Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/Wfi9weRVU_9728lCKtnUGbX_kfQ.roa
File: Wfi9weRVU_9728lCKtnUGbX_kfQ.roa (raw, json)
Hash identifier: JBfMOb/0DpeHuMbuImj+0sfOPCYgSGOEaIZLNvUd2rQ=
Subject key identifier: 59:F8:BD:C1:E4:55:53:FF:7B:DB:C9:42:2A:D9:D4:19:B5:FF:91:F4
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 018CC56E3105D28AA2662CA3EA577CA4DD9B
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/Wfi9weRVU_9728lCKtnUGbX_kfQ.roa
Signing time: Mon 01 Jan 2024 14:29:42 +0000
ROA not before: Mon 01 Jan 2024 14:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59574
IP address blocks: 89.188.168.0/22 maxlen: 24
89.188.174.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:31:05:d2:8a:a2:66:2c:a3:ea:57:7c:a4:dd:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 1 14:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59f8bdc1e45553ff7bdbc9422ad9d419b5ff91f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:65:56:17:49:1a:d4:e6:c9:f8:49:86:8a:31:
c8:85:9e:11:6a:90:78:92:10:c5:a5:91:e6:1a:82:
fb:bb:8c:c6:37:52:74:91:c5:9d:21:ec:6a:b9:db:
c0:f5:c3:16:4d:96:98:df:29:e0:08:1f:55:64:b6:
c5:7b:44:7c:22:ae:9e:ff:58:16:7a:9e:47:7e:6b:
50:c9:11:23:49:c1:08:b9:21:90:9c:01:8f:6a:b4:
e6:be:08:bd:1e:5a:af:5c:76:05:69:cf:b4:8f:a9:
b4:75:d0:e7:a5:c3:9c:26:ec:35:1e:ca:d5:be:59:
66:6c:df:d0:ce:44:51:48:7a:47:8f:f9:26:74:1f:
48:13:27:11:8d:eb:42:80:3c:3f:e4:8d:b2:ba:53:
78:72:4e:10:e5:14:ef:d5:7c:21:92:b1:7d:f8:09:
40:c6:fe:d7:96:03:ac:7c:d1:d5:87:75:fc:a4:bb:
55:c6:9d:cc:36:45:bc:51:41:32:d5:d2:71:a5:53:
a5:a6:80:11:0a:55:f0:0c:89:4f:c7:b1:a0:b6:8e:
b2:7e:e0:4f:33:b8:9b:3d:bd:ef:87:76:ce:47:d2:
3f:1a:2f:f6:1f:00:ee:b7:cd:62:bc:5b:fa:fd:95:
0a:9b:f3:1d:97:3f:55:a8:6c:05:c2:e6:5f:78:31:
aa:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F8:BD:C1:E4:55:53:FF:7B:DB:C9:42:2A:D9:D4:19:B5:FF:91:F4
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/Wfi9weRVU_9728lCKtnUGbX_kfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.188.168.0/22
89.188.174.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:4b:80:0d:1c:9a:c5:0f:78:29:af:c4:ce:27:8b:90:ac:83:
58:69:25:be:2d:75:5f:04:58:1f:9c:af:d0:64:d7:27:a7:98:
99:9b:00:8b:93:fc:5d:3c:ac:a2:a9:3e:fe:ac:8a:1e:8e:cf:
c1:e8:77:fe:ed:28:bc:66:f3:65:3b:58:d8:94:35:f3:f6:3d:
0f:3e:7b:b0:53:21:03:55:2d:3a:31:97:cf:cf:78:03:6e:b0:
95:51:b7:f9:87:f2:47:55:f3:81:af:2d:4a:c3:49:65:55:74:
69:46:99:3d:c7:9d:93:af:b7:78:81:7c:7a:73:c3:81:0d:98:
54:5d:b2:c4:cb:09:6f:90:84:7f:96:5a:c9:38:dc:ea:7a:0c:
23:d1:6e:62:cd:3b:7e:64:b9:58:1a:9b:aa:35:ea:70:8f:9b:
0f:f5:34:43:3a:13:bb:82:fd:86:8f:c7:1a:c5:4a:1c:f6:ac:
65:40:dc:c1:7a:74:25:14:4f:ee:53:8f:4f:b9:a5:96:94:52:
6c:fe:87:88:58:12:d8:df:8c:b3:1a:ff:09:32:75:3c:91:96:
33:4d:88:f6:ad:ae:03:17:39:eb:06:51:3c:77:a0:06:67:ec:
61:2f:df:d9:aa:1b:c2:2a:f4:35:58:ed:11:7c:d6:b0:49:4c:
9f:f0:eb:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbjEF0oqiZiyj6ld8pN2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjQwMTAxMTQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWY4YmRjMWU0NTU1M2ZmN2JkYmM5NDIyYWQ5ZDQxOWI1ZmY5MWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGVWF0ka1ObJ+EmGijHIhZ4RapB4
khDFpZHmGoL7u4zGN1J0kcWdIexqudvA9cMWTZaY3yngCB9VZLbFe0R8Iq6e/1gW
ep5HfmtQyREjScEIuSGQnAGParTmvgi9HlqvXHYFac+0j6m0ddDnpcOcJuw1HsrV
vllmbN/QzkRRSHpHj/kmdB9IEycRjetCgDw/5I2yulN4ck4Q5RTv1XwhkrF9+AlA
xv7XlgOsfNHVh3X8pLtVxp3MNkW8UUEy1dJxpVOlpoARClXwDIlPx7Ggto6yfuBP
M7ibPb3vh3bOR9I/Gi/2HwDut81ivFv6/ZUKm/Mdlz9VqGwFwuZfeDGq+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFn4vcHkVVP/e9vJQirZ1Bm1/5H0MB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvV2ZpOXdlUlZVXzk3MjhsQ0t0blVHYlhfa2ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbyoAwQB
WbyuMA0GCSqGSIb3DQEBCwUAA4IBAQBaS4ANHJrFD3gpr8TOJ4uQrINYaSW+LXVf
BFgfnK/QZNcnp5iZmwCLk/xdPKyiqT7+rIoejs/B6Hf+7Si8ZvNlO1jYlDXz9j0P
PnuwUyEDVS06MZfPz3gDbrCVUbf5h/JHVfOBry1Kw0llVXRpRpk9x52Tr7d4gXx6
c8OBDZhUXbLEywlvkIR/llrJONzqegwj0W5izTt+ZLlYGpuqNepwj5sP9TRDOhO7
gv2Gj8caxUoc9qxlQNzBenQlFE/uU49PuaWWlFJs/oeIWBLY34yzGv8JMnU8kZYz
TYj2ra4DFznrBlE8d6AGZ+xhL9/ZqhvCKvQ1WO0RfNawSUyf8OuT
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:38:17 2025 by rpki-client