Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/WwIuYQGN3j19G5pTbJVWPoOoo0E.roa
File: WwIuYQGN3j19G5pTbJVWPoOoo0E.roa (raw, json)
Hash identifier: nArwTEZJO5EodGEbIh72Hgfogjw8EL2fqdNuun2pq4A=
Subject key identifier: 5B:02:2E:61:01:8D:DE:3D:7D:1B:9A:53:6C:95:56:3E:83:A8:A3:41
Certificate issuer: /CN=2db616f3ad0363e7269cc2eb58d1bc086cc975f2
Certificate serial: 018CC5DC2AD7171F1BE20BB4EDDE72248F4C
Authority key identifier: 2D:B6:16:F3:AD:03:63:E7:26:9C:C2:EB:58:D1:BC:08:6C:C9:75:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LbYW860DY-cmnMLrWNG8CGzJdfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/WwIuYQGN3j19G5pTbJVWPoOoo0E.roa
Signing time: Mon 01 Jan 2024 16:29:49 +0000
ROA not before: Mon 01 Jan 2024 16:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51056
IP address blocks: 109.233.192.0/21 maxlen: 24
185.64.236.0/22 maxlen: 24
2a02:1618::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:2a:d7:17:1f:1b:e2:0b:b4:ed:de:72:24:8f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2db616f3ad0363e7269cc2eb58d1bc086cc975f2
Validity
Not Before: Jan 1 16:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b022e61018dde3d7d1b9a536c95563e83a8a341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ff:fb:62:9b:a0:65:5c:82:85:04:d4:aa:89:
e8:ec:d0:c6:7e:70:fe:74:b9:a3:ea:b5:64:65:8e:
96:c7:f1:3f:7b:b3:0d:9a:3b:cd:23:bf:42:71:ff:
a5:43:d4:36:e7:3e:a6:12:42:a5:65:4c:b8:ff:a0:
08:aa:a1:45:4f:9b:24:e0:36:b1:1f:4b:d6:53:81:
bd:e8:c0:91:fe:53:c2:04:cb:46:8e:d1:ad:f3:65:
f4:bf:1d:90:6e:cd:e8:66:6f:28:96:41:24:4a:6a:
0b:f6:89:be:74:83:49:36:5b:78:0f:62:08:e2:39:
e6:80:5b:3b:b2:4b:70:19:3f:56:a6:a9:5d:da:66:
43:b1:44:50:ea:02:9f:ea:4e:c9:7f:62:cb:0d:52:
50:3f:52:e9:62:0c:be:1a:dc:53:c8:29:a7:32:2f:
d7:35:ba:c0:19:c0:47:e7:ee:09:c9:ad:2d:58:de:
9b:cf:98:a4:4a:95:f1:de:90:35:bb:7e:dd:b5:84:
63:77:0e:12:a0:ea:ab:38:e5:d5:44:06:8f:8b:b7:
e1:03:64:65:be:21:82:df:51:17:04:6e:14:f9:ac:
ad:e7:92:c2:b7:53:e0:a6:52:08:ef:79:cd:16:d8:
99:b4:ae:3a:26:1d:78:66:a3:a3:15:25:80:47:a9:
fd:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:02:2E:61:01:8D:DE:3D:7D:1B:9A:53:6C:95:56:3E:83:A8:A3:41
X509v3 Authority Key Identifier:
keyid:2D:B6:16:F3:AD:03:63:E7:26:9C:C2:EB:58:D1:BC:08:6C:C9:75:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LbYW860DY-cmnMLrWNG8CGzJdfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/WwIuYQGN3j19G5pTbJVWPoOoo0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/LbYW860DY-cmnMLrWNG8CGzJdfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.192.0/21
185.64.236.0/22
IPv6:
2a02:1618::/32
Signature Algorithm: sha256WithRSAEncryption
54:a8:e3:a0:99:a2:83:5c:fa:8a:48:b2:eb:f0:b5:73:16:dd:
f3:d2:c1:4b:7e:6e:43:d0:d0:1b:71:1f:96:b5:36:dd:ef:e4:
20:c3:6e:18:22:8e:65:fd:80:dd:b6:b0:73:d7:5e:3a:9d:b7:
05:a6:2d:41:b7:10:25:0d:4a:80:06:28:f0:8c:cd:6f:e8:02:
fd:e0:5b:ab:b1:11:88:fd:05:e5:da:19:91:02:f2:4f:7f:89:
5a:b0:0b:a3:64:c1:ec:1f:d9:08:9d:51:e9:b7:88:fa:0e:4c:
d9:ea:61:45:85:a3:44:27:b5:58:71:c7:69:99:0a:13:a3:8f:
e9:89:e3:38:61:dc:18:2d:e0:47:47:84:9b:c0:43:37:5f:f3:
8b:e8:55:4d:b9:c9:99:f6:dc:d9:3b:fd:88:db:b9:65:b2:0f:
8a:49:ba:70:73:91:ca:03:97:0a:e1:c2:05:82:77:22:25:16:
0e:b9:14:3b:f9:2e:28:eb:0e:9f:54:db:36:3c:1a:c6:ff:22:
19:8a:a5:b5:18:a3:85:ae:a9:e0:0a:21:fb:77:c6:ad:9f:74:
e2:59:5b:81:d0:bf:7d:3f:2d:46:e9:f3:e2:33:0d:22:02:e5:
3b:5a:ef:47:0b:03:a9:3d:f7:0c:9f:18:b3:88:c8:21:c0:a9:
fb:8e:77:b5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3CrXFx8b4gu07d5yJI9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYjYxNmYzYWQwMzYzZTcyNjljYzJlYjU4ZDFiYzA4NmNj
OTc1ZjIwHhcNMjQwMTAxMTYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjAyMmU2MTAxOGRkZTNkN2QxYjlhNTM2Yzk1NTYzZTgzYThhMzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP/7YpugZVyChQTUqono7NDGfnD+
dLmj6rVkZY6Wx/E/e7MNmjvNI79Ccf+lQ9Q25z6mEkKlZUy4/6AIqqFFT5sk4Dax
H0vWU4G96MCR/lPCBMtGjtGt82X0vx2Qbs3oZm8olkEkSmoL9om+dINJNlt4D2II
4jnmgFs7sktwGT9Wpqld2mZDsURQ6gKf6k7Jf2LLDVJQP1LpYgy+GtxTyCmnMi/X
NbrAGcBH5+4Jya0tWN6bz5ikSpXx3pA1u37dtYRjdw4SoOqrOOXVRAaPi7fhA2Rl
viGC31EXBG4U+ayt55LCt1PgplII73nNFtiZtK46Jh14ZqOjFSWAR6n9SQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFsCLmEBjd49fRuaU2yVVj6DqKNBMB8GA1UdIwQY
MBaAFC22FvOtA2PnJpzC61jRvAhsyXXyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGJZVzg2MERZLWNtbk1McldORzhDR3pKZGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yYTIyNmQtYzcyYy00YzEyLWJiYmEt
YTRiNTVhNzFjMjI4LzEvV3dJdVlRR04zajE5RzVwVGJKVldQb09vbzBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8yYTIyNmQtYzcyYy00YzEyLWJiYmEtYTRiNTVhNzFjMjI4
LzEvTGJZVzg2MERZLWNtbk1McldORzhDR3pKZGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbenAAwQC
uUDsMA0EAgACMAcDBQAqAhYYMA0GCSqGSIb3DQEBCwUAA4IBAQBUqOOgmaKDXPqK
SLLr8LVzFt3z0sFLfm5D0NAbcR+WtTbd7+Qgw24YIo5l/YDdtrBz1146nbcFpi1B
txAlDUqABijwjM1v6AL94FursRGI/QXl2hmRAvJPf4lasAujZMHsH9kInVHpt4j6
DkzZ6mFFhaNEJ7VYccdpmQoTo4/pieM4YdwYLeBHR4SbwEM3X/OL6FVNucmZ9tzZ
O/2I27llsg+KSbpwc5HKA5cK4cIFgnciJRYOuRQ7+S4o6w6fVNs2PBrG/yIZiqW1
GKOFrqngCiH7d8atn3TiWVuB0L99Py1G6fPiMw0iAuU7Wu9HCwOpPfcMnxiziMgh
wKn7jne1
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:05:00 2025 by rpki-client