Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/W8waZYJKkXToFmpVcsWyLL7aejA.roa
File: W8waZYJKkXToFmpVcsWyLL7aejA.roa (raw, json)
Hash identifier: SR3y85avuGgz+vodInXD4FFkQLDxZcRbh5/DtP5lFO0=
Subject key identifier: 5B:CC:1A:65:82:4A:91:74:E8:16:6A:55:72:C5:B2:2C:BE:DA:7A:30
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018F28E897ACB812195BCA04B510E7949189
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/W8waZYJKkXToFmpVcsWyLL7aejA.roa
Signing time: Mon 29 Apr 2024 08:11:22 +0000
ROA not before: Mon 29 Apr 2024 08:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28803
IP address blocks: 85.254.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 12:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:e8:97:ac:b8:12:19:5b:ca:04:b5:10:e7:94:91:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 29 08:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5bcc1a65824a9174e8166a5572c5b22cbeda7a30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:91:4e:08:13:93:fc:08:f5:85:da:69:a9:29:
da:2f:d8:3b:86:c9:f4:5d:95:c3:8c:43:73:50:c1:
21:42:f4:80:74:d5:67:73:00:aa:43:fa:c7:64:ab:
dc:68:38:c1:62:c8:70:30:df:de:8f:52:fd:2e:85:
7c:da:4e:a6:63:fc:94:dc:d0:39:65:7d:5c:21:2b:
13:af:a4:4d:78:e6:fa:f2:de:6a:24:b5:e1:d5:88:
42:bd:66:65:c1:fa:1b:8c:67:06:68:cf:42:e4:60:
2f:68:38:aa:2a:ed:68:92:f0:cf:1c:b4:69:63:29:
c7:e3:69:05:a0:45:b2:85:8f:f5:06:f2:1e:90:25:
2f:90:67:f5:7a:e8:fb:97:d5:80:33:90:f8:26:91:
4e:66:3a:51:86:c2:44:5e:df:cb:10:57:3e:1e:8c:
0a:be:e5:9c:a0:55:8e:22:61:07:f5:56:2b:1e:08:
82:81:ca:e8:7e:37:e8:2f:95:f2:99:7b:ed:dd:0a:
5f:7a:65:c1:1e:dd:6d:55:7d:b1:78:ef:98:07:43:
a9:3a:4c:36:fe:97:d2:9b:6a:f4:64:54:67:68:27:
55:15:a2:af:4e:f1:eb:b4:67:bf:20:06:80:59:5a:
47:e8:20:ac:7a:51:2c:af:03:eb:73:5e:cf:b2:b0:
97:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:CC:1A:65:82:4A:91:74:E8:16:6A:55:72:C5:B2:2C:BE:DA:7A:30
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/W8waZYJKkXToFmpVcsWyLL7aejA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.136.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:9a:5e:63:68:8e:3f:d3:79:b6:29:91:98:d4:0f:cd:26:82:
b1:a6:fb:82:47:2c:d6:63:fd:6c:78:c1:67:e5:72:5e:54:b6:
fc:3e:8d:46:a3:1a:c8:90:f8:07:d7:c1:79:8f:b9:c8:5d:a3:
d0:7b:a6:ea:04:71:fd:48:5a:7c:06:ab:a1:0c:7b:dd:28:3c:
12:7a:cc:e6:2c:54:75:4c:74:cf:e9:f4:ca:50:68:85:a2:8a:
d4:bb:37:11:7b:8a:bc:c8:0a:e0:09:09:e8:bc:b9:a8:91:fe:
3c:24:c2:94:7f:23:3e:12:79:40:ef:b7:ab:ae:c7:c6:c7:b0:
41:72:3a:10:d4:02:6f:6b:94:99:17:3c:fc:7b:17:21:36:34:
9d:c2:f4:99:97:19:67:2b:76:56:b6:ef:c5:b6:70:f3:c7:6d:
06:76:be:df:51:57:72:ec:7f:0c:f0:c9:05:72:65:35:c1:a5:
ae:c3:5b:29:8e:12:86:1f:bb:42:a4:6f:e7:19:88:ce:51:ca:
b3:f3:1b:40:b0:3c:08:f2:0e:d5:39:0f:67:b4:db:8a:34:9a:
13:c2:58:25:77:c3:76:5a:55:08:1c:5d:18:38:f7:6d:da:66:
42:06:18:5e:47:9c:59:5d:72:72:e1:29:48:73:96:23:d1:1f:
60:f9:d8:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8o6JesuBIZW8oEtRDnlJGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwNDI5MDgxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmNjMWE2NTgyNGE5MTc0ZTgxNjZhNTU3MmM1YjIyY2JlZGE3YTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZFOCBOT/Aj1hdppqSnaL9g7hsn0
XZXDjENzUMEhQvSAdNVncwCqQ/rHZKvcaDjBYshwMN/ej1L9LoV82k6mY/yU3NA5
ZX1cISsTr6RNeOb68t5qJLXh1YhCvWZlwfobjGcGaM9C5GAvaDiqKu1okvDPHLRp
YynH42kFoEWyhY/1BvIekCUvkGf1euj7l9WAM5D4JpFOZjpRhsJEXt/LEFc+HowK
vuWcoFWOImEH9VYrHgiCgcrofjfoL5XymXvt3QpfemXBHt1tVX2xeO+YB0OpOkw2
/pfSm2r0ZFRnaCdVFaKvTvHrtGe/IAaAWVpH6CCselEsrwPrc17PsrCX6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFvMGmWCSpF06BZqVXLFsiy+2nowMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvVzh3YVpZSktrWFRvRm1wVmNzV3lMTDdhZWpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVf6IMA0G
CSqGSIb3DQEBCwUAA4IBAQC7ml5jaI4/03m2KZGY1A/NJoKxpvuCRyzWY/1seMFn
5XJeVLb8Po1GoxrIkPgH18F5j7nIXaPQe6bqBHH9SFp8BquhDHvdKDwSeszmLFR1
THTP6fTKUGiFoorUuzcRe4q8yArgCQnovLmokf48JMKUfyM+EnlA77errsfGx7BB
cjoQ1AJva5SZFzz8exchNjSdwvSZlxlnK3ZWtu/FtnDzx20Gdr7fUVdy7H8M8MkF
cmU1waWuw1spjhKGH7tCpG/nGYjOUcqz8xtAsDwI8g7VOQ9ntNuKNJoTwlgld8N2
WlUIHF0YOPdt2mZCBhheR5xZXXJy4SlIc5Yj0R9g+dgD
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:48 2025 by rpki-client