Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/WHLYK35GbcIxgxuVwYFcqYPw7As.roa
File: WHLYK35GbcIxgxuVwYFcqYPw7As.roa (raw, json)
Hash identifier: Te1onP2SEH8gtQy/YbPo1+T+M+8/CvIvUqC1DtCpQJg=
Subject key identifier: 58:72:D8:2B:7E:46:6D:C2:31:83:1B:95:C1:81:5C:A9:83:F0:EC:0B
Certificate issuer: /CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Certificate serial: 0194221FE4892CCAC85AD0CC30DEBBEDC851
Authority key identifier: 01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/WHLYK35GbcIxgxuVwYFcqYPw7As.roa
Signing time: Wed 01 Jan 2025 13:48:23 +0000
ROA not before: Wed 01 Jan 2025 13:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8638
IP address blocks: 89.247.125.0/24 maxlen: 24
89.247.220.0/24 maxlen: 24
2001:1438:f000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 08 Jan 2025 12:04:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e4:89:2c:ca:c8:5a:d0:cc:30:de:bb:ed:c8:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Validity
Not Before: Jan 1 13:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5872d82b7e466dc231831b95c1815ca983f0ec0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:86:45:23:17:e8:1e:5f:cb:2c:ff:41:6d:3d:
28:10:d2:b6:6f:05:00:4d:37:a7:3a:bf:fd:d6:ec:
cf:f7:d3:83:86:0c:04:bc:10:72:f0:ba:c9:64:83:
d2:8e:ef:39:7b:19:f5:88:7f:2a:d4:ac:30:45:b6:
4a:10:73:20:3c:a6:a1:d1:97:76:f4:6a:62:ec:7e:
40:63:15:2a:e2:62:84:5d:63:99:1d:47:6c:92:8e:
ee:61:81:84:47:28:e8:a3:c6:98:f0:36:a7:13:24:
1a:87:5f:5c:65:d9:83:c7:0a:fe:b4:6d:5d:db:bc:
76:90:62:0a:0b:7e:7a:3e:97:5e:d5:07:ad:d2:e8:
6f:00:54:85:cd:9f:6a:fd:8d:b9:aa:db:f9:f8:2c:
9a:42:64:37:00:d0:52:a1:14:72:61:ba:cb:2a:ba:
46:08:ab:47:5d:09:70:fe:86:2d:46:ec:1d:14:36:
c3:47:1a:d8:e3:36:f0:bc:a0:98:08:fc:0c:20:c0:
51:9f:b0:95:97:c0:80:73:8f:7a:33:fb:df:a0:a9:
a3:9a:4b:87:38:40:bf:95:ee:1b:1f:8e:11:fe:0e:
58:61:aa:de:76:17:17:c8:33:c6:c0:f3:7b:ec:a6:
43:18:e9:5a:fa:a0:bd:f8:b6:8f:33:e3:b0:38:9e:
ec:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:72:D8:2B:7E:46:6D:C2:31:83:1B:95:C1:81:5C:A9:83:F0:EC:0B
X509v3 Authority Key Identifier:
keyid:01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/WHLYK35GbcIxgxuVwYFcqYPw7As.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.247.125.0/24
89.247.220.0/24
IPv6:
2001:1438:f000::/36
Signature Algorithm: sha256WithRSAEncryption
91:ea:0a:f4:e9:c1:aa:df:08:ba:c7:89:8b:bd:3d:ba:68:b9:
7b:b9:04:46:4b:d3:88:6f:bb:5c:c7:b4:14:0f:16:83:a6:68:
11:d1:af:1b:cb:33:6b:9d:7f:56:2f:6e:30:6b:09:92:2a:5b:
d3:0d:3d:e7:c0:44:bb:81:cd:7b:28:d2:27:53:fc:5f:3d:95:
9a:b1:d2:df:1c:d5:75:aa:66:87:4b:f7:a6:88:ff:79:95:d7:
cf:4f:e0:e2:99:bd:6a:9f:3d:16:31:a6:a9:c1:55:11:44:07:
b7:eb:e6:de:16:75:3c:ee:f2:bf:2b:ff:2d:45:8c:bb:b4:67:
ca:bd:1c:9d:c7:96:25:a6:6f:91:3f:d5:06:6d:c2:c2:82:20:
70:bf:7d:37:bb:ea:f8:1f:47:9f:dd:77:f0:12:b1:e2:53:c3:
c9:77:cb:31:3e:25:3e:d6:a4:1d:c9:54:01:26:6a:9b:fa:55:
07:b9:40:0f:d0:e6:1b:62:6b:32:46:e9:3b:8e:ca:15:17:45:
b9:26:9b:61:35:54:22:03:d7:4b:3f:72:13:07:73:87:50:96:
a3:61:99:6f:8c:5c:c8:ab:ee:02:cd:c3:92:74:8f:29:5d:a9:
91:71:06:91:bf:dc:2a:87:5a:fd:dd:74:8c:23:ed:7c:52:aa:
f5:b8:de:b1
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQiH+SJLMrIWtDMMN677chRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZDFhMTM1M2Y3ZjhiNTA1ZmM5ODc1MGU4Njc4N2Y0ZTA0
NjQzMmUwHhcNMjUwMTAxMTM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODcyZDgyYjdlNDY2ZGMyMzE4MzFiOTVjMTgxNWNhOTgzZjBlYzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4ZFIxfoHl/LLP9BbT0oENK2bwUA
TTenOr/91uzP99ODhgwEvBBy8LrJZIPSju85exn1iH8q1KwwRbZKEHMgPKah0Zd2
9Gpi7H5AYxUq4mKEXWOZHUdsko7uYYGERyjoo8aY8DanEyQah19cZdmDxwr+tG1d
27x2kGIKC356Ppde1Qet0uhvAFSFzZ9q/Y25qtv5+CyaQmQ3ANBSoRRyYbrLKrpG
CKtHXQlw/oYtRuwdFDbDRxrY4zbwvKCYCPwMIMBRn7CVl8CAc496M/vfoKmjmkuH
OEC/le4bH44R/g5YYaredhcXyDPGwPN77KZDGOla+qC9+LaPM+OwOJ7sDwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFhy2Ct+Rm3CMYMblcGBXKmD8OwLMB8GA1UdIwQY
MBaAFAHRoTU/f4tQX8mHUOhnh/TgRkMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWRHaE5UOV9pMUJmeVlkUTZHZUg5T0JHUXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iMTM5M2QtY2NhOC00YTk3LTgxYWEt
NjQzYTQxNTlhYjQ2LzEvV0hMWUszNUdiY0l4Z3h1VndZRmNxWVB3N0FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iMTM5M2QtY2NhOC00YTk3LTgxYWEtNjQzYTQxNTlhYjQ2
LzEvQWRHaE5UOV9pMUJmeVlkUTZHZUg5T0JHUXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAWfd9AwQA
WffcMA4EAgACMAgDBgQgARQ48DANBgkqhkiG9w0BAQsFAAOCAQEAkeoK9OnBqt8I
useJi709umi5e7kERkvTiG+7XMe0FA8Wg6ZoEdGvG8sza51/Vi9uMGsJkipb0w09
58BEu4HNeyjSJ1P8Xz2VmrHS3xzVdapmh0v3poj/eZXXz0/g4pm9ap89FjGmqcFV
EUQHt+vm3hZ1PO7yvyv/LUWMu7Rnyr0cnceWJaZvkT/VBm3CwoIgcL99N7vq+B9H
n9138BKx4lPDyXfLMT4lPtakHclUASZqm/pVB7lAD9DmG2JrMkbpO47KFRdFuSab
YTVUIgPXSz9yEwdzh1CWo2GZb4xcyKvuAs3DknSPKV2pkXEGkb/cKoda/d10jCPt
fFKq9bjesQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 15:04:53 2025 by rpki-client