Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/WjFO8uFxvW1-8laE17pQv7-HyQs.roa
File: WjFO8uFxvW1-8laE17pQv7-HyQs.roa (raw, json)
Hash identifier: NVke4u5tF/KY2RZs58nU8EXLuMJ+JIiOl6703pP4dbE=
Subject key identifier: 5A:31:4E:F2:E1:71:BD:6D:7E:F2:56:84:D7:BA:50:BF:BF:87:C9:0B
Certificate issuer: /CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Certificate serial: 018FA647A030C24E840CFCE7CF4346614656
Authority key identifier: 21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/WjFO8uFxvW1-8laE17pQv7-HyQs.roa
Signing time: Thu 23 May 2024 16:27:42 +0000
ROA not before: Thu 23 May 2024 16:27:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57809
IP address blocks: 91.212.26.0/24 maxlen: 24
185.177.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a6:47:a0:30:c2:4e:84:0c:fc:e7:cf:43:46:61:46:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Validity
Not Before: May 23 16:27:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a314ef2e171bd6d7ef25684d7ba50bfbf87c90b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:18:43:ea:a9:f1:c2:2c:16:e8:df:04:71:6b:
ab:27:42:44:1b:1f:24:02:9a:ac:eb:a9:cb:21:85:
9b:2b:15:4f:97:a9:3a:c2:93:29:df:8e:4d:7c:42:
b7:13:d9:b7:90:30:b4:f8:0a:88:cf:9b:06:4a:cf:
91:ae:62:a0:44:ac:d8:be:17:2b:cb:9a:b4:0b:86:
cb:24:04:2f:39:f8:f3:ae:a4:12:5e:e2:f0:fd:af:
56:e7:df:6e:cb:f7:32:43:79:d0:25:bc:96:5c:0a:
17:5a:53:84:19:c3:9a:73:aa:11:44:ae:6b:f0:25:
84:cc:86:d8:99:5a:7b:99:6d:b8:fa:54:bc:c3:f4:
3c:99:e9:33:5c:8f:df:15:e1:44:d1:3a:70:38:54:
e7:6e:5f:ea:d4:d7:14:06:7d:26:29:84:01:d4:a7:
8b:64:c0:8b:ad:f0:72:30:7e:9d:e4:31:60:05:f4:
01:18:be:6d:43:15:0d:bc:d8:b1:e5:83:28:ba:dd:
21:1f:98:32:3c:f9:6e:04:54:10:b4:7a:92:52:73:
9c:44:23:4a:03:95:c7:4e:44:95:4e:93:0d:bc:2f:
53:98:ba:a9:2d:2c:4c:cf:33:84:01:a4:74:69:dd:
64:b1:27:86:c9:50:25:1d:7f:0a:cd:4c:32:96:e1:
e3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:31:4E:F2:E1:71:BD:6D:7E:F2:56:84:D7:BA:50:BF:BF:87:C9:0B
X509v3 Authority Key Identifier:
keyid:21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/WjFO8uFxvW1-8laE17pQv7-HyQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.26.0/24
185.177.44.0/24
Signature Algorithm: sha256WithRSAEncryption
52:44:a2:fa:f5:a1:51:c9:45:f8:b6:37:8a:8f:14:82:4d:e9:
06:90:6a:53:7d:c3:34:68:9a:14:f1:a9:3f:95:31:78:d5:cf:
4f:7c:32:33:86:83:b2:14:61:99:fe:67:d8:36:70:66:b2:c8:
91:de:a4:3f:56:40:3d:a5:54:97:1b:51:7a:17:f5:78:a5:42:
77:57:7b:68:ba:d7:9f:1f:58:86:7a:db:f2:8d:e3:a4:91:1d:
b5:d1:ee:23:e9:1a:71:57:9e:f1:5e:cc:7c:e9:28:77:33:18:
42:34:3e:71:01:1a:33:82:41:2c:98:7a:7d:59:89:0b:83:c2:
0e:d4:f1:50:27:b7:14:6e:01:75:8a:e1:19:9f:74:05:78:bd:
4a:e3:d1:a5:3f:6e:0c:f6:ee:d2:0b:29:a6:c3:20:c9:36:14:
a9:1d:95:f3:44:6d:08:99:70:a3:2f:52:a9:de:df:fc:6d:38:
6d:c5:8c:e4:d1:c4:8a:81:56:18:89:b6:5f:de:fa:55:47:af:
42:09:43:82:a4:ec:b3:36:16:b4:db:91:49:9b:62:fa:e1:db:
19:b2:6f:c9:34:cf:27:1d:28:10:1c:96:e7:83:78:da:49:a8:
2b:21:b2:e7:87:a2:c6:28:11:5a:4d:c6:ce:3e:7e:83:9b:c2:
af:fc:a8:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+mR6Awwk6EDPznz0NGYUZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxY2IyYWMzNzdmYzYwM2Y5NWZhZWNjNTRhYzdkNTkwZjJj
YzMxOWQwHhcNMjQwNTIzMTYyNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTMxNGVmMmUxNzFiZDZkN2VmMjU2ODRkN2JhNTBiZmJmODdjOTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RhD6qnxwiwW6N8EcWurJ0JEGx8k
Apqs66nLIYWbKxVPl6k6wpMp345NfEK3E9m3kDC0+AqIz5sGSs+RrmKgRKzYvhcr
y5q0C4bLJAQvOfjzrqQSXuLw/a9W599uy/cyQ3nQJbyWXAoXWlOEGcOac6oRRK5r
8CWEzIbYmVp7mW24+lS8w/Q8mekzXI/fFeFE0TpwOFTnbl/q1NcUBn0mKYQB1KeL
ZMCLrfByMH6d5DFgBfQBGL5tQxUNvNix5YMout0hH5gyPPluBFQQtHqSUnOcRCNK
A5XHTkSVTpMNvC9TmLqpLSxMzzOEAaR0ad1ksSeGyVAlHX8KzUwyluHjhQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFoxTvLhcb1tfvJWhNe6UL+/h8kLMB8GA1UdIwQY
MBaAFCHLKsN3/GA/lfrsxUrH1ZDyzDGdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUt
ZmI0MGQ2ZGEyNDY4LzEvV2pGTzh1Rnh2VzEtOGxhRTE3cFF2Ny1IeVFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUtZmI0MGQ2ZGEyNDY4
LzEvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9QaAwQA
ubEsMA0GCSqGSIb3DQEBCwUAA4IBAQBSRKL69aFRyUX4tjeKjxSCTekGkGpTfcM0
aJoU8ak/lTF41c9PfDIzhoOyFGGZ/mfYNnBmssiR3qQ/VkA9pVSXG1F6F/V4pUJ3
V3toutefH1iGetvyjeOkkR210e4j6RpxV57xXsx86Sh3MxhCND5xARozgkEsmHp9
WYkLg8IO1PFQJ7cUbgF1iuEZn3QFeL1K49GlP24M9u7SCymmwyDJNhSpHZXzRG0I
mXCjL1Kp3t/8bThtxYzk0cSKgVYYibZf3vpVR69CCUOCpOyzNha025FJm2L64dsZ
sm/JNM8nHSgQHJbng3jaSagrIbLnh6LGKBFaTcbOPn6Dm8Kv/KgF
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:57:15 2025 by rpki-client