95:e3:e7:73:3d:bb:1c:22:52:1c:c4:
b6:9d:b1:66:78:8f:04:7f:c2:77:93:67:f8:9e:e0:
9a:78:db:c1:8a:3d:c5:c2:e5:84:54:7b:9e:1c:65:
c1:78:0d:08:c4:aa:d9:9f:c5:87:17:e9:eb:e9:97:
38:40:c9:bd:b1:74:a3:2e:3c:b8:e7:38:77:34:c3:
06:10:fc:d4:48:b8:71:2b:14:3a:a1:fa:1e:78:7a:
c8:9a:c7:31:36:9c:82:0d:0c:3a:41:78:f6:62:b5:
a6:7f:30:3a:5f:91:be:b8:27:07:39:9c:0e:9c:3f:
8e:dc:7f:e1:81:1e:27:dc:f3:a5:7f:11:cd:49:25:
9b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:BC:4C:0F:F4:9A:BC:00:8C:BA:55:4A:D9:31:5E:B0:2A:D1:43:46
X509v3 Authority Key Identifier:
keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/WbxMD_SavACMulVK2TFesCrRQ0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.150.0/24
128.0.144.0-128.0.154.255
185.5.8.0/22
213.185.78.0-213.185.85.255
IPv6:
2a02:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
91:12:9c:fd:ee:1b:22:b5:e6:a6:da:76:75:12:ec:92:4c:0b:
aa:cc:42:a1:61:6f:37:68:8b:a4:aa:ca:e0:c4:2b:09:d1:b4:
3c:34:d3:23:f9:3e:35:7e:50:97:b0:59:92:0e:87:21:83:ea:
9a:b2:1c:a3:e8:44:2f:27:16:cf:43:9f:6b:0f:36:af:f4:0b:
f6:da:03:b6:b3:71:ab:4e:44:18:8c:8c:04:3c:66:b0:85:8d:
d7:45:e8:4e:8a:8a:1f:64:1f:23:bd:9f:20:08:35:08:d1:af:
58:50:f6:18:6f:47:79:64:9b:aa:0f:bf:07:4e:40:69:0e:c0:
5f:c0:6f:ee:5d:df:ac:78:c6:bb:65:14:92:41:a1:84:3e:68:
d8:94:b3:93:9c:65:de:d9:87:16:b2:b8:87:1c:98:a0:5d:c3:
50:86:4c:96:20:a6:5c:86:55:da:f5:e0:4c:a9:af:ba:85:3f:
44:e7:e2:bd:32:ac:ca:09:c5:41:f7:c3:ee:a2:c1:e2:21:aa:
3c:af:ec:f7:bf:28:89:38:0c:5f:77:14:80:75:96:13:92:46:
83:7f:40:db:93:4b:9c:cd:08:12:a7:d2:7b:c6:c4:1e:8f:88:
8d:79:33:6d:29:ca:ea:8d:3d:91:9b:43:e9:35:ed:05:1a:d0:
0e:77:c5:45
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYzFAHnH6uhVC+nfNWpQlbsAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDRmOGU0NzYyMzc3Zjg2YjA3YTg3NTNmNmU5OGY2ZjRi
NmI3OTIwHhcNMjQwMTAxMTIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWJjNGMwZmY0OWFiYzAwOGNiYTU1NGFkOTMxNWViMDJhZDE0MzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGPRHiXcO11AYV06Qk2MLL1fKYVJ
s1eOCbuWqipg3/vi2ZLbEj5pCcUN7Z/jOoCqkvXN8kPUSjSmZ5iqAy98fSaiYCGB
/rPPKDgYgYDMVQ9uyK0ycIe5QK4Po+DDQYAz67/e0DqpE03WSnHzz2eMfpoGYM3G
poNphJWClePncz27HCJSHMS2nbFmeI8Ef8J3k2f4nuCaeNvBij3FwuWEVHueHGXB
eA0IxKrZn8WHF+nr6Zc4QMm9sXSjLjy45zh3NMMGEPzUSLhxKxQ6ofoeeHrImscx
NpyCDQw6QXj2YrWmfzA6X5G+uCcHOZwOnD+O3H/hgR4n3POlfxHNSSWb7QIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFFm8TA/0mrwAjLpVStkxXrAq0UNGMB8GA1UdIwQY
MBaAFNvU+OR2I3f4aweodT9umPb0treSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUt
NjIwYTc5Y2Y3OTJiLzEvV2J4TURfU2F2QUNNdWxWSzJURmVzQ3JSUTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUtNjIwYTc5Y2Y3OTJi
LzEvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQAH9yWMAwD
BASAAJADBACAAJoDBAK5BQgwDAMEAdW5TgMEAdW5VDANBAIAAjAHAwUAKgJFwDAN
BgkqhkiG9w0BAQsFAAOCAQEAkRKc/e4bIrXmptp2dRLskkwLqsxCoWFvN2iLpKrK
4MQrCdG0PDTTI/k+NX5Ql7BZkg6HIYPqmrIco+hELycWz0Ofaw82r/QL9toDtrNx
q05EGIyMBDxmsIWN10XoToqKH2QfI72fIAg1CNGvWFD2GG9HeWSbqg+/B05AaQ7A
X8Bv7l3frHjGu2UUkkGhhD5o2JSzk5xl3tmHFrK4hxyYoF3DUIZMliCmXIZV2vXg
TKmvuoU/ROfivTKsygnFQffD7qLB4iGqPK/s978oiTgMX3cUgHWWE5JGg39A25NL
nM0IEqfSe8bEHo+IjXkzbSnK6o09kZtD6TXtBRrQDnfFRQ==
-----END CERTIFICATE-----
Generated at Mon Sep 23 14:19:12 2024 by rpki-client on console-ams.rpki-client.org