Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/WQYleFvjCfyaRYZyfovDLdAADGo.roa
File: WQYleFvjCfyaRYZyfovDLdAADGo.roa (raw, json)
Hash identifier: zhR4eCZbIQ7MCS8/2UsvUiODaX6f0R86nepMGap5sL8=
Subject key identifier: 59:06:25:78:5B:E3:09:FC:9A:45:86:72:7E:8B:C3:2D:D0:00:0C:6A
Certificate issuer: /CN=ad8e857fc00be14ed92b9e78cc3ca69b8adc2485
Certificate serial: 01925853A157BE9609BFDA93A57689173FD7
Authority key identifier: AD:8E:85:7F:C0:0B:E1:4E:D9:2B:9E:78:CC:3C:A6:9B:8A:DC:24:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rY6Ff8AL4U7ZK554zDymm4rcJIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/WQYleFvjCfyaRYZyfovDLdAADGo.roa
Signing time: Fri 04 Oct 2024 16:18:48 +0000
ROA not before: Fri 04 Oct 2024 16:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59439
IP address blocks: 91.240.178.0/24 maxlen: 24
185.168.52.0/22 maxlen: 24
2a0d:c0c0:3e1::/48 maxlen: 48
2a0d:c0c0:3e1:18::/64 maxlen: 64
2a0d:c0c0:4e1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:58:53:a1:57:be:96:09:bf:da:93:a5:76:89:17:3f:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad8e857fc00be14ed92b9e78cc3ca69b8adc2485
Validity
Not Before: Oct 4 16:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=590625785be309fc9a4586727e8bc32dd0000c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1e:67:5c:7f:b1:b6:92:f0:84:bb:9d:23:af:
d4:f0:9c:df:04:bf:c3:dc:87:38:d4:5b:91:74:8b:
fe:e7:35:8f:53:79:62:2b:b7:99:9d:ee:2c:2c:7b:
f5:a8:77:8a:e0:00:73:b2:77:48:ec:f1:83:f3:5f:
c2:03:74:ca:fd:ec:96:ff:88:ac:de:ed:9c:6c:a1:
99:1e:d9:e3:df:7b:bd:47:ba:01:47:72:46:1b:3f:
2e:bd:b4:ef:79:76:ad:6a:ae:ef:47:42:7a:f4:89:
fb:47:28:79:3f:6b:65:3b:5f:b2:f8:97:8e:fc:76:
32:94:49:7e:a9:8d:a2:94:34:c8:48:90:80:d4:ac:
75:8b:81:b4:31:89:5a:5f:d2:84:43:49:7c:22:42:
ea:66:b8:11:fc:ac:e6:f4:4b:1b:6e:65:d4:39:0b:
12:dd:2c:c3:e2:d5:5e:e5:64:ee:d1:67:fd:1b:fd:
4c:8d:b1:f1:5a:16:32:44:b3:f8:35:93:27:a7:b0:
0d:1e:c1:95:9d:bd:19:59:68:e0:98:d1:f4:ff:ec:
93:de:66:26:ac:67:ea:d1:db:88:b6:f6:f3:6b:ce:
c7:66:ef:93:c9:fa:cb:d0:17:81:74:d0:ca:fa:06:
36:b2:d9:2d:65:66:29:17:60:23:14:b4:70:3f:36:
60:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:06:25:78:5B:E3:09:FC:9A:45:86:72:7E:8B:C3:2D:D0:00:0C:6A
X509v3 Authority Key Identifier:
keyid:AD:8E:85:7F:C0:0B:E1:4E:D9:2B:9E:78:CC:3C:A6:9B:8A:DC:24:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY6Ff8AL4U7ZK554zDymm4rcJIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/WQYleFvjCfyaRYZyfovDLdAADGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/rY6Ff8AL4U7ZK554zDymm4rcJIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.178.0/24
185.168.52.0/22
IPv6:
2a0d:c0c0:3e1::/48
2a0d:c0c0:4e1::/48
Signature Algorithm: sha256WithRSAEncryption
23:59:9f:1f:30:b1:99:cf:cb:4c:9b:a1:49:68:d2:7f:24:99:
d7:21:d8:4a:f1:85:07:52:aa:0b:f6:fb:81:63:f2:e4:c3:67:
98:33:a8:12:b4:8c:31:87:4d:ca:4b:aa:b3:97:f6:2a:48:af:
0b:f5:83:a5:44:6f:c9:c7:79:f3:16:61:ff:cf:53:e6:cf:36:
a9:2b:54:91:33:e1:25:9f:9f:f6:88:ad:99:f3:97:a8:37:64:
15:d3:be:e9:5e:3c:2f:8e:92:3e:54:35:a7:26:24:da:30:c1:
b5:a8:39:53:94:95:46:c4:72:94:b3:72:9e:d3:06:d8:88:5b:
31:0a:ed:38:67:4b:0a:49:07:ce:56:8b:88:59:be:c5:35:b2:
32:ee:5d:63:6b:90:a9:e3:00:41:b2:9d:a8:c9:cb:f8:4f:7b:
49:51:3d:a3:9d:46:ea:a6:43:f3:68:e0:33:d5:56:b6:5e:40:
08:32:76:20:a0:fb:0f:5c:af:25:2f:5a:bd:14:6a:c6:bb:66:
a6:57:1f:28:74:d9:c1:2c:9b:1c:f3:1b:06:06:e9:55:5b:e2:
28:13:f8:c2:8b:47:4a:24:a7:57:19:c2:d6:6f:04:c7:25:f9:
3f:8a:bd:25:22:6d:32:fc:be:79:48:19:9b:ad:a6:b9:ae:7e:
9b:46:cc:91
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZJYU6FXvpYJv9qTpXaJFz/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOGU4NTdmYzAwYmUxNGVkOTJiOWU3OGNjM2NhNjliOGFk
YzI0ODUwHhcNMjQxMDA0MTYxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTA2MjU3ODViZTMwOWZjOWE0NTg2NzI3ZThiYzMyZGQwMDAwYzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR5nXH+xtpLwhLudI6/U8JzfBL/D
3Ic41FuRdIv+5zWPU3liK7eZne4sLHv1qHeK4ABzsndI7PGD81/CA3TK/eyW/4is
3u2cbKGZHtnj33u9R7oBR3JGGz8uvbTveXataq7vR0J69In7Ryh5P2tlO1+y+JeO
/HYylEl+qY2ilDTISJCA1Kx1i4G0MYlaX9KEQ0l8IkLqZrgR/Kzm9EsbbmXUOQsS
3SzD4tVe5WTu0Wf9G/1MjbHxWhYyRLP4NZMnp7ANHsGVnb0ZWWjgmNH0/+yT3mYm
rGfq0duItvbza87HZu+TyfrL0BeBdNDK+gY2stktZWYpF2AjFLRwPzZg+QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFkGJXhb4wn8mkWGcn6Lwy3QAAxqMB8GA1UdIwQY
MBaAFK2OhX/AC+FO2SueeMw8ppuK3CSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclk2RmY4QUw0VTdaSzU1NHpEeW1tNHJjSklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iOGMzYmQtMTZlZi00ZjJjLTk0MDAt
ZGIwOTllNTg1ZTRiLzEvV1FZbGVGdmpDZnlhUllaeWZvdkRMZEFBREdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9iOGMzYmQtMTZlZi00ZjJjLTk0MDAtZGIwOTllNTg1ZTRi
LzEvclk2RmY4QUw0VTdaSzU1NHpEeW1tNHJjSklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAW/CyAwQC
uag0MBgEAgACMBIDBwAqDcDAA+EDBwAqDcDABOEwDQYJKoZIhvcNAQELBQADggEB
ACNZnx8wsZnPy0yboUlo0n8kmdch2ErxhQdSqgv2+4Fj8uTDZ5gzqBK0jDGHTcpL
qrOX9ipIrwv1g6VEb8nHefMWYf/PU+bPNqkrVJEz4SWfn/aIrZnzl6g3ZBXTvule
PC+Okj5UNacmJNowwbWoOVOUlUbEcpSzcp7TBtiIWzEK7ThnSwpJB85Wi4hZvsU1
sjLuXWNrkKnjAEGynajJy/hPe0lRPaOdRuqmQ/No4DPVVrZeQAgydiCg+w9cryUv
Wr0Uasa7ZqZXHyh02cEsmxzzGwYG6VVb4igT+MKLR0okp1cZwtZvBMcl+T+KvSUi
bTL8vnlIGZutprmufptGzJE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:12:30 2025 by rpki-client