Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/WK28OTTZTR45FoQLhnfEt4kpUUk.roa
File: WK28OTTZTR45FoQLhnfEt4kpUUk.roa (raw, json)
Hash identifier: l0kvMHgJWbvKlvAs3VVMbxxjckSR4t13K/VsmYSxcY8=
Subject key identifier: 58:AD:BC:39:34:D9:4D:1E:39:16:84:0B:86:77:C4:B7:89:29:51:49
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018CC6B8142F56BEC0F152FE0062F60CDEB4
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/WK28OTTZTR45FoQLhnfEt4kpUUk.roa
Signing time: Mon 01 Jan 2024 20:30:01 +0000
ROA not before: Mon 01 Jan 2024 20:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35728
IP address blocks: 85.140.44.0/24 maxlen: 24
85.140.44.0/22 maxlen: 22
85.140.45.0/24 maxlen: 24
85.140.47.0/24 maxlen: 24
85.140.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:14:2f:56:be:c0:f1:52:fe:00:62:f6:0c:de:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 1 20:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58adbc3934d94d1e3916840b8677c4b789295149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8a:67:df:d5:8e:46:b6:e7:c8:f3:ca:71:b2:
3d:40:de:b7:56:e5:31:4f:d5:22:c9:a8:97:74:a4:
20:de:c1:3d:1a:ed:21:9e:12:7c:47:35:19:cf:f4:
cb:27:b3:75:e9:f8:ee:02:12:91:76:1b:97:ee:bf:
96:54:ef:71:a1:0e:a2:3a:4e:4d:f0:30:26:bb:59:
4c:0c:a7:4a:db:a3:1d:5e:08:eb:13:d0:a5:db:6e:
98:4b:8b:ae:24:06:cb:f9:96:e3:b9:ea:21:c8:28:
cd:4a:30:a1:3b:f7:ef:d0:5e:80:e5:e1:cb:7f:be:
f3:d2:99:08:46:33:81:14:4a:20:f0:12:f7:1b:7e:
f6:76:2e:c9:35:b1:7c:3b:88:5d:2e:90:45:6c:24:
aa:0d:9d:23:5a:27:15:17:51:5d:51:21:d6:35:dc:
98:aa:db:92:3d:bf:ef:61:fe:13:fe:84:9a:1b:32:
cb:fe:0d:ce:00:f6:84:20:db:56:6a:d0:fa:63:c3:
d0:93:a4:c0:0a:b9:2c:8e:c5:3f:1a:85:17:bb:26:
5b:78:23:17:25:8c:9b:24:a4:ba:cd:c0:00:77:c9:
7e:fd:94:17:5e:fd:e2:6b:fe:94:24:c8:f9:c6:3a:
05:c7:85:ca:2c:ab:e7:84:21:b2:a5:d3:67:28:05:
e8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:AD:BC:39:34:D9:4D:1E:39:16:84:0B:86:77:C4:B7:89:29:51:49
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/WK28OTTZTR45FoQLhnfEt4kpUUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.140.44.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:c1:2a:28:5b:df:c2:cf:18:f4:69:07:e2:ae:25:69:a7:35:
8e:7a:a0:29:29:cd:79:13:46:21:e8:8f:92:2e:16:87:c7:f5:
51:02:39:19:6f:51:5a:48:04:87:d6:29:fd:35:d3:ca:93:c6:
13:9a:41:4a:8d:dd:07:4f:f1:12:d5:ac:6f:ee:0f:e6:e9:79:
d5:ab:22:f3:f1:58:ea:6f:93:72:95:c2:5d:7c:05:b5:f8:ec:
f5:61:9c:1e:77:f7:c2:7e:d1:54:a9:df:b3:27:04:18:5a:ae:
3b:d7:2a:68:89:f6:77:40:86:b9:be:15:00:ff:eb:53:d4:7d:
89:ed:6a:de:fb:bf:f9:cf:f4:74:46:fc:3a:67:be:f8:74:2d:
b1:10:e9:53:bd:ac:f0:c2:2d:df:4e:b5:5f:3a:ba:3b:78:80:
b4:a6:5a:65:9a:09:bc:49:03:93:42:a3:3a:05:07:e8:3e:3d:
12:3c:1b:ec:f0:f1:7a:6a:ee:8c:15:05:66:80:10:4c:92:16:
5f:b3:ea:c4:e9:82:7c:02:ea:14:f9:c3:75:ae:80:12:48:e6:
70:7a:f0:d0:bd:37:77:cc:e2:be:02:90:4b:21:05:9b:d9:cc:
10:be:b2:b0:f3:64:08:98:be:b7:01:47:c6:c3:fb:47:3c:37:
96:87:53:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuBQvVr7A8VL+AGL2DN60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjQwMTAxMjAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGFkYmMzOTM0ZDk0ZDFlMzkxNjg0MGI4Njc3YzRiNzg5Mjk1MTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4pn39WORrbnyPPKcbI9QN63VuUx
T9UiyaiXdKQg3sE9Gu0hnhJ8RzUZz/TLJ7N16fjuAhKRdhuX7r+WVO9xoQ6iOk5N
8DAmu1lMDKdK26MdXgjrE9Cl226YS4uuJAbL+ZbjueohyCjNSjChO/fv0F6A5eHL
f77z0pkIRjOBFEog8BL3G372di7JNbF8O4hdLpBFbCSqDZ0jWicVF1FdUSHWNdyY
qtuSPb/vYf4T/oSaGzLL/g3OAPaEINtWatD6Y8PQk6TACrksjsU/GoUXuyZbeCMX
JYybJKS6zcAAd8l+/ZQXXv3ia/6UJMj5xjoFx4XKLKvnhCGypdNnKAXoxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFitvDk02U0eORaEC4Z3xLeJKVFJMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvV0syOE9UVFpUUjQ1Rm9RTGhuZkV0NGtwVVVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVYwsMA0G
CSqGSIb3DQEBCwUAA4IBAQBswSooW9/Czxj0aQfiriVppzWOeqApKc15E0Yh6I+S
LhaHx/VRAjkZb1FaSASH1in9NdPKk8YTmkFKjd0HT/ES1axv7g/m6XnVqyLz8Vjq
b5NylcJdfAW1+Oz1YZwed/fCftFUqd+zJwQYWq471ypoifZ3QIa5vhUA/+tT1H2J
7Wre+7/5z/R0Rvw6Z774dC2xEOlTvazwwi3fTrVfOro7eIC0plplmgm8SQOTQqM6
BQfoPj0SPBvs8PF6au6MFQVmgBBMkhZfs+rE6YJ8AuoU+cN1roASSOZwevDQvTd3
zOK+ApBLIQWb2cwQvrKw82QImL63AUfGw/tHPDeWh1Pb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:44 2025 by rpki-client