Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/253078-0a7b-45bb-bc67-073639938437/1/weNPuWMW0TmnmZg0ny4LRnGG94g.roa
File: weNPuWMW0TmnmZg0ny4LRnGG94g.roa (raw, json)
Hash identifier: HOShPPwVOmTfadrqV6qx7lL/xePSGBy01W7Gmbk3pdY=
Subject key identifier: C1:E3:4F:B9:63:16:D1:39:A7:99:98:34:9F:2E:0B:46:71:86:F7:88
Certificate issuer: /CN=c4f88b5c6e5116e50cf2b5bdf43e8720f1d8c60f
Certificate serial: 019081DEE3CD124F71A59A2D8BEAF66C80CF
Authority key identifier: C4:F8:8B:5C:6E:51:16:E5:0C:F2:B5:BD:F4:3E:87:20:F1:D8:C6:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xPiLXG5RFuUM8rW99D6HIPHYxg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/253078-0a7b-45bb-bc67-073639938437/1/weNPuWMW0TmnmZg0ny4LRnGG94g.roa
Signing time: Fri 05 Jul 2024 07:49:46 +0000
ROA not before: Fri 05 Jul 2024 07:49:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41589
IP address blocks: 81.25.128.0/20 maxlen: 20
91.142.48.0/20 maxlen: 24
185.118.100.0/22 maxlen: 24
195.34.86.0/23 maxlen: 23
217.171.176.0/20 maxlen: 20
2a02:4d8::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:81:de:e3:cd:12:4f:71:a5:9a:2d:8b:ea:f6:6c:80:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4f88b5c6e5116e50cf2b5bdf43e8720f1d8c60f
Validity
Not Before: Jul 5 07:49:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1e34fb96316d139a79998349f2e0b467186f788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:aa:a2:1e:b4:7c:b1:53:6d:c4:20:80:36:51:
73:6e:cf:e4:49:35:3f:03:42:d6:b4:4a:c1:1b:51:
b5:33:6d:a7:d8:fc:83:79:75:27:1c:74:7a:d1:5d:
d8:4c:70:ce:6c:b9:40:a2:53:7e:f1:df:22:1e:a1:
6e:a1:c5:7c:20:e4:8d:7e:de:7a:e0:62:87:3b:1f:
18:e4:0f:59:7f:1e:7d:84:51:78:07:1d:86:14:3a:
d6:57:19:b4:24:d3:b4:a5:4b:42:78:60:1b:99:51:
a8:e9:c7:ef:a0:c0:db:c6:e7:c3:b1:ed:66:5a:44:
26:7a:87:1b:bf:d6:51:9b:0f:a9:db:ea:cc:46:66:
4c:22:4d:23:66:c2:25:eb:ea:6c:51:6b:f4:fe:7d:
08:47:07:71:a4:58:1b:98:26:08:de:f1:ac:2e:d0:
e8:74:9c:51:80:cc:45:f5:24:fd:57:4c:3f:d1:2b:
fc:9d:66:5c:96:da:fd:b6:06:82:b8:51:aa:ff:2b:
30:86:d9:ef:b5:5d:5e:92:c3:0e:f5:bf:ce:a0:d6:
07:62:5a:d0:10:c9:09:c0:72:85:5d:e0:ca:d0:4a:
80:c7:84:1d:e8:d9:0f:c6:8a:b3:4b:60:0f:66:d0:
a6:d7:f1:99:f7:93:9d:89:74:ce:05:67:ce:4b:2c:
4e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E3:4F:B9:63:16:D1:39:A7:99:98:34:9F:2E:0B:46:71:86:F7:88
X509v3 Authority Key Identifier:
keyid:C4:F8:8B:5C:6E:51:16:E5:0C:F2:B5:BD:F4:3E:87:20:F1:D8:C6:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xPiLXG5RFuUM8rW99D6HIPHYxg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/253078-0a7b-45bb-bc67-073639938437/1/weNPuWMW0TmnmZg0ny4LRnGG94g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/253078-0a7b-45bb-bc67-073639938437/1/xPiLXG5RFuUM8rW99D6HIPHYxg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.25.128.0/20
91.142.48.0/20
185.118.100.0/22
195.34.86.0/23
217.171.176.0/20
IPv6:
2a02:4d8::/32
Signature Algorithm: sha256WithRSAEncryption
5b:39:f5:b5:c4:4d:0b:a5:cc:b9:0a:be:5b:49:85:61:98:7b:
ca:5b:a9:77:bf:9f:c4:d3:25:c5:92:85:e5:4c:19:00:92:a1:
d9:ce:2d:d2:18:23:e4:0f:74:de:9b:c0:ba:c3:0b:8e:99:05:
b1:20:d3:fc:51:e2:c9:75:28:c4:5a:2d:46:be:da:3d:47:2f:
cb:39:d2:34:42:37:75:27:04:96:e1:77:5c:39:ed:f4:8d:2e:
e9:08:ea:a8:5c:13:e3:ca:e3:44:98:75:ac:77:16:1d:ca:c1:
5b:18:52:c8:a7:cd:a6:af:fc:28:73:df:63:9e:ba:2c:8b:85:
5a:eb:42:37:df:8b:69:a9:7e:1e:8d:22:c1:ea:e4:a8:c2:5b:
27:8e:12:d1:43:bf:6c:7f:b3:87:b9:51:ed:fc:a0:71:8d:43:
ca:7e:6a:c8:10:48:c7:43:e1:3f:1c:27:a2:a1:c3:ee:86:85:
7f:8a:a3:c4:49:d7:77:08:9f:e6:00:a3:dd:40:4d:3d:0c:5b:
42:39:bd:59:5d:9e:bb:64:df:06:1d:d9:16:fc:df:25:70:df:
f6:11:33:f9:05:0d:46:d1:79:8d:49:5d:e5:b0:68:ac:bc:f0:
01:89:d0:3d:8a:dd:c5:0b:4a:67:b9:ca:96:1c:99:09:3d:83:
d4:74:89:63
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZCB3uPNEk9xpZoti+r2bIDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Zjg4YjVjNmU1MTE2ZTUwY2YyYjViZGY0M2U4NzIwZjFk
OGM2MGYwHhcNMjQwNzA1MDc0OTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWUzNGZiOTYzMTZkMTM5YTc5OTk4MzQ5ZjJlMGI0NjcxODZmNzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqqiHrR8sVNtxCCANlFzbs/kSTU/
A0LWtErBG1G1M22n2PyDeXUnHHR60V3YTHDObLlAolN+8d8iHqFuocV8IOSNft56
4GKHOx8Y5A9Zfx59hFF4Bx2GFDrWVxm0JNO0pUtCeGAbmVGo6cfvoMDbxufDse1m
WkQmeocbv9ZRmw+p2+rMRmZMIk0jZsIl6+psUWv0/n0IRwdxpFgbmCYI3vGsLtDo
dJxRgMxF9ST9V0w/0Sv8nWZcltr9tgaCuFGq/yswhtnvtV1eksMO9b/OoNYHYlrQ
EMkJwHKFXeDK0EqAx4Qd6NkPxoqzS2APZtCm1/GZ95OdiXTOBWfOSyxO8wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMHjT7ljFtE5p5mYNJ8uC0ZxhveIMB8GA1UdIwQY
MBaAFMT4i1xuURblDPK1vfQ+hyDx2MYPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFBpTFhHNVJGdVVNOHJXOTlENkhJUEhZeGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8yNTMwNzgtMGE3Yi00NWJiLWJjNjct
MDczNjM5OTM4NDM3LzEvd2VOUHVXTVcwVG1ubVpnMG55NExSbkdHOTRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8yNTMwNzgtMGE3Yi00NWJiLWJjNjctMDczNjM5OTM4NDM3
LzEveFBpTFhHNVJGdVVNOHJXOTlENkhJUEhZeGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEURmAAwQE
W44wAwQCuXZkAwQBwyJWAwQE2auwMA0EAgACMAcDBQAqAgTYMA0GCSqGSIb3DQEB
CwUAA4IBAQBbOfW1xE0Lpcy5Cr5bSYVhmHvKW6l3v5/E0yXFkoXlTBkAkqHZzi3S
GCPkD3Tem8C6wwuOmQWxINP8UeLJdSjEWi1Gvto9Ry/LOdI0Qjd1JwSW4XdcOe30
jS7pCOqoXBPjyuNEmHWsdxYdysFbGFLIp82mr/woc99jnrosi4Va60I334tpqX4e
jSLB6uSowlsnjhLRQ79sf7OHuVHt/KBxjUPKfmrIEEjHQ+E/HCeiocPuhoV/iqPE
Sdd3CJ/mAKPdQE09DFtCOb1ZXZ67ZN8GHdkW/N8lcN/2ETP5BQ1G0XmNSV3lsGis
vPABidA9it3FC0pnucqWHJkJPYPUdIlj
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:37:05 2025 by rpki-client