Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/Wfa2iAlFu6WKLlcz-DItzFvmXnk.roa
File: Wfa2iAlFu6WKLlcz-DItzFvmXnk.roa (raw, json)
Hash identifier: cGJoaIb8DmjVXHc9/+cByayI8tCk0/pMIEjjIYe1aGw=
Subject key identifier: 59:F6:B6:88:09:45:BB:A5:8A:2E:57:33:F8:32:2D:CC:5B:E6:5E:79
Certificate issuer: /CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Certificate serial: 018CC26D3FC8BC07621B6234DD58E56AE365
Authority key identifier: AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/Wfa2iAlFu6WKLlcz-DItzFvmXnk.roa
Signing time: Mon 01 Jan 2024 00:29:48 +0000
ROA not before: Mon 01 Jan 2024 00:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58327
IP address blocks: 193.242.188.0/23 maxlen: 24
176.120.168.0/21 maxlen: 24
185.239.4.0/22 maxlen: 24
5.252.252.0/22 maxlen: 24
188.212.32.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 13:56:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:3f:c8:bc:07:62:1b:62:34:dd:58:e5:6a:e3:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Validity
Not Before: Jan 1 00:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59f6b6880945bba58a2e5733f8322dcc5be65e79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:6d:f9:65:c8:68:7a:6d:55:be:ab:d9:dd:c4:
25:6c:54:e6:b0:3d:e0:fd:20:ef:b8:7e:41:39:25:
e4:2c:87:52:21:87:53:cc:7e:fa:dc:38:59:0b:5d:
1c:fe:0b:ad:64:01:eb:54:8b:d5:d1:4a:37:1a:71:
d0:28:a8:a4:6a:5d:3c:34:78:b1:cf:7a:d0:21:b2:
ca:e1:66:82:df:a7:3d:24:e3:af:34:26:df:4a:10:
44:08:93:36:1d:c4:fb:5c:74:fb:e4:4b:eb:ea:09:
13:f3:ec:8c:8c:e3:5f:e0:f6:e3:54:e4:a0:10:8c:
48:8a:41:b4:00:54:52:f8:90:39:ca:08:f6:4d:82:
12:d5:3f:0f:0a:52:48:22:16:a5:b0:33:d7:59:0d:
3b:e4:73:23:80:e8:3e:57:7d:f2:8c:3f:29:3e:be:
01:a8:6d:0b:88:76:32:b5:40:08:1b:e6:f1:19:2f:
6b:dd:a1:03:be:d2:a9:23:c7:aa:b1:e3:4f:c6:80:
f8:72:6b:0f:b5:7c:8f:4a:cd:11:c2:2f:1e:cf:b2:
75:0d:0e:f0:de:cc:de:02:21:d1:ee:e0:e1:6f:4a:
bf:50:a6:f2:95:2a:34:5b:d2:12:c4:a2:2a:be:08:
46:7b:47:d9:4e:62:79:0c:2d:ec:91:73:79:19:63:
d7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F6:B6:88:09:45:BB:A5:8A:2E:57:33:F8:32:2D:CC:5B:E6:5E:79
X509v3 Authority Key Identifier:
keyid:AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/Wfa2iAlFu6WKLlcz-DItzFvmXnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.252.0/22
176.120.168.0/21
185.239.4.0/22
188.212.32.0/23
193.242.188.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:47:78:6b:48:47:59:67:02:93:42:0a:75:3e:f3:5e:2e:5f:
7e:ff:5e:cd:3a:5e:49:09:c1:63:1f:0a:40:79:4b:03:59:cf:
95:20:6f:85:34:d2:87:1f:9d:2f:d0:1e:ea:58:d1:4c:64:8e:
36:6d:00:85:17:62:48:07:bc:31:2d:5c:54:06:e0:89:35:2f:
ae:48:c4:42:e4:5f:ac:d1:b9:56:dd:26:f4:29:a1:3a:70:2a:
87:e4:1c:1f:af:c6:c6:45:3d:65:dd:9b:a6:73:3b:72:cb:ac:
e7:e9:b7:1e:d4:70:0b:0c:ea:c4:23:fd:81:62:8f:b6:a1:f8:
9e:15:8b:aa:5e:ae:f0:61:13:97:58:00:d5:c9:c2:7c:bb:d4:
a2:d2:3f:91:cd:90:26:d1:e7:e8:24:07:41:18:72:df:c1:5c:
04:20:77:1f:65:a1:73:18:77:5f:4f:8d:ab:67:8b:bb:54:cf:
ab:f9:2f:86:57:0c:12:7d:c6:5d:f7:92:af:b5:d3:16:f5:be:
25:f4:71:e2:b5:35:ee:51:e7:41:71:8b:01:13:b4:2c:ba:9c:
e0:b5:1d:b1:5b:4d:8e:16:30:41:86:84:89:c2:9c:75:3a:8a:
8a:cd:8c:6d:53:80:27:5f:36:cc:93:cb:8c:b6:02:a8:79:9f:
4f:79:39:84
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzCbT/IvAdiG2I03VjlauNlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiODNlNjRmNzJkZDU4ODlmYjEzZGMyMThjNjgzZjZlMmZh
Y2Y1YjIwHhcNMjQwMTAxMDAyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWY2YjY4ODA5NDViYmE1OGEyZTU3MzNmODMyMmRjYzViZTY1ZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim35Zchoem1VvqvZ3cQlbFTmsD3g
/SDvuH5BOSXkLIdSIYdTzH763DhZC10c/gutZAHrVIvV0Uo3GnHQKKikal08NHix
z3rQIbLK4WaC36c9JOOvNCbfShBECJM2HcT7XHT75Evr6gkT8+yMjONf4PbjVOSg
EIxIikG0AFRS+JA5ygj2TYIS1T8PClJIIhalsDPXWQ075HMjgOg+V33yjD8pPr4B
qG0LiHYytUAIG+bxGS9r3aEDvtKpI8eqseNPxoD4cmsPtXyPSs0Rwi8ez7J1DQ7w
3szeAiHR7uDhb0q/UKbylSo0W9ISxKIqvghGe0fZTmJ5DC3skXN5GWPXiQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFn2togJRbulii5XM/gyLcxb5l55MB8GA1UdIwQY
MBaAFKuD5k9y3ViJ+xPcIYxoP24vrPWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUt
NTQxZjQ4OTI0OTUyLzEvV2ZhMmlBbEZ1NldLTGxjei1ESXR6RnZtWG5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUtNTQxZjQ4OTI0OTUy
LzEvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBfz8AwQD
sHioAwQCue8EAwQBvNQgAwQBwfK8MA0GCSqGSIb3DQEBCwUAA4IBAQC9R3hrSEdZ
ZwKTQgp1PvNeLl9+/17NOl5JCcFjHwpAeUsDWc+VIG+FNNKHH50v0B7qWNFMZI42
bQCFF2JIB7wxLVxUBuCJNS+uSMRC5F+s0blW3Sb0KaE6cCqH5Bwfr8bGRT1l3Zum
cztyy6zn6bce1HALDOrEI/2BYo+2ofieFYuqXq7wYROXWADVycJ8u9Si0j+RzZAm
0efoJAdBGHLfwVwEIHcfZaFzGHdfT42rZ4u7VM+r+S+GVwwSfcZd95KvtdMW9b4l
9HHitTXuUedBcYsBE7QsupzgtR2xW02OFjBBhoSJwpx1OoqKzYxtU4AnXzbMk8uM
tgKoeZ9PeTmE
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:28:27 2025 by rpki-client