Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/wukAm5uBGzAOqI-5FSCoGzciLXs.roa
File: wukAm5uBGzAOqI-5FSCoGzciLXs.roa (raw, json)
Hash identifier: 79UfgaSk2596z8f40mpU9ERUdo68Y9qPlF2sxMy/cHY=
Subject key identifier: C2:E9:00:9B:9B:81:1B:30:0E:A8:8F:B9:15:20:A8:1B:37:22:2D:7B
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 019426D9B99C55FD1F1060A8582AB46549E7
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/wukAm5uBGzAOqI-5FSCoGzciLXs.roa
Signing time: Thu 02 Jan 2025 11:49:50 +0000
ROA not before: Thu 02 Jan 2025 11:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49665
IP address blocks: 85.140.95.0/24 maxlen: 24
178.155.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Jan 2025 11:25:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:b9:9c:55:fd:1f:10:60:a8:58:2a:b4:65:49:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 2 11:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2e9009b9b811b300ea88fb91520a81b37222d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0d:03:03:75:55:1b:69:18:70:31:c0:a0:2a:
32:11:05:8a:cb:7f:f6:51:cf:06:7e:bd:6e:e3:87:
45:f9:21:6a:29:c5:28:bf:e5:f5:b4:e9:05:23:d2:
79:b1:10:e5:0b:35:ee:01:7f:0b:5f:8b:65:f2:ff:
94:d4:9c:c1:e2:9b:04:87:0d:5b:b0:1b:d6:e1:2b:
1e:6a:d4:a9:81:88:37:da:d2:21:62:3e:02:b0:ce:
de:bd:da:5e:21:f3:a8:df:47:54:eb:ad:9a:c3:e3:
5c:0f:d4:7b:fc:27:6c:4d:8d:ae:f6:03:c0:2d:77:
0c:e4:3d:f6:5a:75:1f:f4:55:9f:af:0d:4b:88:3a:
07:80:62:6c:54:02:43:66:59:96:fb:a6:14:b2:fe:
9c:9f:de:3a:70:60:f6:a9:cd:88:b9:56:49:1c:23:
ac:75:07:c6:c9:15:8c:cb:55:4a:a3:6b:6e:fc:65:
7d:da:a2:f2:33:98:28:28:4b:7f:99:2a:87:e0:f5:
c9:4c:3d:05:69:7f:0e:f4:49:45:95:6d:2e:92:51:
99:93:4c:8e:f5:35:27:1b:72:8e:8d:54:69:b9:77:
e8:b0:9a:2c:5e:6f:bc:68:bb:eb:2b:f9:be:a6:d0:
7c:7c:32:94:73:65:5c:5d:88:c7:7b:91:0b:79:0b:
0c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:E9:00:9B:9B:81:1B:30:0E:A8:8F:B9:15:20:A8:1B:37:22:2D:7B
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/wukAm5uBGzAOqI-5FSCoGzciLXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.140.95.0/24
178.155.52.0/24
Signature Algorithm: sha256WithRSAEncryption
31:d3:73:24:5d:4f:5f:e8:28:c1:80:ca:45:d5:cc:0f:49:e4:
38:03:6f:44:cb:68:c9:01:00:79:f5:86:ab:7c:4a:9e:e9:91:
ec:82:a8:f1:23:85:ce:6e:97:15:6d:8a:be:56:69:68:a5:8d:
89:4b:68:7e:41:77:08:02:1f:e0:cb:e9:2d:17:a4:c8:77:4e:
f6:e3:0a:e4:ef:d5:f1:3b:53:45:97:dd:d0:8e:a7:64:9f:23:
e5:6d:11:60:94:48:13:c0:52:b5:6d:4e:e2:67:82:83:50:fb:
d1:cf:c8:4b:7c:e6:fd:d7:64:f3:97:36:71:53:23:14:6b:21:
9a:40:fe:ca:69:9f:8b:2c:d1:09:b8:69:04:b7:3d:e5:05:ed:
83:db:12:d1:e1:c1:ac:75:f0:ed:06:7d:fa:9f:38:02:27:f3:
5e:6c:6f:26:8c:94:d7:83:d1:b7:72:c6:2d:9a:22:89:35:0c:
4e:d5:84:17:cb:51:30:d6:a1:fa:5b:c2:3b:31:4c:e3:34:df:
2a:0b:f0:64:ee:a3:6d:79:5a:2c:b7:b2:25:99:59:27:d2:08:
04:2e:6e:7d:4d:da:31:2c:f9:6e:58:27:0d:5c:f9:e1:8c:bf:
bb:c1:5b:9a:6d:ec:b7:78:4f:72:2c:21:74:cf:06:e1:a0:8f:
a8:2b:7d:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQm2bmcVf0fEGCoWCq0ZUnnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwMTAyMTE0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmU5MDA5YjliODExYjMwMGVhODhmYjkxNTIwYTgxYjM3MjIyZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA0DA3VVG2kYcDHAoCoyEQWKy3/2
Uc8Gfr1u44dF+SFqKcUov+X1tOkFI9J5sRDlCzXuAX8LX4tl8v+U1JzB4psEhw1b
sBvW4SseatSpgYg32tIhYj4CsM7evdpeIfOo30dU662aw+NcD9R7/CdsTY2u9gPA
LXcM5D32WnUf9FWfrw1LiDoHgGJsVAJDZlmW+6YUsv6cn946cGD2qc2IuVZJHCOs
dQfGyRWMy1VKo2tu/GV92qLyM5goKEt/mSqH4PXJTD0FaX8O9ElFlW0uklGZk0yO
9TUnG3KOjVRpuXfosJosXm+8aLvrK/m+ptB8fDKUc2VcXYjHe5ELeQsMlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMLpAJubgRswDqiPuRUgqBs3Ii17MB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvd3VrQW01dUJHekFPcUktNUZTQ29HemNpTFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYxfAwQA
sps0MA0GCSqGSIb3DQEBCwUAA4IBAQAx03MkXU9f6CjBgMpF1cwPSeQ4A29Ey2jJ
AQB59YarfEqe6ZHsgqjxI4XObpcVbYq+VmlopY2JS2h+QXcIAh/gy+ktF6TId072
4wrk79XxO1NFl93QjqdknyPlbRFglEgTwFK1bU7iZ4KDUPvRz8hLfOb912TzlzZx
UyMUayGaQP7KaZ+LLNEJuGkEtz3lBe2D2xLR4cGsdfDtBn36nzgCJ/NebG8mjJTX
g9G3csYtmiKJNQxO1YQXy1Ew1qH6W8I7MUzjNN8qC/Bk7qNteVost7IlmVkn0ggE
Lm59TdoxLPluWCcNXPnhjL+7wVuabey3eE9yLCF0zwbhoI+oK304
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:02:27 2025 by rpki-client