Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/wcWKsrYhKN0NGh2SeLPvUmqRLgk.roa
File: wcWKsrYhKN0NGh2SeLPvUmqRLgk.roa (raw, json)
Hash identifier: 4SHRTJJ2B+jrRlLPlzliCXE3iFNusTJ1qs/DTjHSoNI=
Subject key identifier: C1:C5:8A:B2:B6:21:28:DD:0D:1A:1D:92:78:B3:EF:52:6A:91:2E:09
Certificate issuer: /CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Certificate serial: 01970CF6DF4EFB6E9CB66A9698AB35EF91AE
Authority key identifier: 5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/wcWKsrYhKN0NGh2SeLPvUmqRLgk.roa
Signing time: Mon 26 May 2025 14:19:54 +0000
ROA not before: Mon 26 May 2025 14:19:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202391
IP address blocks: 91.237.254.0/24 maxlen: 24
91.237.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 May 2025 16:20:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:f6:df:4e:fb:6e:9c:b6:6a:96:98:ab:35:ef:91:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Validity
Not Before: May 26 14:19:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1c58ab2b62128dd0d1a1d9278b3ef526a912e09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:52:1c:d4:87:7c:f3:69:61:ce:fc:11:d6:bc:
94:64:45:89:4b:ae:d1:a3:b9:0e:82:01:c0:ff:62:
40:38:a4:a1:ec:81:4f:ab:92:35:c4:05:fc:6a:78:
d6:7c:ce:d4:37:5f:27:d4:a5:24:58:7e:6a:62:56:
5b:21:97:b1:52:e0:cc:54:8f:69:ed:45:7e:6a:74:
3a:9f:09:f6:20:ad:c8:73:3d:70:dd:1f:39:ed:cd:
3d:db:d6:02:1c:1e:cf:f1:7e:ba:08:4f:55:3b:c7:
b9:67:ae:24:d4:86:e2:de:57:11:7a:3f:fa:a5:a8:
63:8a:c7:37:d3:a8:79:31:0f:48:66:98:18:3e:e5:
86:c3:da:b6:2b:b1:09:42:e4:0b:d3:64:c7:ae:0d:
da:3e:ec:5d:05:3a:6e:17:9b:51:a7:22:7d:19:11:
9a:ae:74:5e:7f:8d:85:c6:d7:34:35:01:0b:f6:7d:
92:be:d2:e9:4d:f1:44:29:50:fa:73:fc:60:f9:ba:
f8:85:50:52:c5:80:19:2e:07:7e:51:70:9b:a0:3c:
99:df:9d:ab:d4:66:9d:31:a5:c9:05:ea:df:21:2a:
cb:b2:92:f4:ca:9f:8f:c6:e0:83:4f:09:f1:39:d7:
84:f0:79:3f:36:9d:af:bf:24:a1:6f:e8:61:ad:60:
7a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C5:8A:B2:B6:21:28:DD:0D:1A:1D:92:78:B3:EF:52:6A:91:2E:09
X509v3 Authority Key Identifier:
keyid:5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/wcWKsrYhKN0NGh2SeLPvUmqRLgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.254.0/23
Signature Algorithm: sha256WithRSAEncryption
93:51:bf:fe:cb:a9:d0:53:e6:79:78:dd:cd:22:28:98:78:b8:
a9:dd:2a:fb:bb:ba:2f:17:dc:46:d0:b3:d2:e3:82:c8:8f:6f:
2b:57:62:bb:49:05:b2:ce:f5:e0:a1:b1:ce:cf:28:4e:b2:c0:
b9:c7:cb:96:0c:27:c6:f5:6b:47:f8:28:5e:9c:b2:5b:d3:c1:
6d:fc:71:d2:df:b2:14:8e:eb:28:03:13:f4:7d:03:39:16:88:
2b:53:74:de:45:ae:52:9b:12:be:07:99:d3:25:32:d0:dd:d9:
ea:c9:59:f2:2c:ff:84:dc:09:fe:d4:c6:06:00:20:90:03:b6:
29:39:57:f0:4a:68:14:0f:a2:10:a3:cf:0e:89:9b:f9:41:59:
3f:f0:32:d8:5e:8a:6d:ce:3c:6b:11:b9:84:87:05:1e:da:ab:
e2:f3:0f:4c:1c:f9:b4:6e:d8:76:7f:91:e8:1b:38:54:1f:c6:
23:3a:7d:ef:3e:48:24:cd:7b:e0:90:ae:9c:ab:1b:78:69:55:
e2:90:f7:94:05:32:70:83:7c:84:d8:d2:ab:ce:a7:f0:b9:7b:
00:56:38:c4:25:c6:8f:02:ef:02:07:e3:80:75:ab:24:56:e3:
94:31:93:20:91:1c:37:e1:ac:8f:b8:bb:9d:95:e2:7e:ce:a8:
85:74:53:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcM9t9O+26ctmqWmKs175GuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNWU2NmIyNzU5ZTUwYmI2OWJiMGE0NDA5ZWViM2JhNDhj
NDZjNTYwHhcNMjUwNTI2MTQxOTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWM1OGFiMmI2MjEyOGRkMGQxYTFkOTI3OGIzZWY1MjZhOTEyZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11Ic1Id882lhzvwR1ryUZEWJS67R
o7kOggHA/2JAOKSh7IFPq5I1xAX8anjWfM7UN18n1KUkWH5qYlZbIZexUuDMVI9p
7UV+anQ6nwn2IK3Icz1w3R857c0929YCHB7P8X66CE9VO8e5Z64k1Ibi3lcRej/6
pahjisc306h5MQ9IZpgYPuWGw9q2K7EJQuQL02THrg3aPuxdBTpuF5tRpyJ9GRGa
rnRef42Fxtc0NQEL9n2SvtLpTfFEKVD6c/xg+br4hVBSxYAZLgd+UXCboDyZ352r
1GadMaXJBerfISrLspL0yp+PxuCDTwnxOdeE8Hk/Np2vvyShb+hhrWB6fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMHFirK2ISjdDRodkniz71JqkS4JMB8GA1UdIwQY
MBaAFFpeZrJ1nlC7absKRAnus7pIxGxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWIt
NjUzZjIzOWZlOWEwLzEvd2NXS3NyWWhLTjBOR2gyU2VMUHZVbXFSTGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWItNjUzZjIzOWZlOWEw
LzEvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+3+MA0G
CSqGSIb3DQEBCwUAA4IBAQCTUb/+y6nQU+Z5eN3NIiiYeLip3Sr7u7ovF9xG0LPS
44LIj28rV2K7SQWyzvXgobHOzyhOssC5x8uWDCfG9WtH+ChenLJb08Ft/HHS37IU
jusoAxP0fQM5FogrU3TeRa5SmxK+B5nTJTLQ3dnqyVnyLP+E3An+1MYGACCQA7Yp
OVfwSmgUD6IQo88OiZv5QVk/8DLYXoptzjxrEbmEhwUe2qvi8w9MHPm0bth2f5Ho
GzhUH8YjOn3vPkgkzXvgkK6cqxt4aVXikPeUBTJwg3yE2NKrzqfwuXsAVjjEJcaP
Au8CB+OAdaskVuOUMZMgkRw34ayPuLudleJ+zqiFdFMD
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:40:34 2025 by rpki-client