Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iWZWQALeLi6TPeRjJDOrWgygsKA.roa
File: iWZWQALeLi6TPeRjJDOrWgygsKA.roa (raw, json)
Hash identifier: AfQTkUrDQESGGZ7sYtTf75m6GGrG0ktBLXT7f8dSeqE=
Subject key identifier: 89:66:56:40:02:DE:2E:2E:93:3D:E4:63:24:33:AB:5A:0C:A0:B0:A0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019428251015F3A54A5D3418A5720EFA2E23
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iWZWQALeLi6TPeRjJDOrWgygsKA.roa
Signing time: Thu 02 Jan 2025 17:51:45 +0000
ROA not before: Thu 02 Jan 2025 17:51:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214300
IP address blocks: 193.124.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Jan 2025 12:47:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:10:15:f3:a5:4a:5d:34:18:a5:72:0e:fa:2e:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8966564002de2e2e933de4632433ab5a0ca0b0a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d1:e2:1f:b7:06:72:fd:27:db:14:d7:be:66:
c9:0f:35:ef:e1:4a:35:9a:5d:b9:38:46:35:53:fd:
a8:0e:8e:b3:e9:52:3a:0b:e8:c8:92:c3:4a:68:8d:
2a:f6:1c:eb:fe:9c:dc:d6:5f:00:d6:df:f7:07:c3:
60:8c:d0:f6:09:a2:cb:c0:3c:4a:fb:9b:27:b8:d9:
e8:3e:34:49:2f:5d:3f:ff:e9:82:b1:1a:3a:4d:eb:
c6:a5:5c:bd:5a:8e:90:5c:84:43:be:21:48:f8:8b:
5a:78:38:a7:ea:d8:ea:4d:74:65:44:79:93:bb:ff:
a2:6e:0d:09:e1:67:48:65:0a:8e:9b:aa:45:37:7d:
60:1d:5e:84:6d:43:2b:2a:dd:77:c5:e7:5f:c8:a0:
9f:4b:38:25:aa:aa:75:d6:e7:50:2e:f1:d0:a9:05:
1d:8a:46:e0:e9:10:f8:9b:79:e4:5c:71:12:81:40:
e0:48:cd:e2:26:be:06:22:31:ce:81:28:aa:10:7a:
33:8c:31:cf:d4:9e:0f:67:11:35:1c:d9:99:c9:09:
b3:48:6c:dd:5e:00:ee:80:ee:dc:40:a0:7e:1b:59:
e4:71:bc:0f:db:7b:2b:61:ad:99:c2:ee:e2:ee:3e:
96:5a:2e:92:d1:b5:66:ba:65:53:e2:51:1c:a8:7f:
94:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:66:56:40:02:DE:2E:2E:93:3D:E4:63:24:33:AB:5A:0C:A0:B0:A0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iWZWQALeLi6TPeRjJDOrWgygsKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.89.0/24
Signature Algorithm: sha256WithRSAEncryption
36:a6:40:f9:a2:49:9e:c1:c0:9f:12:0f:c3:5a:52:5b:20:ed:
7b:06:6a:f9:d3:1c:fb:a5:7a:8b:59:3e:9a:47:9b:a9:22:62:
8a:c7:96:16:22:f4:de:0b:80:04:dc:7d:21:8b:29:2b:13:84:
d3:6e:5f:38:1d:69:61:89:92:83:7d:ca:43:b2:67:ec:46:82:
7b:02:59:29:4f:35:42:df:17:86:4d:c5:21:bb:25:ee:b2:5e:
53:f0:eb:e2:d5:d2:c2:e7:a8:c0:5b:d1:43:a3:8a:5c:ab:41:
50:04:76:43:6f:9e:44:39:63:14:fc:e6:12:d5:ac:74:ca:c5:
ff:c2:1e:26:11:c0:e9:9f:c5:df:01:da:9c:ad:c4:cd:d3:1f:
e0:7d:99:ed:73:e1:cf:74:39:f0:32:59:b9:37:be:fc:e4:5d:
93:e6:c4:1c:c2:da:44:43:3b:2d:01:f7:01:f5:ef:28:d4:47:
e6:5c:fe:1c:8b:62:ef:69:a8:2e:bc:87:a2:b6:53:b0:44:ab:
69:4b:0b:73:9d:5e:10:32:eb:2e:21:ee:1a:45:2d:a5:f4:2c:
06:3e:0c:4d:2a:41:61:9a:a6:cb:30:ea:b6:80:35:af:a9:86:
1e:c9:b3:60:be:3a:3d:c0:15:74:e1:96:55:21:4c:bc:c2:9e:
3b:6d:f8:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJRAV86VKXTQYpXIO+i4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTY2NTY0MDAyZGUyZTJlOTMzZGU0NjMyNDMzYWI1YTBjYTBiMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodHiH7cGcv0n2xTXvmbJDzXv4Uo1
ml25OEY1U/2oDo6z6VI6C+jIksNKaI0q9hzr/pzc1l8A1t/3B8NgjND2CaLLwDxK
+5snuNnoPjRJL10//+mCsRo6TevGpVy9Wo6QXIRDviFI+ItaeDin6tjqTXRlRHmT
u/+ibg0J4WdIZQqOm6pFN31gHV6EbUMrKt13xedfyKCfSzglqqp11udQLvHQqQUd
ikbg6RD4m3nkXHESgUDgSM3iJr4GIjHOgSiqEHozjDHP1J4PZxE1HNmZyQmzSGzd
XgDugO7cQKB+G1nkcbwP23srYa2Zwu7i7j6WWi6S0bVmumVT4lEcqH+U+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIlmVkAC3i4ukz3kYyQzq1oMoLCgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaVdaV1FBTGVMaTZUUGVSakpET3JXZ3lnc0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwXxZMA0G
CSqGSIb3DQEBCwUAA4IBAQA2pkD5okmewcCfEg/DWlJbIO17Bmr50xz7pXqLWT6a
R5upImKKx5YWIvTeC4AE3H0hiykrE4TTbl84HWlhiZKDfcpDsmfsRoJ7AlkpTzVC
3xeGTcUhuyXusl5T8Ovi1dLC56jAW9FDo4pcq0FQBHZDb55EOWMU/OYS1ax0ysX/
wh4mEcDpn8XfAdqcrcTN0x/gfZntc+HPdDnwMlm5N7785F2T5sQcwtpEQzstAfcB
9e8o1EfmXP4ci2LvaaguvIeitlOwRKtpSwtznV4QMusuIe4aRS2l9CwGPgxNKkFh
mqbLMOq2gDWvqYYeybNgvjo9wBV04ZZVIUy8wp47bfi8
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:15:26 2025 by rpki-client