Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/478977-05bb-43fe-9ead-9cef792a5f6b/1/WPwsmrIBtA8SNWt8yHOT8_iZH7Q.roa
File: WPwsmrIBtA8SNWt8yHOT8_iZH7Q.roa (raw, json)
Hash identifier: kv71cn0jNSDOZYaGH1jl83WtN2hGomdGeta25R5cl9M=
Subject key identifier: 58:FC:2C:9A:B2:01:B4:0F:12:35:6B:7C:C8:73:93:F3:F8:99:1F:B4
Certificate issuer: /CN=c8294a2c0c49dc936cb988b685b3a7d95c8fe0b7
Certificate serial: 0195D18C070423231D9EB95DC99B841E75BF
Authority key identifier: C8:29:4A:2C:0C:49:DC:93:6C:B9:88:B6:85:B3:A7:D9:5C:8F:E0:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yClKLAxJ3JNsuYi2hbOn2VyP4Lc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/478977-05bb-43fe-9ead-9cef792a5f6b/1/WPwsmrIBtA8SNWt8yHOT8_iZH7Q.roa
Signing time: Wed 26 Mar 2025 08:22:49 +0000
ROA not before: Wed 26 Mar 2025 08:22:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34183
IP address blocks: 185.117.40.0/22 maxlen: 22
2a00:1610::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 01 Apr 2025 11:20:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d1:8c:07:04:23:23:1d:9e:b9:5d:c9:9b:84:1e:75:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8294a2c0c49dc936cb988b685b3a7d95c8fe0b7
Validity
Not Before: Mar 26 08:22:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58fc2c9ab201b40f12356b7cc87393f3f8991fb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0b:a5:63:d3:a6:05:8c:f1:26:96:8d:ac:c9:
b0:5d:75:3d:cf:ae:93:0f:d5:a0:02:0c:15:c8:74:
83:d5:f8:0c:33:33:d1:a8:b4:49:b0:82:4b:ad:f3:
fe:8f:0f:ff:b4:40:7c:fd:d9:3a:79:1d:98:b9:37:
fe:2b:c1:0d:3d:da:7e:a6:ca:99:98:9f:27:1e:73:
0e:87:41:38:97:18:8c:2d:d0:01:8f:75:07:76:af:
cf:0f:e4:2a:85:ee:7f:3b:27:3c:c4:f1:24:3c:19:
1e:ff:1d:63:bf:f6:0f:5e:92:19:9f:7c:9b:b7:5c:
b2:cc:1c:60:24:c3:6e:e3:c0:20:a4:27:c4:b9:4a:
f9:ca:74:15:0c:3a:8c:16:d9:04:f4:fb:47:a6:c3:
ce:04:77:6f:fa:a1:5c:22:e1:33:eb:e6:be:e6:e9:
77:d8:8d:e2:92:fc:11:53:69:a6:3c:07:ae:81:87:
39:aa:29:63:0d:cd:aa:a4:f1:31:21:ab:06:43:74:
9e:d9:18:d7:36:29:6e:61:83:14:ca:22:50:d8:d9:
17:d7:38:b9:53:db:d3:b4:c3:8f:74:ae:b7:54:03:
c1:ca:13:de:81:b7:ad:da:00:48:2a:3f:80:a3:63:
f9:86:6d:61:e0:18:8a:d7:21:2c:e5:a6:77:32:5e:
19:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:FC:2C:9A:B2:01:B4:0F:12:35:6B:7C:C8:73:93:F3:F8:99:1F:B4
X509v3 Authority Key Identifier:
keyid:C8:29:4A:2C:0C:49:DC:93:6C:B9:88:B6:85:B3:A7:D9:5C:8F:E0:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yClKLAxJ3JNsuYi2hbOn2VyP4Lc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/478977-05bb-43fe-9ead-9cef792a5f6b/1/WPwsmrIBtA8SNWt8yHOT8_iZH7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/478977-05bb-43fe-9ead-9cef792a5f6b/1/yClKLAxJ3JNsuYi2hbOn2VyP4Lc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.40.0/22
IPv6:
2a00:1610::/29
Signature Algorithm: sha256WithRSAEncryption
06:36:8b:00:07:8a:b6:87:e0:d8:cc:bc:60:8c:b6:c9:34:1b:
f2:2f:c5:f9:bf:4c:32:ac:cc:f1:86:d4:8a:b6:ce:ba:96:32:
71:5a:57:85:61:ba:61:87:73:d7:87:0d:4d:28:c2:d3:bc:83:
e6:6c:23:93:3f:bd:83:8a:e4:c6:67:a7:e1:58:83:c7:ab:fc:
4e:54:f5:47:bd:6a:54:14:9f:54:cc:50:b0:74:6b:de:0d:fd:
31:92:d7:74:40:80:81:a9:cc:09:71:4a:be:27:8c:9a:e7:f2:
91:5e:c6:03:52:84:99:bb:e0:ed:a2:4a:83:e2:2f:84:55:fc:
27:05:74:66:73:a0:4b:16:07:b7:2c:28:51:24:0e:e6:29:6f:
97:3e:19:22:56:d3:ba:76:0e:ee:76:45:d3:33:53:5a:19:a1:
da:df:3c:92:ae:e6:7d:df:fa:b0:3f:1d:0e:78:fd:8a:a3:fb:
97:2d:a4:bf:44:4e:67:1f:32:b7:4b:ad:f4:03:db:54:a8:bd:
2d:74:1a:5d:7e:8a:cb:49:ce:21:e2:cc:36:b9:d4:0b:83:dd:
e4:92:a9:b9:18:16:77:eb:53:47:f9:46:87:13:d3:17:aa:09:
aa:6e:12:c6:d6:7a:4a:87:72:d4:98:d6:33:f2:d5:df:ee:42:
be:61:98:c5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZXRjAcEIyMdnrldyZuEHnW/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4Mjk0YTJjMGM0OWRjOTM2Y2I5ODhiNjg1YjNhN2Q5NWM4
ZmUwYjcwHhcNMjUwMzI2MDgyMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGZjMmM5YWIyMDFiNDBmMTIzNTZiN2NjODczOTNmM2Y4OTkxZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogulY9OmBYzxJpaNrMmwXXU9z66T
D9WgAgwVyHSD1fgMMzPRqLRJsIJLrfP+jw//tEB8/dk6eR2YuTf+K8ENPdp+psqZ
mJ8nHnMOh0E4lxiMLdABj3UHdq/PD+Qqhe5/Oyc8xPEkPBke/x1jv/YPXpIZn3yb
t1yyzBxgJMNu48AgpCfEuUr5ynQVDDqMFtkE9PtHpsPOBHdv+qFcIuEz6+a+5ul3
2I3ikvwRU2mmPAeugYc5qiljDc2qpPExIasGQ3Se2RjXNiluYYMUyiJQ2NkX1zi5
U9vTtMOPdK63VAPByhPegbet2gBIKj+Ao2P5hm1h4BiK1yEs5aZ3Ml4ZzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFj8LJqyAbQPEjVrfMhzk/P4mR+0MB8GA1UdIwQY
MBaAFMgpSiwMSdyTbLmItoWzp9lcj+C3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUNsS0xBeEozSk5zdVlpMmhiT24yVnlQNExjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC80Nzg5NzctMDViYi00M2ZlLTllYWQt
OWNlZjc5MmE1ZjZiLzEvV1B3c21ySUJ0QThTTld0OHlIT1Q4X2laSDdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC80Nzg5NzctMDViYi00M2ZlLTllYWQtOWNlZjc5MmE1ZjZi
LzEveUNsS0xBeEozSk5zdVlpMmhiT24yVnlQNExjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXUoMA0E
AgACMAcDBQMqABYQMA0GCSqGSIb3DQEBCwUAA4IBAQAGNosAB4q2h+DYzLxgjLbJ
NBvyL8X5v0wyrMzxhtSKts66ljJxWleFYbphh3PXhw1NKMLTvIPmbCOTP72DiuTG
Z6fhWIPHq/xOVPVHvWpUFJ9UzFCwdGveDf0xktd0QICBqcwJcUq+J4ya5/KRXsYD
UoSZu+DtokqD4i+EVfwnBXRmc6BLFge3LChRJA7mKW+XPhkiVtO6dg7udkXTM1Na
GaHa3zySruZ93/qwPx0OeP2Ko/uXLaS/RE5nHzK3S630A9tUqL0tdBpdforLSc4h
4sw2udQLg93kkqm5GBZ361NH+UaHE9MXqgmqbhLG1npKh3LUmNYz8tXf7kK+YZjF
-----END CERTIFICATE-----
Generated at Mon Apr 21 23:08:26 2025 by rpki-client