Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/wmlMCN4THZ3_Dmm7FKos2MNCz4A.roa
File: wmlMCN4THZ3_Dmm7FKos2MNCz4A.roa (raw, json)
Hash identifier: cc4z+TxZzd4LksPNwUntKxXbyZJf1jyi1zpEU166BP8=
Subject key identifier: C2:69:4C:08:DE:13:1D:9D:FF:0E:69:BB:14:AA:2C:D8:C3:42:CF:80
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 01856BEEBC99568C71664967DAFD39AACD51
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/wmlMCN4THZ3_Dmm7FKos2MNCz4A.roa
Signing time: Sun 01 Jan 2023 06:04:45 +0000
ROA not before: Sun 01 Jan 2023 06:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56534
IP address blocks: 92.255.96.0/21 maxlen: 21
185.47.52.0/22 maxlen: 22
185.47.54.0/24 maxlen: 24
92.255.60.0/24 maxlen: 24
89.223.80.0/21 maxlen: 21
92.255.88.0/21 maxlen: 32
2a04:ac00::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Apr 2023 08:35:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:bc:99:56:8c:71:66:49:67:da:fd:39:aa:cd:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 1 06:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2694c08de131d9dff0e69bb14aa2cd8c342cf80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:eb:01:7a:5c:67:7b:e7:29:c8:0c:c2:ed:55:
74:0c:09:75:3e:47:dc:30:03:16:bb:2b:75:ba:ff:
5f:4f:72:5e:7e:6e:45:82:c5:49:be:13:28:4f:b1:
79:71:c1:49:24:58:f7:89:31:f6:ae:3e:00:53:e8:
86:a7:41:fe:f1:ef:ea:6a:c2:46:b7:c1:cb:dd:5b:
e0:31:d2:89:b2:45:ae:bd:07:d2:cf:b7:67:64:9f:
72:14:e5:09:dd:a5:c1:68:72:83:cb:63:93:fd:5b:
35:6f:0e:e4:49:02:a7:35:5f:3c:ae:99:b8:63:1d:
a7:14:02:f4:ef:af:b7:76:8b:c5:18:5d:ad:e4:02:
b8:3c:95:ba:a9:4e:d1:51:29:ea:b6:74:6e:43:1f:
27:61:71:f7:cb:53:8c:55:7b:53:9c:42:d0:40:49:
dd:21:b0:63:3e:e6:4c:4b:2a:01:4a:82:73:40:ab:
a0:b5:75:ff:cd:ec:84:6e:70:d6:7a:7b:a4:26:0e:
1b:f1:06:d9:46:48:2f:bf:5b:45:bd:4b:a9:dc:18:
9f:3d:74:34:b5:57:9c:aa:f8:33:a1:2a:75:f3:0c:
5d:a4:fe:dc:fe:33:09:a6:25:af:38:d2:9b:aa:65:
ae:d7:1e:f0:42:d8:41:b7:4f:6d:5f:e4:60:c8:dd:
15:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:69:4C:08:DE:13:1D:9D:FF:0E:69:BB:14:AA:2C:D8:C3:42:CF:80
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/wmlMCN4THZ3_Dmm7FKos2MNCz4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.223.80.0/21
92.255.60.0/24
92.255.88.0-92.255.103.255
185.47.52.0/22
IPv6:
2a04:ac00::/29
Signature Algorithm: sha256WithRSAEncryption
17:61:de:1d:9f:06:93:4a:bc:92:fe:c8:81:d2:f1:d5:a4:d4:
3a:03:b4:b2:c3:42:2d:4b:f1:a7:96:bd:97:88:23:19:20:d8:
d2:3e:46:d5:47:49:bd:ab:23:aa:6b:21:6b:79:a5:5f:d7:f4:
66:e3:66:56:a7:80:a5:c3:00:3f:77:fe:7b:99:bf:f4:6a:e9:
a8:48:2a:07:74:42:2e:12:74:0e:ef:7d:89:da:cd:bb:93:a4:
5e:2f:1c:ba:bf:79:8a:ae:de:d0:32:20:27:55:2e:fe:ea:e7:
83:71:70:22:3c:94:d9:32:8e:3f:82:45:da:78:b5:ce:23:45:
6c:36:33:d9:a2:0b:e7:2f:25:f1:8f:98:b9:1b:e3:f0:d1:a2:
63:38:fd:5b:52:61:4f:c6:48:cf:86:5e:78:ac:2f:0b:55:8f:
4b:8c:c9:5f:61:52:37:a9:be:b8:f9:02:22:c1:98:d1:3c:7e:
de:bc:20:36:4b:3a:b5:61:5f:ec:02:01:54:99:ef:5d:a1:2d:
81:88:75:e6:80:db:bc:2f:53:66:70:a5:b3:7d:80:58:91:ad:
ea:12:af:a8:0d:f0:32:49:2c:ed:be:76:c0:c9:73:da:bd:dc:
4a:4c:26:17:01:55:5e:bc:52:f5:9c:60:f7:b8:2c:1d:4d:60:
49:88:16:07
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVr7ryZVoxxZkln2v05qs1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjMwMTAxMDYwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjY5NGMwOGRlMTMxZDlkZmYwZTY5YmIxNGFhMmNkOGMzNDJjZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsesBelxne+cpyAzC7VV0DAl1Pkfc
MAMWuyt1uv9fT3Jefm5FgsVJvhMoT7F5ccFJJFj3iTH2rj4AU+iGp0H+8e/qasJG
t8HL3VvgMdKJskWuvQfSz7dnZJ9yFOUJ3aXBaHKDy2OT/Vs1bw7kSQKnNV88rpm4
Yx2nFAL076+3dovFGF2t5AK4PJW6qU7RUSnqtnRuQx8nYXH3y1OMVXtTnELQQEnd
IbBjPuZMSyoBSoJzQKugtXX/zeyEbnDWenukJg4b8QbZRkgvv1tFvUup3BifPXQ0
tVecqvgzoSp18wxdpP7c/jMJpiWvONKbqmWu1x7wQthBt09tX+RgyN0VYQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFMJpTAjeEx2d/w5puxSqLNjDQs+AMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvd21sTUNONFRIWjNfRG1tN0ZLb3MyTU5DejRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQDWd9QAwQA
XP88MAwDBANc/1gDBANc/2ADBAK5LzQwDQQCAAIwBwMFAyoErAAwDQYJKoZIhvcN
AQELBQADggEBABdh3h2fBpNKvJL+yIHS8dWk1DoDtLLDQi1L8aeWvZeIIxkg2NI+
RtVHSb2rI6prIWt5pV/X9GbjZlangKXDAD93/nuZv/Rq6ahIKgd0Qi4SdA7vfYna
zbuTpF4vHLq/eYqu3tAyICdVLv7q54NxcCI8lNkyjj+CRdp4tc4jRWw2M9miC+cv
JfGPmLkb4/DRomM4/VtSYU/GSM+GXnisLwtVj0uMyV9hUjepvrj5AiLBmNE8ft68
IDZLOrVhX+wCAVSZ712hLYGIdeaA27wvU2ZwpbN9gFiRreoSr6gN8DJJLO2+dsDJ
c9q93EpMJhcBVV68UvWcYPe4LB1NYEmIFgc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:02 2024 by rpki-client on console-fra.rpki-client.org