Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/W7X8P6WsyvL2cLsBwMgUb--0OX0.roa
File: W7X8P6WsyvL2cLsBwMgUb--0OX0.roa (raw, json)
Hash identifier: Rj1No63Di/gU3ch9BlqkSGWM3ubJfp0Uj1auFjoiZxk=
Subject key identifier: 5B:B5:FC:3F:A5:AC:CA:F2:F6:70:BB:01:C0:C8:14:6F:EF:B4:39:7D
Certificate issuer: /CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Certificate serial: 019131302648EBF772A1A9DC193B12E8599C
Authority key identifier: 8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/W7X8P6WsyvL2cLsBwMgUb--0OX0.roa
Signing time: Thu 08 Aug 2024 08:52:04 +0000
ROA not before: Thu 08 Aug 2024 08:52:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62038
IP address blocks: 153.92.96.0/21 maxlen: 21
185.50.32.0/22 maxlen: 22
2a04:bd40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:30:26:48:eb:f7:72:a1:a9:dc:19:3b:12:e8:59:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Validity
Not Before: Aug 8 08:52:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5bb5fc3fa5accaf2f670bb01c0c8146fefb4397d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:94:ba:26:79:91:d7:c4:de:a4:7d:2f:ec:ed:
cf:39:a8:90:c1:87:8d:6d:33:e7:20:32:0c:67:1c:
e0:ea:8d:fe:fe:96:64:16:6c:ab:8b:5b:6d:a1:c7:
24:89:27:42:cd:3a:9d:05:94:35:43:21:dc:3a:e3:
bc:f2:29:01:1c:81:ba:f9:92:62:dd:79:b8:0a:af:
45:58:7b:3a:8f:64:4d:f4:9e:e7:27:36:73:4c:2a:
0b:91:d1:b0:0a:eb:d6:17:e7:0c:9e:e9:4b:27:5a:
33:90:ae:87:8b:61:59:26:f0:cf:45:5c:1b:02:ec:
d0:fb:9c:63:61:90:ad:bd:90:84:64:df:b9:6f:84:
7f:1b:be:4f:c2:d6:9a:99:6f:b2:e8:7d:38:b5:05:
0d:01:52:5d:11:54:c7:0c:7f:de:43:f2:64:d4:5f:
77:b6:37:40:fe:1d:95:b4:1f:64:9a:b0:48:d3:6f:
ee:7b:c7:7f:2e:38:87:a4:0f:23:53:da:59:8f:88:
5c:e8:98:82:40:01:c3:6d:12:d4:1d:aa:e7:3f:b9:
12:b7:86:41:5b:42:68:03:ef:a6:3e:17:c7:a9:d2:
37:e8:ce:ed:59:c6:30:9c:22:b6:11:16:90:75:79:
07:6c:51:dc:ad:3b:76:54:47:ad:89:4c:86:6c:af:
ff:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B5:FC:3F:A5:AC:CA:F2:F6:70:BB:01:C0:C8:14:6F:EF:B4:39:7D
X509v3 Authority Key Identifier:
keyid:8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/W7X8P6WsyvL2cLsBwMgUb--0OX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.92.96.0/21
185.50.32.0/22
IPv6:
2a04:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
0f:1c:e4:0c:86:0c:27:cb:51:27:7e:9e:01:32:ab:20:a2:d0:
e6:d3:2d:be:c9:5d:3a:af:c1:4f:42:79:51:7e:c2:59:86:07:
8f:36:20:d2:f4:1d:24:2d:5c:84:83:80:b3:2f:dd:e0:ab:a5:
1a:6e:a7:f1:3f:67:79:a0:b7:21:c3:52:18:ac:b5:38:aa:08:
2f:4f:ff:56:90:f3:28:ad:11:d1:4f:89:b5:8e:4a:c3:2e:03:
64:a1:27:17:93:8e:88:bd:52:08:c3:71:a7:f1:1a:cc:2b:d9:
f5:eb:5f:a7:89:c9:f3:a2:fe:5a:01:eb:23:fe:2d:71:a0:bc:
e2:16:73:2b:e6:0a:b2:40:52:f3:14:e9:34:87:f3:2e:fd:ba:
01:b3:b0:cc:5a:99:e6:06:2b:ed:f7:0c:2d:f1:53:ea:11:2c:
9f:17:2e:3c:3a:c4:1b:6e:fc:10:ce:76:57:b1:b4:45:e4:65:
4f:18:b9:c3:38:38:09:ff:c1:0a:51:a5:9c:57:4a:56:52:95:
ba:53:69:ae:9e:f9:2a:60:f9:a6:7c:46:48:77:75:c8:0d:97:
bb:47:5b:a7:64:30:90:7c:f5:20:b2:99:42:03:2d:74:37:83:
30:e4:db:93:77:01:ec:8e:07:85:2e:cf:6e:63:5a:68:46:2f:
fc:09:ef:84
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZExMCZI6/dyoancGTsS6FmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGNmMjZmNzQ4NjA1ODhjYWM2YmFlMTdmOTlkZTIyZGJj
NDlhZTYwHhcNMjQwODA4MDg1MjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmI1ZmMzZmE1YWNjYWYyZjY3MGJiMDFjMGM4MTQ2ZmVmYjQzOTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZS6JnmR18TepH0v7O3POaiQwYeN
bTPnIDIMZxzg6o3+/pZkFmyri1ttocckiSdCzTqdBZQ1QyHcOuO88ikBHIG6+ZJi
3Xm4Cq9FWHs6j2RN9J7nJzZzTCoLkdGwCuvWF+cMnulLJ1ozkK6Hi2FZJvDPRVwb
AuzQ+5xjYZCtvZCEZN+5b4R/G75PwtaamW+y6H04tQUNAVJdEVTHDH/eQ/Jk1F93
tjdA/h2VtB9kmrBI02/ue8d/LjiHpA8jU9pZj4hc6JiCQAHDbRLUHarnP7kSt4ZB
W0JoA++mPhfHqdI36M7tWcYwnCK2ERaQdXkHbFHcrTt2VEetiUyGbK//UQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFu1/D+lrMry9nC7AcDIFG/vtDl9MB8GA1UdIwQY
MBaAFIzc8m90hgWIysa64X+Z3iLbxJrmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMt
MmZiMjVhYmZkYzUzLzEvVzdYOFA2V3N5dkwyY0xzQndNZ1ViLS0wT1gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMtMmZiMjVhYmZkYzUz
LzEvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDmVxgAwQC
uTIgMA0EAgACMAcDBQMqBL1AMA0GCSqGSIb3DQEBCwUAA4IBAQAPHOQMhgwny1En
fp4BMqsgotDm0y2+yV06r8FPQnlRfsJZhgePNiDS9B0kLVyEg4CzL93gq6Uabqfx
P2d5oLchw1IYrLU4qggvT/9WkPMorRHRT4m1jkrDLgNkoScXk46IvVIIw3Gn8RrM
K9n161+nicnzov5aAesj/i1xoLziFnMr5gqyQFLzFOk0h/Mu/boBs7DMWpnmBivt
9wwt8VPqESyfFy48OsQbbvwQznZXsbRF5GVPGLnDODgJ/8EKUaWcV0pWUpW6U2mu
nvkqYPmmfEZId3XIDZe7R1unZDCQfPUgsplCAy10N4Mw5NuTdwHsjgeFLs9uY1po
Ri/8Ce+E
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:42 2025 by rpki-client