Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/c4ccc3-65d6-485d-9be0-a7a5f478dd72/1/47w5WypoVxOH0CRAnnA51iZ4sRE.roa
File: 47w5WypoVxOH0CRAnnA51iZ4sRE.roa (raw, json)
Hash identifier: 1cWLqJuyDxjf9qQa17hqHNlQnNxJo3gbFkPUk4Kp8ow=
Subject key identifier: E3:BC:39:5B:2A:68:57:13:87:D0:24:40:9E:70:39:D6:26:78:B1:11
Certificate issuer: /CN=5a94c4bc4d2563e252ebfcc0fbc2ac199cce608a
Certificate serial: 018CC94BE56E5492FBE6999AEA946F62136F
Authority key identifier: 5A:94:C4:BC:4D:25:63:E2:52:EB:FC:C0:FB:C2:AC:19:9C:CE:60:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WpTEvE0lY-JS6_zA-8KsGZzOYIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/c4ccc3-65d6-485d-9be0-a7a5f478dd72/1/47w5WypoVxOH0CRAnnA51iZ4sRE.roa
Signing time: Tue 02 Jan 2024 08:30:43 +0000
ROA not before: Tue 02 Jan 2024 08:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204918
IP address blocks: 185.171.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 08:32:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:e5:6e:54:92:fb:e6:99:9a:ea:94:6f:62:13:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a94c4bc4d2563e252ebfcc0fbc2ac199cce608a
Validity
Not Before: Jan 2 08:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3bc395b2a68571387d024409e7039d62678b111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b8:b8:ea:20:ba:9a:8c:b0:1a:6a:9b:aa:fe:
de:1d:01:42:b8:51:0a:00:61:de:7c:66:6e:1f:89:
79:c5:79:74:e9:71:84:39:63:b1:e5:97:ba:ca:fd:
4b:fa:9a:6e:08:68:ec:cb:57:94:d5:a7:ab:a2:47:
69:7d:4b:93:4c:99:e0:e1:c0:01:2a:9d:f6:90:9c:
c0:c2:2e:e5:4d:00:b4:d7:85:19:71:24:39:27:9e:
3f:58:07:d4:ec:dc:d2:71:d2:29:00:b8:16:6d:22:
cb:d9:64:49:12:98:23:23:16:93:1b:26:cf:71:7b:
ca:df:20:9a:01:77:51:77:93:8c:c2:bd:1b:fb:d3:
c4:8f:ae:a2:10:75:a4:e7:24:ec:94:8e:88:1b:c9:
1a:b8:a1:8f:da:d6:6b:ce:50:01:9c:58:c4:ff:ec:
26:96:7a:a4:2f:8f:ca:f9:8b:05:6e:12:67:59:bf:
7c:cb:40:ff:98:b5:a2:98:e8:5f:ac:4f:af:70:db:
7a:21:39:4b:fe:ca:88:39:2d:dd:72:3a:a7:bd:f9:
6c:71:15:9d:7a:89:e2:27:88:2f:3f:96:35:84:59:
4a:a2:31:a9:52:86:ea:31:fd:bb:2d:3b:c4:e2:53:
3d:4c:97:5c:38:ca:e0:8b:2f:10:d9:4b:25:50:e0:
67:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:BC:39:5B:2A:68:57:13:87:D0:24:40:9E:70:39:D6:26:78:B1:11
X509v3 Authority Key Identifier:
keyid:5A:94:C4:BC:4D:25:63:E2:52:EB:FC:C0:FB:C2:AC:19:9C:CE:60:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpTEvE0lY-JS6_zA-8KsGZzOYIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c4ccc3-65d6-485d-9be0-a7a5f478dd72/1/47w5WypoVxOH0CRAnnA51iZ4sRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c4ccc3-65d6-485d-9be0-a7a5f478dd72/1/WpTEvE0lY-JS6_zA-8KsGZzOYIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.95.0/24
Signature Algorithm: sha256WithRSAEncryption
86:36:8f:b0:c3:c8:71:d2:07:82:a4:63:c6:ab:55:f7:19:6f:
45:3e:25:45:43:e2:d9:85:a8:43:02:d7:13:2b:56:ca:d9:1a:
64:f7:8b:dd:bb:4b:c4:a4:97:0d:4e:8a:a6:aa:7d:31:88:18:
d6:89:d9:da:13:a8:aa:4d:e3:d2:7f:0c:b5:ed:98:d6:b4:6d:
6f:38:b3:34:3c:16:4c:1e:c7:9a:11:64:15:d0:46:95:4e:08:
29:8e:cb:cc:4e:e3:40:7c:f6:0b:8f:5e:1b:92:62:0d:44:dd:
b8:2a:f0:fb:90:c3:8d:81:43:fb:d3:c2:5b:36:57:9e:17:2c:
a2:f7:6a:33:99:98:1e:2c:72:f8:4c:29:1c:25:bb:8b:eb:f2:
5d:81:4c:69:16:c5:d7:70:ad:1e:24:65:9d:c9:f8:3c:04:18:
3d:ce:39:3b:dc:d4:5d:1d:2d:57:7d:a1:0c:aa:f0:3f:90:2e:
4b:ee:18:58:d9:74:d6:64:dd:a6:b0:6e:10:16:b7:c2:48:ae:
e5:c5:4f:6d:c1:7d:be:b7:df:07:c0:ff:2e:39:97:47:e1:07:
e2:80:a8:db:cb:3c:d7:3c:4a:f0:bb:d7:33:b1:55:ac:8e:6b:
ee:21:5e:ba:52:5b:91:b5:be:8b:0e:79:19:88:9a:49:f5:d2:
f6:b5:78:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJS+VuVJL75pma6pRvYhNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOTRjNGJjNGQyNTYzZTI1MmViZmNjMGZiYzJhYzE5OWNj
ZTYwOGEwHhcNMjQwMTAyMDgzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2JjMzk1YjJhNjg1NzEzODdkMDI0NDA5ZTcwMzlkNjI2NzhiMTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLi46iC6moywGmqbqv7eHQFCuFEK
AGHefGZuH4l5xXl06XGEOWOx5Ze6yv1L+ppuCGjsy1eU1aerokdpfUuTTJng4cAB
Kp32kJzAwi7lTQC014UZcSQ5J54/WAfU7NzScdIpALgWbSLL2WRJEpgjIxaTGybP
cXvK3yCaAXdRd5OMwr0b+9PEj66iEHWk5yTslI6IG8kauKGP2tZrzlABnFjE/+wm
lnqkL4/K+YsFbhJnWb98y0D/mLWimOhfrE+vcNt6ITlL/sqIOS3dcjqnvflscRWd
eoniJ4gvP5Y1hFlKojGpUobqMf27LTvE4lM9TJdcOMrgiy8Q2UslUOBn0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOO8OVsqaFcTh9AkQJ5wOdYmeLERMB8GA1UdIwQY
MBaAFFqUxLxNJWPiUuv8wPvCrBmczmCKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3BURXZFMGxZLUpTNl96QS04S3NHWnpPWUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9jNGNjYzMtNjVkNi00ODVkLTliZTAt
YTdhNWY0NzhkZDcyLzEvNDd3NVd5cG9WeE9IMENSQW5uQTUxaVo0c1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9jNGNjYzMtNjVkNi00ODVkLTliZTAtYTdhNWY0NzhkZDcy
LzEvV3BURXZFMGxZLUpTNl96QS04S3NHWnpPWUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuatfMA0G
CSqGSIb3DQEBCwUAA4IBAQCGNo+ww8hx0geCpGPGq1X3GW9FPiVFQ+LZhahDAtcT
K1bK2Rpk94vdu0vEpJcNToqmqn0xiBjWidnaE6iqTePSfwy17ZjWtG1vOLM0PBZM
HseaEWQV0EaVTggpjsvMTuNAfPYLj14bkmINRN24KvD7kMONgUP708JbNleeFyyi
92ozmZgeLHL4TCkcJbuL6/JdgUxpFsXXcK0eJGWdyfg8BBg9zjk73NRdHS1XfaEM
qvA/kC5L7hhY2XTWZN2msG4QFrfCSK7lxU9twX2+t98HwP8uOZdH4QfigKjbyzzX
PErwu9czsVWsjmvuIV66UluRtb6LDnkZiJpJ9dL2tXjL
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:05:20 2025 by rpki-client