Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/WMO8OP1HAnEXBOYQzlxdNFkssDs.roa
File: WMO8OP1HAnEXBOYQzlxdNFkssDs.roa (raw, json)
Hash identifier: MwAZnJpO0pFKijxit0vXgoMlEm2lkKP/YB9XY0lE0ek=
Subject key identifier: 58:C3:BC:38:FD:47:02:71:17:04:E6:10:CE:5C:5D:34:59:2C:B0:3B
Certificate issuer: /CN=0b9d86096a49110cf9bf670240b519315b66abcb
Certificate serial: 018573160E0AAAD69C27B21881CEDF498E1F
Authority key identifier: 0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/WMO8OP1HAnEXBOYQzlxdNFkssDs.roa
Signing time: Mon 02 Jan 2023 15:25:03 +0000
ROA not before: Mon 02 Jan 2023 15:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20559
IP address blocks: 185.122.116.0/22 maxlen: 24
194.213.112.0/23 maxlen: 24
5.172.40.0/21 maxlen: 24
31.200.208.0/21 maxlen: 24
91.224.248.0/23 maxlen: 24
45.13.164.0/22 maxlen: 24
46.226.88.0/21 maxlen: 24
185.51.56.0/22 maxlen: 24
45.133.196.0/22 maxlen: 24
193.37.204.0/22 maxlen: 24
185.46.64.0/22 maxlen: 24
193.187.188.0/22 maxlen: 24
45.146.124.0/22 maxlen: 24
88.218.152.0/22 maxlen: 24
185.113.84.0/22 maxlen: 24
46.19.216.0/21 maxlen: 24
91.218.148.0/22 maxlen: 24
93.186.176.0/20 maxlen: 24
85.209.108.0/22 maxlen: 24
2a03:3400::/32 maxlen: 48
2a00:d10::/32 maxlen: 48
2a06:6940::/29 maxlen: 48
2a04:a840::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:16:0e:0a:aa:d6:9c:27:b2:18:81:ce:df:49:8e:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b9d86096a49110cf9bf670240b519315b66abcb
Validity
Not Before: Jan 2 15:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58c3bc38fd4702711704e610ce5c5d34592cb03b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:98:e9:23:69:a2:54:42:51:32:c2:cf:c0:9f:
12:c7:65:ca:e2:1e:0d:47:34:c5:80:9e:7e:99:54:
fb:ac:a1:e9:44:70:68:d0:19:e4:57:76:b7:82:80:
bc:11:39:bc:ad:07:b5:eb:90:6d:0f:5b:4a:d6:78:
1c:2b:57:b7:93:48:24:13:04:cb:d3:90:9a:1e:fb:
a0:ba:0a:3e:bf:d0:6d:ab:d0:9a:7e:b7:10:e6:65:
10:f3:9f:cb:87:65:7e:dd:c1:d8:e3:88:e5:96:29:
98:ac:9e:0c:81:9d:25:ee:26:6f:c1:4e:93:35:cf:
ee:40:69:a1:75:67:ad:d4:87:9e:2c:7a:e7:8b:f9:
ba:88:67:b2:0a:a2:9d:14:5f:fb:6a:95:eb:c1:fa:
16:8a:c4:58:1d:08:64:0c:3c:39:5e:29:fb:43:03:
4f:ab:e0:4e:e4:72:0f:5d:e4:21:20:c5:e9:a5:8a:
7f:8d:bc:df:69:76:55:fa:e9:d1:c0:70:0e:cb:79:
f3:68:7e:a9:82:7f:21:1a:50:62:f3:61:42:76:29:
9b:80:2a:04:5c:4e:37:ee:70:99:d7:0e:cd:66:31:
f7:8a:98:d5:b5:c5:38:3c:bb:e2:85:49:f7:0e:84:
21:3f:be:0c:1c:c4:59:f0:e3:19:7f:4e:17:b3:ee:
43:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:C3:BC:38:FD:47:02:71:17:04:E6:10:CE:5C:5D:34:59:2C:B0:3B
X509v3 Authority Key Identifier:
keyid:0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/WMO8OP1HAnEXBOYQzlxdNFkssDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.40.0/21
31.200.208.0/21
45.13.164.0/22
45.133.196.0/22
45.146.124.0/22
46.19.216.0/21
46.226.88.0/21
85.209.108.0/22
88.218.152.0/22
91.218.148.0/22
91.224.248.0/23
93.186.176.0/20
185.46.64.0/22
185.51.56.0/22
185.113.84.0/22
185.122.116.0/22
193.37.204.0/22
193.187.188.0/22
194.213.112.0/23
IPv6:
2a00:d10::/32
2a03:3400::/32
2a04:a840::/29
2a06:6940::/29
Signature Algorithm: sha256WithRSAEncryption
16:b4:e4:ac:e4:61:91:b3:4a:7e:74:06:7e:29:0e:21:e4:0c:
60:7f:cd:57:99:b2:a6:95:2d:e8:c8:d9:78:f6:fd:f6:d2:a0:
fa:ff:38:83:53:94:24:85:6c:76:a1:71:4d:15:89:c0:30:92:
c0:04:48:eb:18:60:b9:33:c0:ae:ad:71:28:7f:f5:f0:28:8c:
8f:60:53:1c:75:c8:fa:7f:d2:96:5d:79:0e:75:34:1e:b9:87:
86:6d:42:8d:71:7e:60:d7:aa:c9:be:3b:91:c7:f2:81:4b:c7:
2d:97:df:22:ad:86:9a:56:fe:d9:6b:d4:11:3f:aa:cc:65:f8:
a5:68:e7:24:b7:11:56:fc:57:64:74:f5:45:89:ef:a9:a9:a3:
ae:af:4c:2f:07:9b:cd:5b:84:31:bb:ac:7e:6e:ff:81:01:04:
14:a2:e4:c3:70:b4:08:b4:51:d2:a3:c6:c4:a9:b9:82:4a:35:
a8:c9:dd:32:f8:22:2d:4a:40:e1:c1:48:94:fb:b5:be:7b:76:
05:0c:f6:d9:2b:9d:09:35:0a:08:e4:92:a9:c4:9f:f1:42:72:
f0:d4:b7:89:a6:c2:27:26:64:79:c7:57:b5:7e:1f:c6:79:67:
12:98:5e:90:f3:31:b0:27:fe:9a:1b:1c:72:be:28:14:07:1e:
14:97:d8:9e
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYVzFg4KqtacJ7IYgc7fSY4fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOWQ4NjA5NmE0OTExMGNmOWJmNjcwMjQwYjUxOTMxNWI2
NmFiY2IwHhcNMjMwMTAyMTUyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGMzYmMzOGZkNDcwMjcxMTcwNGU2MTBjZTVjNWQzNDU5MmNiMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZjpI2miVEJRMsLPwJ8Sx2XK4h4N
RzTFgJ5+mVT7rKHpRHBo0BnkV3a3goC8ETm8rQe165BtD1tK1ngcK1e3k0gkEwTL
05CaHvugugo+v9Btq9CafrcQ5mUQ85/Lh2V+3cHY44jllimYrJ4MgZ0l7iZvwU6T
Nc/uQGmhdWet1IeeLHrni/m6iGeyCqKdFF/7apXrwfoWisRYHQhkDDw5Xin7QwNP
q+BO5HIPXeQhIMXppYp/jbzfaXZV+unRwHAOy3nzaH6pgn8hGlBi82FCdimbgCoE
XE437nCZ1w7NZjH3ipjVtcU4PLvihUn3DoQhP74MHMRZ8OMZf04Xs+5DHQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFFjDvDj9RwJxFwTmEM5cXTRZLLA7MB8GA1UdIwQY
MBaAFAudhglqSREM+b9nAkC1GTFbZqvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzUyR0NXcEpFUXo1djJjQ1FMVVpNVnRtcThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8xZTFhOTctZjI3Ni00YTUxLWIxYjUt
OGMxMDkwOWE0ODVjLzEvV01POE9QMUhBbkVYQk9ZUXpseGRORmtzc0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8xZTFhOTctZjI3Ni00YTUxLWIxYjUtOGMxMDkwOWE0ODVj
LzEvQzUyR0NXcEpFUXo1djJjQ1FMVVpNVnRtcThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjB4BAIAATByAwQDBawo
AwQDH8jQAwQCLQ2kAwQCLYXEAwQCLZJ8AwQDLhPYAwQDLuJYAwQCVdFsAwQCWNqY
AwQCW9qUAwQBW+D4AwQEXbqwAwQCuS5AAwQCuTM4AwQCuXFUAwQCuXp0AwQCwSXM
AwQCwbu8AwQBwtVwMCIEAgACMBwDBQAqAA0QAwUAKgM0AAMFAyoEqEADBQMqBmlA
MA0GCSqGSIb3DQEBCwUAA4IBAQAWtOSs5GGRs0p+dAZ+KQ4h5Axgf81XmbKmlS3o
yNl49v320qD6/ziDU5QkhWx2oXFNFYnAMJLABEjrGGC5M8CurXEof/XwKIyPYFMc
dcj6f9KWXXkOdTQeuYeGbUKNcX5g16rJvjuRx/KBS8ctl98irYaaVv7Za9QRP6rM
ZfilaOcktxFW/FdkdPVFie+pqaOur0wvB5vNW4Qxu6x+bv+BAQQUouTDcLQItFHS
o8bEqbmCSjWoyd0y+CItSkDhwUiU+7W+e3YFDPbZK50JNQoI5JKpxJ/xQnLw1LeJ
psInJmR5x1e1fh/GeWcSmF6Q8zGwJ/6aGxxyvigUBx4Ul9ie
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:53 2024 by rpki-client on console-fra.rpki-client.org