Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/wkuyEiboHNRqm4lt8K_WSEPeYDc.roa
File: wkuyEiboHNRqm4lt8K_WSEPeYDc.roa (raw, json)
Hash identifier: yVAekFOL99FYYqKZIk4Sj//DsnFx/hROYGOKMEjbMkw=
Subject key identifier: C2:4B:B2:12:26:E8:1C:D4:6A:9B:89:6D:F0:AF:D6:48:43:DE:60:37
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 01856F9E0B213F189CBE6F062F3A4AE3F96D
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/wkuyEiboHNRqm4lt8K_WSEPeYDc.roa
Signing time: Sun 01 Jan 2023 23:15:06 +0000
ROA not before: Sun 01 Jan 2023 23:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62005
IP address blocks: 85.239.52.0/24 maxlen: 24
85.239.54.0/24 maxlen: 24
85.239.53.0/24 maxlen: 24
85.239.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9e:0b:21:3f:18:9c:be:6f:06:2f:3a:4a:e3:f9:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 1 23:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c24bb21226e81cd46a9b896df0afd64843de6037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a6:b6:cc:fa:9d:29:bf:62:da:15:8f:a2:24:
be:77:3e:42:f8:47:18:08:9b:d2:fe:fc:c6:ee:0c:
9c:b6:a7:d4:99:a2:f3:1e:b5:f9:3b:36:0b:71:01:
e0:27:ee:f6:83:f8:bf:58:17:68:90:e9:3f:59:63:
4b:30:04:e3:3f:5a:b3:c9:7b:44:81:49:ac:40:36:
8d:32:cc:d6:fd:9f:5f:df:ff:b1:61:2d:02:0f:35:
c6:e9:06:2d:47:05:70:9f:cd:67:96:11:13:63:25:
9d:1c:f5:17:76:d5:b4:51:fd:db:f3:23:cc:26:33:
e0:0e:14:42:ea:e8:ab:56:ff:9d:aa:e8:37:84:f2:
8c:9d:4b:34:2c:48:4e:0d:fc:b2:b4:a1:43:5d:6b:
67:e8:7e:39:e8:6a:10:c0:4a:cb:a6:c6:1e:26:bf:
35:92:45:6d:24:ca:21:be:40:64:98:ec:3d:86:c1:
0d:9c:e0:65:27:1e:73:90:3c:bf:a2:b1:b6:a2:76:
a6:57:50:09:d9:74:a6:d1:b2:4f:15:6c:9f:0e:ef:
a3:b6:68:e9:8a:5f:84:99:c1:e2:47:d7:ad:02:65:
f4:07:2c:3e:58:63:1e:bc:32:49:34:bf:f2:d9:3e:
92:8a:ca:f2:92:04:24:10:20:f3:8f:5e:f4:2b:09:
b6:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:4B:B2:12:26:E8:1C:D4:6A:9B:89:6D:F0:AF:D6:48:43:DE:60:37
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/wkuyEiboHNRqm4lt8K_WSEPeYDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.52.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:42:48:9b:04:47:d9:f6:9a:b3:25:47:c9:47:77:ad:a7:68:
e8:31:1c:40:8c:64:21:3e:40:06:dc:49:4f:ce:07:13:99:64:
6e:79:b8:8a:31:ec:49:6e:c8:04:1d:58:0f:1f:65:e1:3f:8e:
aa:0a:8b:9f:30:2c:a5:9e:4d:3d:5f:58:14:b0:be:d3:da:af:
17:ce:fc:da:c0:49:b1:4d:84:48:0c:a6:da:81:b4:09:68:9c:
8f:40:20:c3:67:dd:50:36:fc:84:b5:9f:f9:54:66:f2:48:11:
a1:62:78:63:09:7a:0e:32:56:a2:a7:94:b2:ab:4f:23:1f:b3:
ef:51:fd:8a:55:80:85:1e:cc:ad:d9:15:03:bf:10:f5:c1:b8:
c6:7f:ca:99:93:60:cd:16:ef:ba:96:64:fa:a8:d6:23:e1:6d:
7f:1d:2b:3b:68:8e:68:cf:88:e4:19:03:d7:0f:6c:0f:1f:ab:
08:1b:53:52:27:e2:3e:0f:19:06:ff:eb:2f:e8:d3:f3:49:79:
a1:0f:c5:10:13:21:63:7e:42:69:73:37:9f:16:7e:30:9b:23:
d9:e2:a3:a7:65:c7:a3:0d:39:00:30:6b:7c:32:c6:6d:23:ab:
8a:b6:4b:66:fb:08:9f:b5:28:be:45:7f:29:1b:93:65:df:b8:
82:79:13:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvngshPxicvm8GLzpK4/ltMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjMwMTAxMjMxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjRiYjIxMjI2ZTgxY2Q0NmE5Yjg5NmRmMGFmZDY0ODQzZGU2MDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaa2zPqdKb9i2hWPoiS+dz5C+EcY
CJvS/vzG7gyctqfUmaLzHrX5OzYLcQHgJ+72g/i/WBdokOk/WWNLMATjP1qzyXtE
gUmsQDaNMszW/Z9f3/+xYS0CDzXG6QYtRwVwn81nlhETYyWdHPUXdtW0Uf3b8yPM
JjPgDhRC6uirVv+dqug3hPKMnUs0LEhODfyytKFDXWtn6H456GoQwErLpsYeJr81
kkVtJMohvkBkmOw9hsENnOBlJx5zkDy/orG2onamV1AJ2XSm0bJPFWyfDu+jtmjp
il+EmcHiR9etAmX0Byw+WGMevDJJNL/y2T6SisrykgQkECDzj170Kwm2JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMJLshIm6BzUapuJbfCv1khD3mA3MB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvd2t1eUVpYm9ITlJxbTRsdDhLX1dTRVBlWURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVe80MA0G
CSqGSIb3DQEBCwUAA4IBAQCLQkibBEfZ9pqzJUfJR3etp2joMRxAjGQhPkAG3ElP
zgcTmWRuebiKMexJbsgEHVgPH2XhP46qCoufMCylnk09X1gUsL7T2q8XzvzawEmx
TYRIDKbagbQJaJyPQCDDZ91QNvyEtZ/5VGbySBGhYnhjCXoOMlaip5Syq08jH7Pv
Uf2KVYCFHsyt2RUDvxD1wbjGf8qZk2DNFu+6lmT6qNYj4W1/HSs7aI5oz4jkGQPX
D2wPH6sIG1NSJ+I+DxkG/+sv6NPzSXmhD8UQEyFjfkJpczefFn4wmyPZ4qOnZcej
DTkAMGt8MsZtI6uKtktm+wiftSi+RX8pG5Nl37iCeRNM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:28 2024 by rpki-client on console-ams.rpki-client.org