Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/5d5f73-63b9-4aaa-a8ec-5afc3a4fe542/1/WBf508ingLXF0f0DzD0Ah8EPOhM.roa
File: WBf508ingLXF0f0DzD0Ah8EPOhM.roa (raw, json)
Hash identifier: ePl/Q5U+1BatZyba+XiLwhA3a+H2hk+/b+oDHgPkXgE=
Subject key identifier: 58:17:F9:D3:C8:A7:80:B5:C5:D1:FD:03:CC:3D:00:87:C1:0F:3A:13
Certificate issuer: /CN=9b23639060ff87a77fc67a6e03c0c4dd2ae4c391
Certificate serial: 018CC64AA22A8B3BDB49EE8DB6841BEFDFF6
Authority key identifier: 9B:23:63:90:60:FF:87:A7:7F:C6:7A:6E:03:C0:C4:DD:2A:E4:C3:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/myNjkGD_h6d_xnpuA8DE3Srkw5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/5d5f73-63b9-4aaa-a8ec-5afc3a4fe542/1/WBf508ingLXF0f0DzD0Ah8EPOhM.roa
Signing time: Mon 01 Jan 2024 18:30:29 +0000
ROA not before: Mon 01 Jan 2024 18:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196678
IP address blocks: 131.117.216.0/24 maxlen: 24
131.117.218.0/23 maxlen: 24
131.117.217.0/24 maxlen: 24
131.117.220.0/22 maxlen: 22
2a00:bd40::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:a2:2a:8b:3b:db:49:ee:8d:b6:84:1b:ef:df:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b23639060ff87a77fc67a6e03c0c4dd2ae4c391
Validity
Not Before: Jan 1 18:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5817f9d3c8a780b5c5d1fd03cc3d0087c10f3a13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:61:6a:10:7f:28:94:8b:c8:1c:8a:25:00:15:
cb:fc:64:f1:61:2d:41:ce:49:db:66:ca:de:31:3c:
84:91:1f:f4:ae:2d:18:30:de:b1:5f:22:ea:1d:3b:
ea:4c:5f:b3:e4:00:b1:6b:22:d7:c4:1e:41:f4:2d:
df:a4:cb:bc:4e:76:7c:16:d7:b0:bd:de:4e:0c:62:
0b:af:72:21:65:fa:83:b5:0c:d5:54:c3:a9:39:21:
70:a0:ed:4a:00:98:c5:62:96:d8:96:ac:61:db:a9:
e3:a5:b4:d9:08:10:fd:5d:95:07:c7:ed:1b:56:30:
f2:6d:ed:6f:60:b6:9b:74:b2:3b:d7:bb:6e:bd:b3:
d3:a2:96:da:db:0e:70:62:ec:c7:2e:ec:db:bf:df:
aa:a8:3f:e1:de:06:d6:d9:47:cd:ab:87:85:7d:0d:
6c:1e:64:5a:6e:b7:db:05:95:5b:f3:45:ee:bd:ff:
3f:b4:11:5f:47:4f:1f:51:23:f5:d8:5f:33:e4:eb:
52:ea:89:01:8f:d7:64:37:97:28:b5:75:98:36:ab:
20:12:b2:14:aa:61:0a:e6:f1:e8:aa:01:78:70:94:
0f:0c:52:98:3f:09:6d:e0:3f:7c:38:e5:e1:7f:bb:
10:31:f6:27:4f:65:15:81:bf:fc:8d:14:84:81:55:
b6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:17:F9:D3:C8:A7:80:B5:C5:D1:FD:03:CC:3D:00:87:C1:0F:3A:13
X509v3 Authority Key Identifier:
keyid:9B:23:63:90:60:FF:87:A7:7F:C6:7A:6E:03:C0:C4:DD:2A:E4:C3:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/myNjkGD_h6d_xnpuA8DE3Srkw5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/5d5f73-63b9-4aaa-a8ec-5afc3a4fe542/1/WBf508ingLXF0f0DzD0Ah8EPOhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/5d5f73-63b9-4aaa-a8ec-5afc3a4fe542/1/myNjkGD_h6d_xnpuA8DE3Srkw5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.117.216.0/21
IPv6:
2a00:bd40::/32
Signature Algorithm: sha256WithRSAEncryption
83:28:37:23:3f:be:d4:7f:de:d6:00:db:04:08:fe:1a:0f:25:
3a:85:8c:94:1f:fd:e5:0d:ff:f9:c8:49:ec:59:69:85:46:b1:
aa:3e:36:fb:41:58:d3:71:fe:e8:51:b1:b3:90:e7:b6:79:a9:
9f:ae:58:eb:26:27:21:c9:15:10:55:71:ea:6f:81:7b:ca:fc:
6b:38:83:b9:c2:06:7f:23:a8:a9:75:ca:16:97:50:68:58:db:
3b:d2:f3:d2:35:54:f9:cb:be:5f:2b:90:2e:88:73:12:36:46:
e5:09:5f:6d:48:0f:ef:f8:18:91:79:ce:51:8d:61:dd:de:a8:
18:9b:ae:61:ec:f6:be:92:74:aa:93:5d:15:06:ce:62:6c:9f:
b6:8a:bf:2a:0f:74:f1:3b:4f:fa:c4:7b:46:58:62:da:ca:7e:
b7:f5:7d:cf:45:8f:55:5c:b4:06:48:25:f9:84:65:40:84:a2:
fa:02:ef:45:bb:b9:52:2f:6f:d2:64:ea:3b:55:fc:a5:a2:8c:
e5:5b:9b:f2:61:09:67:1b:0f:d0:c5:ce:7e:0d:cd:e2:84:eb:
ac:4c:07:e0:9e:45:81:1b:60:a4:de:b8:9e:ab:97:75:3a:bd:
04:87:88:44:5c:24:0d:c1:cb:42:a0:51:ee:62:be:0c:57:e6:
b6:05:1c:ce
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSqIqizvbSe6NtoQb79/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMjM2MzkwNjBmZjg3YTc3ZmM2N2E2ZTAzYzBjNGRkMmFl
NGMzOTEwHhcNMjQwMTAxMTgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODE3ZjlkM2M4YTc4MGI1YzVkMWZkMDNjYzNkMDA4N2MxMGYzYTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWFqEH8olIvIHIolABXL/GTxYS1B
zknbZsreMTyEkR/0ri0YMN6xXyLqHTvqTF+z5ACxayLXxB5B9C3fpMu8TnZ8Ftew
vd5ODGILr3IhZfqDtQzVVMOpOSFwoO1KAJjFYpbYlqxh26njpbTZCBD9XZUHx+0b
VjDybe1vYLabdLI717tuvbPTopba2w5wYuzHLuzbv9+qqD/h3gbW2UfNq4eFfQ1s
HmRabrfbBZVb80Xuvf8/tBFfR08fUSP12F8z5OtS6okBj9dkN5cotXWYNqsgErIU
qmEK5vHoqgF4cJQPDFKYPwlt4D98OOXhf7sQMfYnT2UVgb/8jRSEgVW2DQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFgX+dPIp4C1xdH9A8w9AIfBDzoTMB8GA1UdIwQY
MBaAFJsjY5Bg/4enf8Z6bgPAxN0q5MORMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXlOamtHRF9oNmRfeG5wdUE4REUzU3JrdzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS81ZDVmNzMtNjNiOS00YWFhLWE4ZWMt
NWFmYzNhNGZlNTQyLzEvV0JmNTA4aW5nTFhGMGYwRHpEMEFoOEVQT2hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS81ZDVmNzMtNjNiOS00YWFhLWE4ZWMtNWFmYzNhNGZlNTQy
LzEvbXlOamtHRF9oNmRfeG5wdUE4REUzU3JrdzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDg3XYMA0E
AgACMAcDBQAqAL1AMA0GCSqGSIb3DQEBCwUAA4IBAQCDKDcjP77Uf97WANsECP4a
DyU6hYyUH/3lDf/5yEnsWWmFRrGqPjb7QVjTcf7oUbGzkOe2eamfrljrJichyRUQ
VXHqb4F7yvxrOIO5wgZ/I6ipdcoWl1BoWNs70vPSNVT5y75fK5AuiHMSNkblCV9t
SA/v+BiRec5RjWHd3qgYm65h7Pa+knSqk10VBs5ibJ+2ir8qD3TxO0/6xHtGWGLa
yn639X3PRY9VXLQGSCX5hGVAhKL6Au9Fu7lSL2/SZOo7VfyloozlW5vyYQlnGw/Q
xc5+Dc3ihOusTAfgnkWBG2Ck3rieq5d1Or0Eh4hEXCQNwctCoFHuYr4MV+a2BRzO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:12 2025 by rpki-client