Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/81235b-2e04-471f-8689-69baafdd9a6e/1/Wyq8iXIMTYI6BWr6gUlY1BO6KKg.roa
File: Wyq8iXIMTYI6BWr6gUlY1BO6KKg.roa (raw, json)
Hash identifier: fNIr//Ner6R8YKwnA+0Mcobjm+ATkY4mmb8mTwsF/q8=
Subject key identifier: 5B:2A:BC:89:72:0C:4D:82:3A:05:6A:FA:81:49:58:D4:13:BA:28:A8
Certificate issuer: /CN=666d97ceb84e9c616bfe6d93576cc33bbf4b63ef
Certificate serial: 018CC6B791FF928F253688839BD20B015D9E
Authority key identifier: 66:6D:97:CE:B8:4E:9C:61:6B:FE:6D:93:57:6C:C3:3B:BF:4B:63:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zm2XzrhOnGFr_m2TV2zDO79LY-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/81235b-2e04-471f-8689-69baafdd9a6e/1/Wyq8iXIMTYI6BWr6gUlY1BO6KKg.roa
Signing time: Mon 01 Jan 2024 20:29:28 +0000
ROA not before: Mon 01 Jan 2024 20:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16141
IP address blocks: 212.70.244.0/22 maxlen: 22
212.70.248.0/22 maxlen: 22
212.70.224.0/19 maxlen: 24
212.70.226.0/24 maxlen: 24
212.70.228.0/22 maxlen: 22
212.70.232.0/21 maxlen: 21
212.70.240.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:91:ff:92:8f:25:36:88:83:9b:d2:0b:01:5d:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=666d97ceb84e9c616bfe6d93576cc33bbf4b63ef
Validity
Not Before: Jan 1 20:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b2abc89720c4d823a056afa814958d413ba28a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ef:4b:a6:51:0e:96:6f:c4:c4:ae:d3:ca:46:
7c:51:d5:c0:2d:fb:bd:b2:4d:0f:56:e2:f5:e8:60:
3d:7e:a0:e0:d5:5f:a6:c2:66:d0:62:b5:b4:65:10:
17:0d:b1:15:11:be:ec:f1:97:68:71:9b:d7:88:be:
16:b6:36:9d:b8:47:96:12:99:9f:e8:be:3d:73:92:
80:8a:e5:25:8a:74:da:e4:2d:2b:9d:da:4e:0e:30:
e7:23:7a:6f:4d:21:94:cf:a7:75:58:2d:31:4b:49:
7b:4f:ad:09:17:ea:a1:3c:ee:8b:d2:89:02:89:cf:
61:94:c8:41:65:1e:84:a2:4a:c0:7b:d3:9f:36:fa:
e6:3a:5e:e3:00:1d:69:c3:4e:61:62:63:38:f2:c2:
d8:df:c8:72:ca:c5:5b:af:6c:30:aa:25:1a:f4:b6:
39:2d:13:26:8a:4a:63:5d:45:01:89:f0:c7:d8:25:
dc:be:70:d9:a0:55:28:22:68:61:61:12:fb:5f:31:
a8:1e:3b:7f:fc:53:f6:0d:0d:29:a5:32:aa:71:01:
e5:2d:7c:40:34:12:42:7c:5b:d8:9f:65:66:27:cf:
4b:70:49:16:6d:44:eb:76:7d:39:ac:60:48:1f:54:
18:32:f8:4a:2c:62:00:85:9b:6c:68:69:b4:0a:b3:
2a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:2A:BC:89:72:0C:4D:82:3A:05:6A:FA:81:49:58:D4:13:BA:28:A8
X509v3 Authority Key Identifier:
keyid:66:6D:97:CE:B8:4E:9C:61:6B:FE:6D:93:57:6C:C3:3B:BF:4B:63:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zm2XzrhOnGFr_m2TV2zDO79LY-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/81235b-2e04-471f-8689-69baafdd9a6e/1/Wyq8iXIMTYI6BWr6gUlY1BO6KKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/81235b-2e04-471f-8689-69baafdd9a6e/1/Zm2XzrhOnGFr_m2TV2zDO79LY-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.70.224.0/19
Signature Algorithm: sha256WithRSAEncryption
41:c6:80:65:93:6e:10:be:c5:14:aa:7a:75:73:08:0f:97:a7:
74:e4:cb:78:bf:1c:f9:fa:8b:72:90:a2:1c:89:d7:b4:8c:b1:
6b:ff:23:06:80:39:a8:22:6c:7b:15:2a:f0:30:e9:0b:f8:5d:
e2:35:92:92:a9:b7:b9:76:e7:73:21:84:2a:64:82:45:88:ac:
28:1c:27:32:f5:62:9f:96:f8:c3:99:00:df:ba:88:07:03:f7:
05:1e:28:11:56:b9:cf:2d:59:22:79:4a:37:25:2d:d1:de:dd:
12:c5:ad:b3:bd:ed:c6:40:02:0f:2d:3f:7c:6f:cc:c1:78:52:
d4:73:f1:87:1e:e7:8f:34:e9:16:0e:e3:85:9b:9d:a6:69:f2:
58:9a:53:d6:39:a3:bc:db:0d:51:3e:33:79:e0:fd:4e:97:0b:
f9:6a:8c:c8:45:4f:ca:8f:89:e8:e2:25:c3:e8:d4:d9:34:64:
61:c3:b9:ee:64:4f:58:13:02:22:18:0c:a2:75:b0:f4:e2:09:
2c:b7:0b:be:46:73:87:1f:40:92:6b:93:14:77:66:62:8d:b8:
4d:ea:29:c0:39:53:45:8e:9a:a0:f2:e0:48:cb:08:74:27:0d:
2d:d4:5c:63:15:d3:49:68:4e:b8:16:1b:46:cf:f6:0a:1f:02:
8b:a9:49:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt5H/ko8lNoiDm9ILAV2eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NmQ5N2NlYjg0ZTljNjE2YmZlNmQ5MzU3NmNjMzNiYmY0
YjYzZWYwHhcNMjQwMTAxMjAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjJhYmM4OTcyMGM0ZDgyM2EwNTZhZmE4MTQ5NThkNDEzYmEyOGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwe9LplEOlm/ExK7TykZ8UdXALfu9
sk0PVuL16GA9fqDg1V+mwmbQYrW0ZRAXDbEVEb7s8ZdocZvXiL4WtjaduEeWEpmf
6L49c5KAiuUlinTa5C0rndpODjDnI3pvTSGUz6d1WC0xS0l7T60JF+qhPO6L0okC
ic9hlMhBZR6EokrAe9OfNvrmOl7jAB1pw05hYmM48sLY38hyysVbr2wwqiUa9LY5
LRMmikpjXUUBifDH2CXcvnDZoFUoImhhYRL7XzGoHjt//FP2DQ0ppTKqcQHlLXxA
NBJCfFvYn2VmJ89LcEkWbUTrdn05rGBIH1QYMvhKLGIAhZtsaGm0CrMqawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFsqvIlyDE2COgVq+oFJWNQTuiioMB8GA1UdIwQY
MBaAFGZtl864Tpxha/5tk1dswzu/S2PvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm0yWHpyaE9uR0ZyX20yVFYyekRPNzlMWS04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84MTIzNWItMmUwNC00NzFmLTg2ODkt
NjliYWFmZGQ5YTZlLzEvV3lxOGlYSU1UWUk2QldyNmdVbFkxQk82S0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84MTIzNWItMmUwNC00NzFmLTg2ODktNjliYWFmZGQ5YTZl
LzEvWm0yWHpyaE9uR0ZyX20yVFYyekRPNzlMWS04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1EbgMA0G
CSqGSIb3DQEBCwUAA4IBAQBBxoBlk24QvsUUqnp1cwgPl6d05Mt4vxz5+otykKIc
ide0jLFr/yMGgDmoImx7FSrwMOkL+F3iNZKSqbe5dudzIYQqZIJFiKwoHCcy9WKf
lvjDmQDfuogHA/cFHigRVrnPLVkieUo3JS3R3t0Sxa2zve3GQAIPLT98b8zBeFLU
c/GHHuePNOkWDuOFm52mafJYmlPWOaO82w1RPjN54P1Olwv5aozIRU/Kj4no4iXD
6NTZNGRhw7nuZE9YEwIiGAyidbD04gkstwu+RnOHH0CSa5MUd2ZijbhN6inAOVNF
jpqg8uBIywh0Jw0t1FxjFdNJaE64FhtGz/YKHwKLqUla
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:19:03 2025 by rpki-client