Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/wZ3tIJejLP7qpA6-10J9gUfcNNE.roa
File: wZ3tIJejLP7qpA6-10J9gUfcNNE.roa (raw, json)
Hash identifier: BFbDwPLR6I0RBrkKh9A8hW0tvSZ6hCQyL4vPXEemQq8=
Subject key identifier: C1:9D:ED:20:97:A3:2C:FE:EA:A4:0E:BE:D7:42:7D:81:47:DC:34:D1
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 0193C01FB0CF8E9D366C8FE1051AA8C23F21
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/wZ3tIJejLP7qpA6-10J9gUfcNNE.roa
Signing time: Fri 13 Dec 2024 13:05:22 +0000
ROA not before: Fri 13 Dec 2024 13:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12552
IP address blocks: 31.204.64.0/21 maxlen: 24
130.255.160.0/21 maxlen: 24
159.253.216.0/21 maxlen: 24
185.6.8.0/22 maxlen: 24
185.13.96.0/22 maxlen: 24
185.236.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c0:1f:b0:cf:8e:9d:36:6c:8f:e1:05:1a:a8:c2:3f:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: Dec 13 13:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c19ded2097a32cfeeaa40ebed7427d8147dc34d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1d:07:87:9d:fb:4a:7d:2a:35:52:10:43:e9:
ef:a5:6b:ef:e1:3a:ae:b5:ba:ba:8f:29:0e:5d:cb:
1f:a5:bc:2d:9f:29:e8:ef:6d:e8:56:7a:aa:c4:08:
f9:71:1f:2e:f5:a7:2c:91:60:1a:2f:3f:81:c8:e5:
7a:57:26:c5:ce:20:1f:9d:01:37:11:49:9f:12:e3:
7d:a2:fc:79:b2:4f:46:8d:67:dc:4c:bb:71:cc:09:
8b:5c:5b:91:cb:f0:64:1a:68:c6:e8:5c:2a:35:22:
df:79:1e:7d:2f:3c:c7:8a:82:e3:e1:26:24:00:49:
cb:80:fb:88:8e:91:34:0e:d0:d9:ca:6e:e7:b3:87:
04:ab:e7:30:79:3e:99:a0:56:e9:f6:07:6d:47:18:
11:24:50:dd:35:10:8f:4c:c9:43:ab:78:f9:aa:6e:
83:1c:7a:59:1b:fe:8a:b4:b3:27:ef:12:2c:b8:4b:
9b:15:4f:26:84:8e:0b:ef:5d:1e:a9:0f:63:35:0d:
b2:60:13:55:f8:93:de:8a:c6:21:2c:f9:cb:60:8b:
ac:5e:ea:49:96:7a:25:94:eb:9a:a5:49:bd:65:51:
8c:39:f7:7c:8b:ee:0a:cd:13:11:6c:f3:7c:79:ee:
b0:83:84:e8:c2:8c:2d:76:c6:46:39:6e:da:a4:aa:
4f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:9D:ED:20:97:A3:2C:FE:EA:A4:0E:BE:D7:42:7D:81:47:DC:34:D1
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/wZ3tIJejLP7qpA6-10J9gUfcNNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.64.0/21
130.255.160.0/21
159.253.216.0/21
185.6.8.0/22
185.13.96.0/22
185.236.40.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:65:df:05:d8:a1:b9:0b:d8:3c:ee:0f:cf:8a:f9:6a:36:3f:
bd:f4:83:5c:a9:0e:a6:81:09:be:5e:6b:51:16:6e:1f:0d:e0:
0a:80:2a:0d:20:26:6e:84:56:cb:e3:85:47:48:bf:02:ff:38:
f8:75:a7:0a:21:af:74:ec:5e:a1:b4:e0:ab:7c:1f:56:44:92:
ec:53:29:58:b4:57:0f:46:1e:e2:87:b3:9d:53:22:7d:b5:2a:
18:08:bf:07:65:c4:3b:21:29:7a:f6:40:ad:9c:30:f4:10:5b:
96:50:10:79:34:cc:b3:d2:22:a8:d8:5b:e6:8a:cb:b1:4b:39:
c0:63:9f:4d:30:4b:7c:37:52:9d:5a:d0:71:59:50:83:e7:75:
91:72:ac:bb:0b:f2:b7:0e:31:f2:fb:f4:98:78:6a:df:13:ae:
3f:dc:8a:0c:6d:79:83:44:70:a2:5b:62:9c:2d:4c:63:25:5d:
35:df:dd:02:27:8e:16:38:23:09:49:cd:7c:56:80:2c:28:91:
57:fc:3a:75:5d:63:ca:be:4b:2b:00:c1:3b:7b:a7:7b:7f:bc:
0b:a0:2e:6e:8e:f8:cd:aa:18:76:21:e5:c6:03:30:1a:0a:87:
f9:57:60:56:4b:15:13:d6:3b:42:4f:0a:68:6e:bf:53:00:25:
56:56:84:d6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZPAH7DPjp02bI/hBRqowj8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjQxMjEzMTMwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTlkZWQyMDk3YTMyY2ZlZWFhNDBlYmVkNzQyN2Q4MTQ3ZGMzNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhh0Hh537Sn0qNVIQQ+nvpWvv4Tqu
tbq6jykOXcsfpbwtnyno723oVnqqxAj5cR8u9acskWAaLz+ByOV6VybFziAfnQE3
EUmfEuN9ovx5sk9GjWfcTLtxzAmLXFuRy/BkGmjG6FwqNSLfeR59LzzHioLj4SYk
AEnLgPuIjpE0DtDZym7ns4cEq+cweT6ZoFbp9gdtRxgRJFDdNRCPTMlDq3j5qm6D
HHpZG/6KtLMn7xIsuEubFU8mhI4L710eqQ9jNQ2yYBNV+JPeisYhLPnLYIusXupJ
lnollOuapUm9ZVGMOfd8i+4KzRMRbPN8ee6wg4TowowtdsZGOW7apKpPgwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMGd7SCXoyz+6qQOvtdCfYFH3DTRMB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvd1ozdElKZWpMUDdxcEE2LTEwSjlnVWZjTk5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDH8xAAwQD
gv+gAwQDn/3YAwQCuQYIAwQCuQ1gAwQAuewoMA0GCSqGSIb3DQEBCwUAA4IBAQAr
Zd8F2KG5C9g87g/PivlqNj+99INcqQ6mgQm+XmtRFm4fDeAKgCoNICZuhFbL44VH
SL8C/zj4dacKIa907F6htOCrfB9WRJLsUylYtFcPRh7ih7OdUyJ9tSoYCL8HZcQ7
ISl69kCtnDD0EFuWUBB5NMyz0iKo2FvmisuxSznAY59NMEt8N1KdWtBxWVCD53WR
cqy7C/K3DjHy+/SYeGrfE64/3IoMbXmDRHCiW2KcLUxjJV01390CJ44WOCMJSc18
VoAsKJFX/Dp1XWPKvksrAME7e6d7f7wLoC5ujvjNqhh2IeXGAzAaCof5V2BWSxUT
1jtCTwpobr9TACVWVoTW
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:42 2025 by rpki-client