Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/W1WRjQdIeZ2MxWCaqtxj-kvPzp0.roa
File: W1WRjQdIeZ2MxWCaqtxj-kvPzp0.roa (raw, json)
Hash identifier: HdOj9tjRg+u/UuB+csXPGua4gQSMXsKSHRs+N+NpSII=
Subject key identifier: 5B:55:91:8D:07:48:79:9D:8C:C5:60:9A:AA:DC:63:FA:4B:CF:CE:9D
Certificate issuer: /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial: 0192044E3D8F98BB7020735D4DDD148E682F
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/W1WRjQdIeZ2MxWCaqtxj-kvPzp0.roa
Signing time: Wed 18 Sep 2024 08:44:49 +0000
ROA not before: Wed 18 Sep 2024 08:44:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 51.198.64.0/23 maxlen: 24
51.198.66.0/23 maxlen: 24
51.198.70.0/23 maxlen: 24
51.199.252.0/23 maxlen: 24
51.199.254.0/23 maxlen: 24
2a06:5901:8000::/40 maxlen: 48
2a06:5901:8100::/40 maxlen: 48
2a06:5901:8200::/40 maxlen: 48
2a06:5901:8300::/40 maxlen: 48
2a06:5901:8500::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:04:4e:3d:8f:98:bb:70:20:73:5d:4d:dd:14:8e:68:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Validity
Not Before: Sep 18 08:44:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b55918d0748799d8cc5609aaadc63fa4bcfce9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:9f:24:bd:9f:03:47:37:0d:e6:0c:08:47:27:
f3:06:fd:38:5b:10:8a:4b:8e:57:4a:39:ba:42:e7:
60:50:58:72:b2:80:69:4e:7e:10:b5:79:d4:e1:5c:
6b:59:ca:7a:5d:94:db:68:e4:da:4e:1f:09:56:5d:
94:a7:1f:45:07:1d:c8:3f:73:32:58:46:7d:72:71:
88:97:27:12:59:a4:fb:20:cc:f1:66:9b:05:74:c5:
3e:f2:58:af:b2:bb:a1:33:e0:15:61:bd:95:a3:a2:
f8:62:ae:16:7e:c1:90:09:27:b4:5d:d4:21:63:95:
0c:6b:0b:bf:7d:96:82:59:3a:53:76:c4:9b:8a:a4:
da:42:b1:ed:2d:f8:31:d2:a7:90:1a:ed:8a:18:8e:
be:08:88:12:ac:b5:d9:5e:89:42:70:59:4e:d6:2b:
ca:bf:6d:cb:a3:b3:07:4d:d3:93:c1:15:ae:2b:73:
82:3c:64:06:fc:a5:c4:ab:b8:e2:d5:63:00:5d:6a:
1c:23:36:6c:40:ec:10:f9:24:43:cf:46:8c:fe:8a:
c3:ed:ee:d0:94:0a:bd:5b:dd:6c:8c:df:66:43:02:
3b:50:c9:72:c2:c8:cf:34:b6:ec:92:14:e4:15:ff:
87:7a:b8:82:b2:3c:51:a3:8b:9e:60:43:46:9b:2b:
3d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:55:91:8D:07:48:79:9D:8C:C5:60:9A:AA:DC:63:FA:4B:CF:CE:9D
X509v3 Authority Key Identifier:
keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/W1WRjQdIeZ2MxWCaqtxj-kvPzp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.198.64.0/22
51.198.70.0/23
51.199.252.0/22
IPv6:
2a06:5901:8000::/38
2a06:5901:8500::/40
Signature Algorithm: sha256WithRSAEncryption
58:5e:78:22:a5:21:cc:36:d2:53:a6:3f:7a:9d:91:76:2c:9e:
60:95:6e:10:0a:bf:d3:7f:ae:09:cc:5e:6b:0d:39:d2:aa:b0:
e3:79:99:fc:8c:c1:d2:e6:22:b0:3a:d3:c3:f4:e9:d2:25:0a:
9d:65:9d:3d:f7:b5:10:3e:94:5d:bd:50:d0:cb:78:3e:92:b3:
75:c1:92:3d:1a:fa:86:59:6f:70:b1:11:16:8a:51:22:32:3a:
97:46:96:47:ea:36:ef:63:9f:48:3e:f1:2a:50:02:74:22:71:
41:f5:5a:e9:51:b1:c9:16:ec:5a:77:40:db:e2:47:b3:85:52:
e7:6a:05:1a:78:35:bb:7c:7f:29:88:69:56:2d:e6:8a:ae:32:
5a:3a:28:20:bf:8a:06:87:83:4b:c9:ae:a4:75:4e:50:10:f1:
7b:1d:37:c3:be:53:d0:5b:b0:a2:ac:ee:b6:f5:62:56:7a:74:
36:fb:c1:1e:e9:b5:74:df:ac:e1:60:6a:bc:e8:5e:72:f7:00:
41:04:da:8c:b6:fa:dd:86:55:93:67:91:e9:db:76:20:41:b1:
f3:05:aa:11:a7:2c:93:33:5c:1b:dc:1f:27:21:91:86:25:ea:
85:c9:ad:f5:e2:95:9a:07:4c:b1:c1:a8:b0:be:37:3e:7c:91:
44:57:45:c8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZIETj2PmLtwIHNdTd0UjmgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MWQ0YTQzNzRkZjIyMmFjMzIzNWI5NjAyMjA2ZDk2YmYx
ZGFjODIwHhcNMjQwOTE4MDg0NDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjU1OTE4ZDA3NDg3OTlkOGNjNTYwOWFhYWRjNjNmYTRiY2ZjZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4J8kvZ8DRzcN5gwIRyfzBv04WxCK
S45XSjm6QudgUFhysoBpTn4QtXnU4VxrWcp6XZTbaOTaTh8JVl2Upx9FBx3IP3My
WEZ9cnGIlycSWaT7IMzxZpsFdMU+8livsruhM+AVYb2Vo6L4Yq4WfsGQCSe0XdQh
Y5UMawu/fZaCWTpTdsSbiqTaQrHtLfgx0qeQGu2KGI6+CIgSrLXZXolCcFlO1ivK
v23Lo7MHTdOTwRWuK3OCPGQG/KXEq7ji1WMAXWocIzZsQOwQ+SRDz0aM/orD7e7Q
lAq9W91sjN9mQwI7UMlywsjPNLbskhTkFf+HeriCsjxRo4ueYENGmys9IwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFtVkY0HSHmdjMVgmqrcY/pLz86dMB8GA1UdIwQY
MBaAFPcdSkN03yIqwyNblgIgbZa/HayCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUt
ZTlhYzJiMDAzMTZhLzEvVzFXUmpRZEllWjJNeFdDYXF0eGota3ZQenAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUtZTlhYzJiMDAzMTZh
LzEvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCM8ZAAwQB
M8ZGAwQCM8f8MBYEAgACMBADBgIqBlkBgAMGACoGWQGFMA0GCSqGSIb3DQEBCwUA
A4IBAQBYXngipSHMNtJTpj96nZF2LJ5glW4QCr/Tf64JzF5rDTnSqrDjeZn8jMHS
5iKwOtPD9OnSJQqdZZ0997UQPpRdvVDQy3g+krN1wZI9GvqGWW9wsREWilEiMjqX
RpZH6jbvY59IPvEqUAJ0InFB9VrpUbHJFuxad0Db4kezhVLnagUaeDW7fH8piGlW
LeaKrjJaOiggv4oGh4NLya6kdU5QEPF7HTfDvlPQW7CirO629WJWenQ2+8Ee6bV0
36zhYGq86F5y9wBBBNqMtvrdhlWTZ5Hp23YgQbHzBaoRpyyTM1wb3B8nIZGGJeqF
ya314pWaB0yxwaiwvjc+fJFEV0XI
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:06 2025 by rpki-client