Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/Ww4bmXfusTZ-UgY768aiSzmcTbk.roa
File: Ww4bmXfusTZ-UgY768aiSzmcTbk.roa (raw, json)
Hash identifier: yrQRX7fxWnMaL5LeyXLUjZwEkWSzkh7ey8djXSwJQ3c=
Subject key identifier: 5B:0E:1B:99:77:EE:B1:36:7E:52:06:3B:EB:C6:A2:4B:39:9C:4D:B9
Certificate issuer: /CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Certificate serial: 019425220F85ADEF22B75A12840EC23D2373
Authority key identifier: D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/Ww4bmXfusTZ-UgY768aiSzmcTbk.roa
Signing time: Thu 02 Jan 2025 03:49:36 +0000
ROA not before: Thu 02 Jan 2025 03:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48283
IP address blocks: 194.0.28.0/24 maxlen: 24
194.0.29.0/24 maxlen: 24
194.0.30.0/24 maxlen: 24
194.0.31.0/24 maxlen: 24
2001:678:2c::/48 maxlen: 48
2001:678:30::/48 maxlen: 48
2001:678:34::/48 maxlen: 48
2001:678:38::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 14 Feb 2025 14:10:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:0f:85:ad:ef:22:b7:5a:12:84:0e:c2:3d:23:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Validity
Not Before: Jan 2 03:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b0e1b9977eeb1367e52063bebc6a24b399c4db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1f:27:f1:97:8d:5c:14:27:41:1b:65:e4:5d:
11:a2:42:01:fd:aa:84:af:08:fb:27:f8:ef:3e:e1:
11:cf:50:7f:01:4b:c6:be:8b:45:0f:94:b8:b9:f6:
88:d9:8d:c8:8a:c6:bd:ac:67:8f:d5:41:d3:76:14:
1d:91:9f:3f:2f:f1:ed:23:a3:29:84:06:ad:59:35:
93:0b:88:a1:e0:eb:c0:2b:f0:d2:22:32:d7:5b:78:
14:23:2c:38:bc:83:60:68:65:d6:79:ce:4a:07:bc:
2b:30:35:18:64:49:da:88:4a:9d:16:4e:1f:4b:31:
cd:52:86:1a:8b:fe:d1:c5:b7:e4:64:ca:f9:97:fb:
08:f4:f1:00:3f:89:d7:ce:3f:be:dc:48:aa:a5:fa:
3e:d8:8f:e3:47:d0:c3:7d:ed:2a:b7:fe:aa:b6:13:
18:2b:9a:ea:4c:77:8c:75:a8:d9:65:46:68:6a:ff:
20:d7:09:ec:10:62:ed:8d:50:c8:a4:b3:84:55:21:
08:d4:6e:36:0d:d9:d2:01:e8:ee:07:02:79:eb:f0:
4c:25:5b:00:1e:ca:6d:85:05:0c:ef:22:d7:5b:89:
b8:f5:2d:64:74:ab:60:67:3c:1a:76:e3:ae:f8:ab:
ca:b5:6d:1a:b3:66:c8:10:c9:63:88:1c:51:17:ae:
db:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:0E:1B:99:77:EE:B1:36:7E:52:06:3B:EB:C6:A2:4B:39:9C:4D:B9
X509v3 Authority Key Identifier:
keyid:D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/Ww4bmXfusTZ-UgY768aiSzmcTbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.28.0/22
IPv6:
2001:678:2c::/48
2001:678:30::/48
2001:678:34::/48
2001:678:38::/48
Signature Algorithm: sha256WithRSAEncryption
93:9a:e9:8f:5e:e4:0c:b5:bb:fa:af:71:fe:7b:0a:31:87:01:
ef:fc:c8:b8:02:31:8b:76:6d:a4:a9:d6:b0:5b:0c:e4:b6:fa:
da:7a:01:0f:d2:55:e4:42:91:2d:cc:95:5d:9f:11:50:56:1f:
5e:2a:d5:f8:56:5d:44:57:39:2b:95:e1:1d:09:cb:85:d3:c3:
7e:d4:1f:7d:d7:c1:99:3e:26:ec:d3:8e:34:aa:65:37:eb:59:
02:a0:3f:70:2a:16:09:f8:7d:81:a3:45:8d:ea:b3:e6:02:0f:
d9:3b:5d:ca:f4:e6:3c:e0:31:0d:60:93:06:7b:57:10:d5:df:
6b:65:46:39:5f:80:b0:a0:34:22:c9:3f:37:a7:17:2e:50:e5:
cb:cb:cb:9c:7a:ee:f5:26:88:77:2b:86:70:55:d6:15:0c:69:
a5:25:8a:e7:e7:fa:18:94:c8:60:78:2f:1c:38:64:f2:1a:02:
66:47:c0:8e:f6:34:1f:e4:ca:b8:bb:02:e6:0b:c0:7a:da:94:
ac:67:46:4a:34:4e:ba:58:da:b2:fe:ae:40:49:c2:33:df:33:
07:c6:d5:46:b5:10:09:b3:4f:4c:4f:01:9d:89:77:b3:19:d2:
ff:e1:7d:73:ac:64:da:0c:37:fb:fd:b3:67:4c:06:9a:ae:83:
43:4b:b9:e1
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQlIg+Fre8it1oShA7CPSNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzJiMGVlMTg3OTI4NDA5MDY1ZDE5ZWU5YzA4NThlOGMx
N2VhMTMwHhcNMjUwMTAyMDM0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjBlMWI5OTc3ZWViMTM2N2U1MjA2M2JlYmM2YTI0YjM5OWM0ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArB8n8ZeNXBQnQRtl5F0RokIB/aqE
rwj7J/jvPuERz1B/AUvGvotFD5S4ufaI2Y3Iisa9rGeP1UHTdhQdkZ8/L/HtI6Mp
hAatWTWTC4ih4OvAK/DSIjLXW3gUIyw4vINgaGXWec5KB7wrMDUYZEnaiEqdFk4f
SzHNUoYai/7RxbfkZMr5l/sI9PEAP4nXzj++3Eiqpfo+2I/jR9DDfe0qt/6qthMY
K5rqTHeMdajZZUZoav8g1wnsEGLtjVDIpLOEVSEI1G42DdnSAejuBwJ56/BMJVsA
HspthQUM7yLXW4m49S1kdKtgZzwaduOu+KvKtW0as2bIEMljiBxRF67bewIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFFsOG5l37rE2flIGO+vGoks5nE25MB8GA1UdIwQY
MBaAFNLCsO4YeShAkGXRnunAhY6MF+oTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNLdzdoaDVLRUNRWmRHZTZjQ0Zqb3dYNmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYmFjMTQtNmVhYi00OTg1LTg2N2Et
YzhlODYzYzFhOGQxLzEvV3c0Ym1YZnVzVFotVWdZNzY4YWlTem1jVGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYmFjMTQtNmVhYi00OTg1LTg2N2EtYzhlODYzYzFhOGQx
LzEvMHNLdzdoaDVLRUNRWmRHZTZjQ0Zqb3dYNmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQCwgAcMCoE
AgACMCQDBwAgAQZ4ACwDBwAgAQZ4ADADBwAgAQZ4ADQDBwAgAQZ4ADgwDQYJKoZI
hvcNAQELBQADggEBAJOa6Y9e5Ay1u/qvcf57CjGHAe/8yLgCMYt2baSp1rBbDOS2
+tp6AQ/SVeRCkS3MlV2fEVBWH14q1fhWXURXOSuV4R0Jy4XTw37UH33XwZk+JuzT
jjSqZTfrWQKgP3AqFgn4fYGjRY3qs+YCD9k7Xcr05jzgMQ1gkwZ7VxDV32tlRjlf
gLCgNCLJPzenFy5Q5cvLy5x67vUmiHcrhnBV1hUMaaUliufn+hiUyGB4Lxw4ZPIa
AmZHwI72NB/kyri7AuYLwHralKxnRko0TrpY2rL+rkBJwjPfMwfG1Ua1EAmzT0xP
AZ2Jd7MZ0v/hfXOsZNoMN/v9s2dMBpqug0NLueE=
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:52:21 2025 by rpki-client