Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/WpSYIWIayTNR0zTPOJv6S-xeQqY.roa
File: WpSYIWIayTNR0zTPOJv6S-xeQqY.roa (raw, json)
Hash identifier: cGYt+8W3CFBqy3embbClK6HHdufdMoseGnp+oBgb1vc=
Subject key identifier: 5A:94:98:21:62:1A:C9:33:51:D3:34:CF:38:9B:FA:4B:EC:5E:42:A6
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0196AA77A8C555CA81174FB2311E52215960
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/WpSYIWIayTNR0zTPOJv6S-xeQqY.roa
Signing time: Wed 07 May 2025 11:18:10 +0000
ROA not before: Wed 07 May 2025 11:18:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 159.148.136.0/24 maxlen: 24
159.148.137.0/24 maxlen: 24
159.148.140.0/24 maxlen: 24
159.148.184.0/24 maxlen: 24
159.148.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 May 2025 13:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:aa:77:a8:c5:55:ca:81:17:4f:b2:31:1e:52:21:59:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: May 7 11:18:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a949821621ac93351d334cf389bfa4bec5e42a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a1:43:6f:97:e7:ed:36:4f:7d:e1:6b:5f:cd:
1b:0f:bf:69:47:df:2f:9a:61:90:3f:d9:57:9f:15:
bf:b6:13:ef:df:48:12:07:35:4e:77:53:f0:4e:c4:
80:ea:0a:d1:43:ed:3d:0d:b3:91:da:5d:89:38:de:
5e:80:2d:ce:c7:84:fc:e4:78:a3:44:3e:1b:44:97:
44:7c:fe:e1:bf:fb:fc:9a:c7:7c:be:d8:64:bb:02:
02:6d:d5:b5:9d:18:aa:10:6c:61:38:73:ea:59:10:
20:89:a2:78:f3:06:34:d9:dd:26:ab:9e:45:64:67:
d7:e3:b5:90:2b:ce:1a:23:fb:b1:5f:2c:6c:c1:6f:
e0:6c:e0:2c:16:59:4d:77:4f:48:bc:72:ae:97:95:
65:51:6e:f2:98:d5:60:96:49:f8:c2:3e:3d:60:2a:
92:09:2e:bf:8c:50:1a:72:49:e4:36:a9:3c:9b:31:
0c:4f:a2:50:71:11:56:65:2a:81:35:db:b4:97:1f:
b1:ec:c7:3b:d8:b4:2a:e9:bb:41:e4:9e:de:e6:3d:
a8:2a:6d:7b:3a:d3:f1:18:7e:f1:41:f5:16:36:34:
90:8b:fa:af:73:d2:eb:c0:b5:60:49:a9:c3:b7:76:
e7:2d:1c:cd:a7:25:ca:a9:27:3f:82:72:f7:24:27:
01:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:94:98:21:62:1A:C9:33:51:D3:34:CF:38:9B:FA:4B:EC:5E:42:A6
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/WpSYIWIayTNR0zTPOJv6S-xeQqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.136.0/23
159.148.140.0/24
159.148.184.0/24
159.148.224.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:61:87:a4:17:d4:68:a4:61:ed:d0:4d:f7:fb:6e:c7:b7:a6:
9b:14:3e:b1:36:53:85:c4:52:26:e8:62:13:b2:ef:fc:20:ac:
aa:a0:f7:c4:e6:93:4d:77:e6:92:44:7e:2c:85:4f:44:6d:03:
13:80:57:d2:cd:62:58:c7:64:e5:48:da:40:ba:f6:4b:ab:8b:
20:5f:b1:dd:0e:da:fe:e6:ea:48:11:55:3f:7b:ad:12:18:97:
7c:6a:0a:62:35:3d:01:e8:7f:d2:d0:ae:4a:c4:54:4e:5d:d2:
ac:da:ee:a2:27:8c:18:8a:7c:0a:a7:64:6e:d0:97:e9:ae:85:
69:69:eb:4b:04:d3:95:b8:c6:ab:e9:08:dd:ea:f2:23:c4:27:
7c:9a:d1:47:97:a1:9a:f3:01:70:15:88:9c:ef:d6:6d:ba:f8:
50:d2:f4:09:10:f2:12:30:de:1b:0b:a2:83:35:15:5a:02:57:
9d:1a:13:36:18:04:31:fc:ec:df:17:c9:cf:30:dd:6d:01:85:
35:b4:ec:cb:bb:d6:d5:42:3a:b8:3d:29:a1:03:3e:16:c6:58:
5d:0e:92:32:01:c5:bf:d7:c8:d3:42:88:46:84:38:d5:15:8d:
63:92:d8:a2:19:05:c2:e7:e3:42:9a:ce:6c:a1:94:64:46:c5:
8e:b0:cc:d8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZaqd6jFVcqBF0+yMR5SIVlgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwNTA3MTExODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTk0OTgyMTYyMWFjOTMzNTFkMzM0Y2YzODliZmE0YmVjNWU0MmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qFDb5fn7TZPfeFrX80bD79pR98v
mmGQP9lXnxW/thPv30gSBzVOd1PwTsSA6grRQ+09DbOR2l2JON5egC3Ox4T85Hij
RD4bRJdEfP7hv/v8msd8vthkuwICbdW1nRiqEGxhOHPqWRAgiaJ48wY02d0mq55F
ZGfX47WQK84aI/uxXyxswW/gbOAsFllNd09IvHKul5VlUW7ymNVglkn4wj49YCqS
CS6/jFAacknkNqk8mzEMT6JQcRFWZSqBNdu0lx+x7Mc72LQq6btB5J7e5j2oKm17
OtPxGH7xQfUWNjSQi/qvc9LrwLVgSanDt3bnLRzNpyXKqSc/gnL3JCcBWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFqUmCFiGskzUdM0zzib+kvsXkKmMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvV3BTWUlXSWF5VE5SMHpUUE9KdjZTLXhlUXFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBn5SIAwQA
n5SMAwQAn5S4AwQAn5TgMA0GCSqGSIb3DQEBCwUAA4IBAQAOYYekF9RopGHt0E33
+27Ht6abFD6xNlOFxFIm6GITsu/8IKyqoPfE5pNNd+aSRH4shU9EbQMTgFfSzWJY
x2TlSNpAuvZLq4sgX7HdDtr+5upIEVU/e60SGJd8agpiNT0B6H/S0K5KxFROXdKs
2u6iJ4wYinwKp2Ru0JfproVpaetLBNOVuMar6Qjd6vIjxCd8mtFHl6Ga8wFwFYic
79ZtuvhQ0vQJEPISMN4bC6KDNRVaAledGhM2GAQx/OzfF8nPMN1tAYU1tOzLu9bV
Qjq4PSmhAz4WxlhdDpIyAcW/18jTQohGhDjVFY1jktiiGQXC5+NCms5soZRkRsWO
sMzY
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:21:51 2025 by rpki-client