Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/wc11hp3qvZcsoCSYr2W80aZIdl4.roa
File: wc11hp3qvZcsoCSYr2W80aZIdl4.roa (raw, json)
Hash identifier: V7iLCxgDOiOCshOfgDMLNyybAxTt2GQBkb9IS+bWnsg=
Subject key identifier: C1:CD:75:86:9D:EA:BD:97:2C:A0:24:98:AF:65:BC:D1:A6:48:76:5E
Certificate issuer: /CN=8b9e36bb6fef9328f518e4b105fc212c152a8c68
Certificate serial: 0185701EDA62E608E9B772232463BA358BD6
Authority key identifier: 8B:9E:36:BB:6F:EF:93:28:F5:18:E4:B1:05:FC:21:2C:15:2A:8C:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i542u2_vkyj1GOSxBfwhLBUqjGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/wc11hp3qvZcsoCSYr2W80aZIdl4.roa
Signing time: Mon 02 Jan 2023 01:35:48 +0000
ROA not before: Mon 02 Jan 2023 01:35:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207790
IP address blocks: 89.57.128.0/18 maxlen: 24
89.57.64.0/18 maxlen: 24
89.56.0.0/16 maxlen: 24
185.12.88.0/22 maxlen: 22
89.57.0.0/18 maxlen: 24
2a03:7840::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:da:62:e6:08:e9:b7:72:23:24:63:ba:35:8b:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9e36bb6fef9328f518e4b105fc212c152a8c68
Validity
Not Before: Jan 2 01:35:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1cd75869deabd972ca02498af65bcd1a648765e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f7:69:32:eb:a6:d6:0a:df:1f:bc:68:ea:b8:
bb:4b:b2:93:42:cb:e9:47:07:b6:ff:3f:3b:1d:58:
ec:a1:2d:83:a6:e9:3c:56:31:f5:78:ea:fb:dc:1d:
15:23:e2:4c:18:48:45:b6:c1:7b:48:86:e8:74:0f:
78:0a:bf:f3:38:73:ae:0c:cd:6e:fe:58:f3:df:aa:
c7:2c:8e:62:67:2d:b6:7d:19:f6:03:0f:90:83:8c:
be:70:06:f0:fc:04:99:c7:6a:05:f9:b7:a7:6c:98:
e2:ab:ec:49:bc:b8:a6:c2:7d:e5:81:9b:03:00:c6:
f6:4f:1c:54:9a:31:0b:b5:f5:a8:e3:03:88:43:c3:
a0:b1:c3:a7:79:52:d9:6b:a4:0b:ee:0e:3f:76:68:
d9:59:11:f6:60:a1:9f:42:e5:67:44:90:f3:3b:e0:
9f:dc:b4:52:25:60:75:1e:3e:8b:61:e9:7d:60:8d:
f3:3a:24:8b:89:03:ba:ca:fa:a1:84:09:1e:4c:2e:
6f:8c:b9:56:bf:d8:4d:42:11:00:f1:18:86:8a:4d:
26:48:b7:a1:a6:a8:a7:1f:08:4f:34:db:39:cb:d3:
5d:6c:22:d8:70:32:14:af:43:56:d4:2e:da:cb:a0:
3c:fe:74:de:98:23:ee:32:05:85:7f:6c:cb:71:96:
e6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:CD:75:86:9D:EA:BD:97:2C:A0:24:98:AF:65:BC:D1:A6:48:76:5E
X509v3 Authority Key Identifier:
keyid:8B:9E:36:BB:6F:EF:93:28:F5:18:E4:B1:05:FC:21:2C:15:2A:8C:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i542u2_vkyj1GOSxBfwhLBUqjGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/wc11hp3qvZcsoCSYr2W80aZIdl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/i542u2_vkyj1GOSxBfwhLBUqjGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.56.0.0-89.57.191.255
185.12.88.0/22
IPv6:
2a03:7840::/29
Signature Algorithm: sha256WithRSAEncryption
01:ac:ab:0b:21:7a:44:b1:72:a7:59:64:bd:71:cb:42:8b:2c:
3a:14:e9:17:a7:24:7e:6d:4c:fc:cf:37:4e:dd:9b:1b:24:f5:
74:b6:c7:3e:b8:0b:fc:24:82:ec:ec:ba:d3:78:27:1e:e6:52:
1f:97:b8:d4:94:96:05:2b:04:af:fc:90:da:ce:d8:1e:97:eb:
a2:4c:41:2e:27:7f:6f:19:50:15:6e:6d:2f:fd:79:40:64:67:
fb:3c:11:1c:ef:48:c5:83:95:12:27:7e:85:df:f0:ea:c5:fb:
71:d4:65:78:0b:46:b4:0a:fb:da:b7:79:8b:cf:e5:fd:3f:8d:
d0:ca:77:f1:e6:00:79:bb:f5:4b:6c:f6:22:e0:62:a0:65:2a:
07:0e:26:75:7a:7d:71:7a:44:da:95:06:96:9d:d8:6b:6e:3e:
89:5e:32:cb:27:1a:bf:7d:1e:5a:25:6b:c5:fc:3f:5a:cf:0b:
74:69:c6:b3:a3:e5:aa:76:e9:a3:8a:27:d2:c4:93:3c:34:bd:
ea:ec:c3:08:3e:99:d0:c3:80:91:ce:85:2e:93:b0:97:7e:51:
f9:cf:aa:87:b7:84:fb:19:0e:f4:cb:dc:31:fb:00:5a:d3:d5:
bb:a7:10:5c:62:7b:45:e3:c8:cc:ab:59:39:2b:a5:3a:ba:54:
52:1f:49:79
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVwHtpi5gjpt3IjJGO6NYvWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOWUzNmJiNmZlZjkzMjhmNTE4ZTRiMTA1ZmMyMTJjMTUy
YThjNjgwHhcNMjMwMTAyMDEzNTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWNkNzU4NjlkZWFiZDk3MmNhMDI0OThhZjY1YmNkMWE2NDg3NjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PdpMuum1grfH7xo6ri7S7KTQsvp
Rwe2/z87HVjsoS2Dpuk8VjH1eOr73B0VI+JMGEhFtsF7SIbodA94Cr/zOHOuDM1u
/ljz36rHLI5iZy22fRn2Aw+Qg4y+cAbw/ASZx2oF+benbJjiq+xJvLimwn3lgZsD
AMb2TxxUmjELtfWo4wOIQ8OgscOneVLZa6QL7g4/dmjZWRH2YKGfQuVnRJDzO+Cf
3LRSJWB1Hj6LYel9YI3zOiSLiQO6yvqhhAkeTC5vjLlWv9hNQhEA8RiGik0mSLeh
pqinHwhPNNs5y9NdbCLYcDIUr0NW1C7ay6A8/nTemCPuMgWFf2zLcZbmRQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMHNdYad6r2XLKAkmK9lvNGmSHZeMB8GA1UdIwQY
MBaAFIueNrtv75Mo9RjksQX8ISwVKoxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTU0MnUyX3ZreWoxR09TeEJmd2hMQlVxakdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80YTBlOGQtMGJiZS00MjEzLTk4YjEt
MWExMTZhNTM0NDgzLzEvd2MxMWhwM3F2WmNzb0NTWXIyVzgwYVpJZGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80YTBlOGQtMGJiZS00MjEzLTk4YjEtMWExMTZhNTM0NDgz
LzEvaTU0MnUyX3ZreWoxR09TeEJmd2hMQlVxakdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAZBAIAATATMAsDAwNZOAME
Blk5gAMEArkMWDANBAIAAjAHAwUDKgN4QDANBgkqhkiG9w0BAQsFAAOCAQEAAayr
CyF6RLFyp1lkvXHLQossOhTpF6ckfm1M/M83Tt2bGyT1dLbHPrgL/CSC7Oy603gn
HuZSH5e41JSWBSsEr/yQ2s7YHpfrokxBLid/bxlQFW5tL/15QGRn+zwRHO9IxYOV
Eid+hd/w6sX7cdRleAtGtAr72rd5i8/l/T+N0Mp38eYAebv1S2z2IuBioGUqBw4m
dXp9cXpE2pUGlp3Ya24+iV4yyycav30eWiVrxfw/Ws8LdGnGs6Plqnbpo4on0sST
PDS96uzDCD6Z0MOAkc6FLpOwl35R+c+qh7eE+xkO9MvcMfsAWtPVu6cQXGJ7RePI
zKtZOSulOrpUUh9JeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:10 2024 by rpki-client on console-fra.rpki-client.org