Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WmoBqfFYbhjiaUW7az-vrLEoXIs.roa
File: WmoBqfFYbhjiaUW7az-vrLEoXIs.roa (raw, json)
Hash identifier: 10b1BqJ5qJoMihKyReOQsO2UiLfdln87kC6CqRl7Be4=
Subject key identifier: 5A:6A:01:A9:F1:58:6E:18:E2:69:45:BB:6B:3F:AF:AC:B1:28:5C:8B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824A930CEC36E5BEF360996749D73F7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WmoBqfFYbhjiaUW7az-vrLEoXIs.roa
Signing time: Thu 02 Jan 2025 17:51:18 +0000
ROA not before: Thu 02 Jan 2025 17:51:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201133
IP address blocks: 85.217.222.0/24 maxlen: 24
85.217.223.0/24 maxlen: 24
93.123.10.0/24 maxlen: 24
93.123.73.0/24 maxlen: 24
93.123.73.207/32 maxlen: 32
94.156.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 15:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:a9:30:ce:c3:6e:5b:ef:36:09:96:74:9d:73:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a6a01a9f1586e18e26945bb6b3fafacb1285c8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4b:4c:47:81:2d:a9:bd:c2:63:4d:06:a0:9c:
09:f3:d4:0d:d2:17:13:1e:d1:1a:97:bc:32:33:28:
9a:9c:53:e0:b6:9d:ff:b6:2e:f8:35:09:8b:ac:20:
be:2d:9e:96:9e:5e:e7:91:11:89:cf:b2:83:9c:d9:
e4:17:47:56:0b:59:ae:1b:ff:1e:36:8e:57:eb:54:
ff:bc:88:30:c6:c6:2c:68:9c:09:fd:8f:89:d8:6b:
6a:93:a4:04:c3:ee:7f:f4:1c:11:ef:94:dd:4f:4b:
bc:51:51:9b:f1:b6:ea:86:c0:f8:66:e8:01:37:1f:
a7:da:38:f2:c0:e2:4b:6a:c4:4d:60:56:bd:68:6a:
9c:29:1e:cd:37:df:93:73:06:70:22:7f:2c:7c:08:
42:33:03:90:6d:e1:f3:e2:bb:df:ee:59:34:da:60:
03:8f:d7:05:b0:d9:97:4f:d0:53:4f:ce:d8:ae:f2:
fa:c0:e7:a2:12:cb:d1:dc:db:c3:78:82:5c:6e:bc:
43:ba:d9:e7:0b:2f:58:98:43:20:e1:65:20:c4:6e:
51:24:44:74:35:ab:8f:91:1e:a4:10:1d:8c:5d:9c:
cd:51:2b:85:c6:81:0e:a7:02:1a:9a:4e:0f:13:c1:
e3:b5:2c:48:6e:5a:c2:8b:31:a7:53:a8:7c:47:2e:
84:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6A:01:A9:F1:58:6E:18:E2:69:45:BB:6B:3F:AF:AC:B1:28:5C:8B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WmoBqfFYbhjiaUW7az-vrLEoXIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.222.0/23
93.123.10.0/24
93.123.73.0/24
94.156.175.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:83:2b:e8:36:16:3c:8c:8e:e2:14:bd:ff:a1:73:f5:59:7e:
9c:fe:c7:90:8e:2d:33:3b:2a:31:24:4a:03:52:ae:71:6d:89:
a6:7a:e8:06:c8:52:4f:1a:1e:e0:27:d5:cf:48:d2:f1:06:2a:
53:da:74:d4:cd:c4:de:87:d3:79:09:e4:f2:6a:fe:a5:fc:d9:
d5:6c:2c:33:af:78:da:76:29:68:53:27:7c:36:97:43:21:0e:
db:c2:5a:f7:96:99:e6:81:78:3d:a5:79:77:e3:70:33:f5:0a:
07:53:a8:d2:c3:19:09:7a:a0:64:c0:1f:4c:23:ca:c3:ae:47:
af:e3:1f:85:be:01:f8:72:43:9f:d1:cc:23:c2:be:10:b2:5d:
0e:12:0c:c2:0d:e3:2e:e4:8b:14:bd:07:c7:9f:6c:53:d6:15:
bd:a3:60:f9:5d:56:89:90:26:44:ba:e8:76:95:cf:94:7e:43:
c8:51:77:c6:5b:34:9c:f6:3a:d9:11:e3:26:bb:66:a5:a3:b5:
df:50:a0:4e:95:16:47:90:b1:13:a8:4e:11:35:35:ad:43:90:
b8:1b:2a:a3:8e:50:bf:4e:e3:31:14:1a:bf:d2:1a:1b:af:0b:
f0:51:ee:8c:58:64:8f:06:1e:28:bc:61:bf:2b:38:58:4b:d9:
f1:39:66:fe
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoJKkwzsNuW+82CZZ0nXP3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTZhMDFhOWYxNTg2ZTE4ZTI2OTQ1YmI2YjNmYWZhY2IxMjg1YzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0tMR4Etqb3CY00GoJwJ89QN0hcT
HtEal7wyMyianFPgtp3/ti74NQmLrCC+LZ6Wnl7nkRGJz7KDnNnkF0dWC1muG/8e
No5X61T/vIgwxsYsaJwJ/Y+J2Gtqk6QEw+5/9BwR75TdT0u8UVGb8bbqhsD4ZugB
Nx+n2jjywOJLasRNYFa9aGqcKR7NN9+TcwZwIn8sfAhCMwOQbeHz4rvf7lk02mAD
j9cFsNmXT9BTT87YrvL6wOeiEsvR3NvDeIJcbrxDutnnCy9YmEMg4WUgxG5RJER0
NauPkR6kEB2MXZzNUSuFxoEOpwIamk4PE8HjtSxIblrCizGnU6h8Ry6EHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFpqAanxWG4Y4mlFu2s/r6yxKFyLMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvV21vQnFmRlliaGppYVVXN2F6LXZyTEVvWElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBVdneAwQA
XXsKAwQAXXtJAwQAXpyvMA0GCSqGSIb3DQEBCwUAA4IBAQAPgyvoNhY8jI7iFL3/
oXP1WX6c/seQji0zOyoxJEoDUq5xbYmmeugGyFJPGh7gJ9XPSNLxBipT2nTUzcTe
h9N5CeTyav6l/NnVbCwzr3jadiloUyd8NpdDIQ7bwlr3lpnmgXg9pXl343Az9QoH
U6jSwxkJeqBkwB9MI8rDrkev4x+FvgH4ckOf0cwjwr4Qsl0OEgzCDeMu5IsUvQfH
n2xT1hW9o2D5XVaJkCZEuuh2lc+UfkPIUXfGWzSc9jrZEeMmu2alo7XfUKBOlRZH
kLETqE4RNTWtQ5C4GyqjjlC/TuMxFBq/0hobrwvwUe6MWGSPBh4ovGG/KzhYS9nx
OWb+
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:35:58 2025 by rpki-client