Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/13150c-85da-458d-bc6c-9e24968e6664/1/WDAg4lQjP4uLvaLEoH2QPmw642I.roa
File: WDAg4lQjP4uLvaLEoH2QPmw642I.roa (raw, json)
Hash identifier: zSKo5ZMdgxPBBrxGMoSPTwmkIu6AUhlLZF0lZh7LOqs=
Subject key identifier: 58:30:20:E2:54:23:3F:8B:8B:BD:A2:C4:A0:7D:90:3E:6C:3A:E3:62
Certificate issuer: /CN=63a759b06e6fed03b0930749153fc16a12a501e0
Certificate serial: 018CC5000D522CCE65A1455CA6997AC89F54
Authority key identifier: 63:A7:59:B0:6E:6F:ED:03:B0:93:07:49:15:3F:C1:6A:12:A5:01:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y6dZsG5v7QOwkwdJFT_BahKlAeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/13150c-85da-458d-bc6c-9e24968e6664/1/WDAg4lQjP4uLvaLEoH2QPmw642I.roa
Signing time: Mon 01 Jan 2024 12:29:24 +0000
ROA not before: Mon 01 Jan 2024 12:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207589
IP address blocks: 89.40.210.0/24 maxlen: 24
91.205.43.0/24 maxlen: 24
185.109.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:0d:52:2c:ce:65:a1:45:5c:a6:99:7a:c8:9f:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63a759b06e6fed03b0930749153fc16a12a501e0
Validity
Not Before: Jan 1 12:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=583020e254233f8b8bbda2c4a07d903e6c3ae362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:dc:be:9e:aa:57:3b:91:ff:2b:65:4a:a6:6e:
90:79:cc:05:cf:9f:1b:9a:ff:fb:03:27:82:8a:cf:
cc:bc:2f:7a:3b:21:e1:0a:cf:1c:79:1c:d8:cb:a6:
67:d0:1c:16:08:f1:aa:e9:73:39:c4:a9:a7:56:df:
39:65:a5:d5:96:cf:9e:c3:d5:a8:48:09:d1:db:b4:
f5:03:31:91:75:65:53:ba:02:25:eb:66:72:00:b5:
d5:1c:69:86:ca:3e:65:54:d0:5a:78:64:d6:66:60:
dc:78:f3:cd:97:63:83:51:84:6b:4f:92:a7:57:5a:
0e:04:0e:03:76:d7:06:b1:2a:22:22:23:1b:be:67:
90:53:e5:d1:cf:bc:10:4e:8d:49:ed:58:dc:17:cc:
5e:33:0f:8d:56:e1:74:94:f6:f7:27:6b:1e:c2:52:
a2:d9:91:36:fa:9a:5a:88:d1:9f:b2:5f:1a:1a:de:
5d:cc:3c:ff:4a:67:c6:8d:09:71:cc:ff:b2:e7:c8:
f5:ec:1d:a7:ed:24:c0:de:96:8d:cf:88:e2:96:f2:
ee:26:a2:25:63:7d:c1:b0:34:a9:e4:0d:67:a4:88:
26:9e:e7:8d:fb:ab:2c:22:6d:71:4b:92:c9:05:af:
0f:81:88:ec:6a:a4:f4:d0:20:b9:4f:06:b4:6c:36:
4e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:30:20:E2:54:23:3F:8B:8B:BD:A2:C4:A0:7D:90:3E:6C:3A:E3:62
X509v3 Authority Key Identifier:
keyid:63:A7:59:B0:6E:6F:ED:03:B0:93:07:49:15:3F:C1:6A:12:A5:01:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y6dZsG5v7QOwkwdJFT_BahKlAeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/13150c-85da-458d-bc6c-9e24968e6664/1/WDAg4lQjP4uLvaLEoH2QPmw642I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/13150c-85da-458d-bc6c-9e24968e6664/1/Y6dZsG5v7QOwkwdJFT_BahKlAeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.210.0/24
91.205.43.0/24
185.109.254.0/24
Signature Algorithm: sha256WithRSAEncryption
60:f0:24:2a:86:17:77:8c:e7:1a:73:e5:83:0c:5f:bf:ef:cf:
98:95:ca:e4:65:b4:1b:c8:10:e0:61:52:e5:d9:af:76:c7:6c:
bd:24:73:73:69:af:3f:77:eb:af:56:fb:0f:81:0a:ed:43:56:
d3:02:61:73:6a:73:50:3c:21:ab:fe:3e:f1:48:78:6e:e2:70:
ee:67:e0:2b:a5:75:c8:ef:d8:50:ac:34:35:3b:7c:9f:cc:6b:
4c:a5:61:08:d4:81:6a:e5:61:b4:ae:89:4a:cc:64:12:21:8b:
ef:19:ab:77:9b:72:3b:24:49:a6:14:95:39:a2:25:67:0d:59:
81:8d:88:72:44:ca:59:5c:b0:9d:43:ee:f6:1d:2e:a9:2e:7a:
a1:46:a4:fc:9f:cd:51:3b:24:a9:a9:0c:5d:16:d0:90:cd:7a:
ec:0c:5f:e9:66:01:13:77:3e:98:94:d9:11:08:fe:64:da:f4:
1d:a9:4f:17:b1:42:b8:2a:0a:2a:f2:04:a7:ee:ed:dc:95:c0:
77:54:f0:ce:bd:4c:e4:b9:dd:08:19:67:b4:5f:7d:58:06:e6:
3e:37:4c:dd:30:27:55:36:93:2c:e6:d6:de:ae:e3:73:1a:72:
91:af:84:d6:35:9c:5a:f4:8b:6f:de:99:32:7b:f2:be:d9:c9:
7c:f9:2a:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFAA1SLM5loUVcppl6yJ9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYTc1OWIwNmU2ZmVkMDNiMDkzMDc0OTE1M2ZjMTZhMTJh
NTAxZTAwHhcNMjQwMTAxMTIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODMwMjBlMjU0MjMzZjhiOGJiZGEyYzRhMDdkOTAzZTZjM2FlMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhty+nqpXO5H/K2VKpm6QecwFz58b
mv/7AyeCis/MvC96OyHhCs8ceRzYy6Zn0BwWCPGq6XM5xKmnVt85ZaXVls+ew9Wo
SAnR27T1AzGRdWVTugIl62ZyALXVHGmGyj5lVNBaeGTWZmDcePPNl2ODUYRrT5Kn
V1oOBA4DdtcGsSoiIiMbvmeQU+XRz7wQTo1J7VjcF8xeMw+NVuF0lPb3J2sewlKi
2ZE2+ppaiNGfsl8aGt5dzDz/SmfGjQlxzP+y58j17B2n7STA3paNz4jilvLuJqIl
Y33BsDSp5A1npIgmnueN+6ssIm1xS5LJBa8PgYjsaqT00CC5Twa0bDZOzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFgwIOJUIz+Li72ixKB9kD5sOuNiMB8GA1UdIwQY
MBaAFGOnWbBub+0DsJMHSRU/wWoSpQHgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTZkWnNHNXY3UU93a3dkSkZUX0JhaEtsQWVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8xMzE1MGMtODVkYS00NThkLWJjNmMt
OWUyNDk2OGU2NjY0LzEvV0RBZzRsUWpQNHVMdmFMRW9IMlFQbXc2NDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8xMzE1MGMtODVkYS00NThkLWJjNmMtOWUyNDk2OGU2NjY0
LzEvWTZkWnNHNXY3UU93a3dkSkZUX0JhaEtsQWVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSjSAwQA
W80rAwQAuW3+MA0GCSqGSIb3DQEBCwUAA4IBAQBg8CQqhhd3jOcac+WDDF+/78+Y
lcrkZbQbyBDgYVLl2a92x2y9JHNzaa8/d+uvVvsPgQrtQ1bTAmFzanNQPCGr/j7x
SHhu4nDuZ+ArpXXI79hQrDQ1O3yfzGtMpWEI1IFq5WG0rolKzGQSIYvvGat3m3I7
JEmmFJU5oiVnDVmBjYhyRMpZXLCdQ+72HS6pLnqhRqT8n81ROySpqQxdFtCQzXrs
DF/pZgETdz6YlNkRCP5k2vQdqU8XsUK4Kgoq8gSn7u3clcB3VPDOvUzkud0IGWe0
X31YBuY+N0zdMCdVNpMs5tberuNzGnKRr4TWNZxa9Itv3pkye/K+2cl8+Src
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:55:56 2025 by rpki-client