Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/WL7BleA5AhmnoEihR8rWnOTfxPg.roa
File: WL7BleA5AhmnoEihR8rWnOTfxPg.roa (raw, json)
Hash identifier: 2rrToBLEQfjshXu/WF4Uep3ABPFAti0pQ10tJBEnOKw=
Subject key identifier: 58:BE:C1:95:E0:39:02:19:A7:A0:48:A1:47:CA:D6:9C:E4:DF:C4:F8
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018F28762692817A7DFC8486E199B5A9A3A3
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/WL7BleA5AhmnoEihR8rWnOTfxPg.roa
Signing time: Mon 29 Apr 2024 06:06:22 +0000
ROA not before: Mon 29 Apr 2024 06:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
89.47.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 05:55:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:76:26:92:81:7a:7d:fc:84:86:e1:99:b5:a9:a3:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Apr 29 06:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58bec195e0390219a7a048a147cad69ce4dfc4f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:c4:f0:9e:57:30:be:07:d1:1f:f0:3b:5c:fc:
0d:f0:18:f4:a4:47:51:2e:2d:97:a2:80:ce:a7:9a:
bf:36:b4:31:85:35:f1:38:c0:24:4d:0f:b5:31:5f:
c2:f9:5d:52:f3:b1:b1:3a:d5:a4:80:d1:a7:02:fa:
0b:72:13:05:b0:79:44:35:48:2b:b2:6b:cf:87:51:
63:2c:38:0c:d3:c7:c7:9b:50:b9:6e:21:32:c8:63:
47:bb:f1:22:73:56:9f:34:f5:0b:97:d7:93:c2:0a:
e0:83:37:6c:d4:04:8d:94:6a:34:d1:84:c5:9a:c8:
ef:c9:37:5c:e6:04:e9:9a:9e:79:c5:db:62:1e:64:
d7:27:a3:6d:88:9c:06:b4:b0:07:e3:b7:b2:ac:b6:
17:4f:65:61:7f:2e:d1:9e:43:e7:05:6f:65:38:b3:
7f:13:42:78:e5:43:7b:11:93:fa:d8:16:ab:18:86:
66:3e:e7:97:e6:f4:31:8d:42:f1:57:09:6e:d5:33:
1a:29:e1:f9:ff:06:34:f2:22:28:b5:a6:ea:a5:20:
d5:33:cb:fc:15:a4:e2:73:5f:6d:38:52:e4:9c:ea:
06:9b:69:dd:bc:45:da:b5:d9:a2:f8:3d:c0:44:d8:
57:7a:3e:32:12:0c:48:5f:9c:d6:9b:af:89:17:22:
7b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:BE:C1:95:E0:39:02:19:A7:A0:48:A1:47:CA:D6:9C:E4:DF:C4:F8
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/WL7BleA5AhmnoEihR8rWnOTfxPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
89.47.126.0/24
Signature Algorithm: sha256WithRSAEncryption
73:14:d6:53:8e:bc:c7:7d:74:34:c8:28:03:c4:58:6b:b6:7f:
0f:a7:eb:b2:22:ef:93:f8:14:f0:f4:29:4b:82:d0:8a:f5:7e:
55:5d:9d:57:87:bf:3f:cf:eb:d1:16:23:b1:86:41:d5:33:1c:
9f:00:24:cf:d8:73:3b:68:26:9b:d6:ef:91:73:50:e7:1c:70:
3a:79:9b:2b:ec:f0:f3:e9:35:05:c3:f4:64:36:7d:14:a0:cc:
69:71:ed:20:98:73:d9:75:80:8e:03:7a:bb:bc:17:6d:a7:e2:
07:6e:fa:0e:8b:72:f5:5a:0f:19:20:91:16:68:38:13:0f:7e:
d7:09:23:ba:fa:1e:33:2a:46:f6:18:06:85:a2:3c:1b:95:48:
90:c2:87:86:1e:85:48:bc:bd:be:46:1e:62:05:f4:38:ac:df:
4e:8f:3a:c1:7c:a6:35:a0:ba:da:a5:c0:8a:44:dd:5a:ec:bb:
75:36:99:82:4f:01:ad:67:49:f7:5b:3d:00:da:8f:24:ff:85:
a3:78:09:85:6a:c5:48:a6:74:9f:7f:e9:3b:76:f9:2d:cc:04:
11:39:e1:6a:d5:94:04:80:ac:e1:e9:b1:5f:75:dd:b0:9d:e9:
76:6b:b7:14:c0:89:17:38:cd:30:c1:76:65:9e:39:8d:0f:b5:
69:37:fd:1f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY8odiaSgXp9/ISG4Zm1qaOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwNDI5MDYwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGJlYzE5NWUwMzkwMjE5YTdhMDQ4YTE0N2NhZDY5Y2U0ZGZjNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4sTwnlcwvgfRH/A7XPwN8Bj0pEdR
Li2XooDOp5q/NrQxhTXxOMAkTQ+1MV/C+V1S87GxOtWkgNGnAvoLchMFsHlENUgr
smvPh1FjLDgM08fHm1C5biEyyGNHu/Eic1afNPULl9eTwgrggzds1ASNlGo00YTF
msjvyTdc5gTpmp55xdtiHmTXJ6NtiJwGtLAH47eyrLYXT2Vhfy7RnkPnBW9lOLN/
E0J45UN7EZP62BarGIZmPueX5vQxjULxVwlu1TMaKeH5/wY08iIotabqpSDVM8v8
FaTic19tOFLknOoGm2ndvEXatdmi+D3ARNhXej4yEgxIX5zWm6+JFyJ7kQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFi+wZXgOQIZp6BIoUfK1pzk38T4MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvV0w3QmxlQTVBaG1ub0VpaFI4clduT1RmeFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZKlED
BAJZKlADBABZLgMDBABZL34wDQYJKoZIhvcNAQELBQADggEBAHMU1lOOvMd9dDTI
KAPEWGu2fw+n67Ii75P4FPD0KUuC0Ir1flVdnVeHvz/P69EWI7GGQdUzHJ8AJM/Y
cztoJpvW75FzUOcccDp5myvs8PPpNQXD9GQ2fRSgzGlx7SCYc9l1gI4Deru8F22n
4gdu+g6LcvVaDxkgkRZoOBMPftcJI7r6HjMqRvYYBoWiPBuVSJDCh4YehUi8vb5G
HmIF9Dis306POsF8pjWgutqlwIpE3Vrsu3U2mYJPAa1nSfdbPQDajyT/haN4CYVq
xUimdJ9/6Tt2+S3MBBE54WrVlASArOHpsV913bCd6XZrtxTAiRc4zTDBdmWeOY0P
tWk3/R8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org