Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/WEwkhKzRgbDAznl5dzRWkNJVURw.roa
File: WEwkhKzRgbDAznl5dzRWkNJVURw.roa (raw, json)
Hash identifier: 7X99vKsqJ313WRynGEJUVQ7gmzM5BgPd4GPgBJxXOZ4=
Subject key identifier: 58:4C:24:84:AC:D1:81:B0:C0:CE:79:79:77:34:56:90:D2:55:51:1C
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018F80C550CF178992A1DE21778F0E73D113
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/WEwkhKzRgbDAznl5dzRWkNJVURw.roa
Signing time: Thu 16 May 2024 09:39:25 +0000
ROA not before: Thu 16 May 2024 09:39:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 185.235.167.0/24 maxlen: 24
2a02:afc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 22 May 2024 04:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:c5:50:cf:17:89:92:a1:de:21:77:8f:0e:73:d1:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: May 16 09:39:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=584c2484acd181b0c0ce797977345690d255511c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1d:87:b9:96:2c:fe:dd:e7:4f:18:7a:9c:df:
75:3f:ab:e7:c4:e6:76:86:0b:e9:9d:38:4e:43:9c:
da:0c:0f:bf:1f:4a:9e:a7:0d:a0:e0:9c:2a:ab:da:
28:ae:1a:aa:f6:de:17:80:70:e5:75:38:23:99:bf:
8b:56:29:b9:94:e2:b0:01:d2:29:c2:3d:f9:c8:b4:
94:21:75:21:84:91:21:0b:de:3c:e1:a5:e3:65:c7:
ea:cf:de:fe:72:96:ae:30:d4:95:cc:fc:2a:c4:7c:
78:20:cc:ce:3a:b8:2c:12:dd:bc:28:5c:66:74:3e:
32:3d:43:f2:2c:8a:a8:09:77:7c:15:ed:59:c0:b4:
fc:2f:03:d2:cd:32:a6:6a:21:6f:21:1d:58:30:a8:
d3:d4:82:21:be:5a:dc:a3:68:f2:ef:71:89:c4:bb:
18:df:77:ea:11:fa:66:e3:28:99:c0:3b:30:5b:65:
fe:24:7d:2a:15:d8:94:9d:fa:37:d3:bc:e9:24:51:
a1:a8:35:53:23:8b:39:ab:db:93:95:87:65:87:d7:
37:2d:ea:d4:6c:28:cd:72:17:a8:2f:ad:b5:f9:8f:
0f:a7:06:74:2d:be:41:1f:40:e7:0f:f8:cd:e9:03:
c1:06:eb:49:ac:c8:f0:e7:56:e7:71:2d:93:2f:21:
20:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:4C:24:84:AC:D1:81:B0:C0:CE:79:79:77:34:56:90:D2:55:51:1C
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/WEwkhKzRgbDAznl5dzRWkNJVURw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.167.0/24
IPv6:
2a02:afc0::/32
Signature Algorithm: sha256WithRSAEncryption
79:ef:40:70:c7:35:75:7b:9e:9d:10:3e:84:1b:ae:75:62:87:
ba:26:e3:72:f3:2e:b5:c2:32:bf:81:59:b9:e7:76:8e:62:dd:
d0:81:2f:f8:13:0c:af:1e:5b:2a:41:dc:ea:29:4c:57:b4:0a:
1e:26:57:1c:d0:3f:86:98:b3:5f:d9:80:8c:f1:bc:d4:52:3c:
9e:c1:10:76:4b:49:b7:4f:65:b1:b2:00:d1:6b:9b:17:82:6b:
ea:06:44:68:76:c4:e4:1e:00:65:9f:11:6d:5f:9e:83:53:cb:
c4:f7:e9:95:d2:6e:c7:fd:b1:0d:82:08:27:4a:dc:cc:50:97:
f1:54:9b:69:4e:e7:01:21:cb:4f:4f:b4:ae:71:2c:49:d4:c5:
0c:75:e8:32:3c:3e:df:16:cd:1c:12:2b:4d:e7:8b:f0:25:e4:
16:c6:5f:4c:a9:83:41:76:8f:e8:3a:b6:0d:76:2d:0f:0f:b0:
ab:2e:49:5e:c6:01:27:5c:a0:3e:60:b8:b6:f3:b5:9a:70:c6:
21:97:c0:ed:75:e2:6f:55:a6:64:83:66:3b:9c:9d:02:ba:c3:
8b:dd:2a:48:52:a9:fd:1e:ca:5f:75:9b:c4:d3:bc:16:47:20:
9d:65:10:ac:31:cf:7e:cd:36:8f:a3:8e:de:70:09:02:16:41:
94:51:45:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+AxVDPF4mSod4hd48Oc9ETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwNTE2MDkzOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODRjMjQ4NGFjZDE4MWIwYzBjZTc5Nzk3NzM0NTY5MGQyNTU1MTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqB2HuZYs/t3nTxh6nN91P6vnxOZ2
hgvpnThOQ5zaDA+/H0qepw2g4Jwqq9oorhqq9t4XgHDldTgjmb+LVim5lOKwAdIp
wj35yLSUIXUhhJEhC9484aXjZcfqz97+cpauMNSVzPwqxHx4IMzOOrgsEt28KFxm
dD4yPUPyLIqoCXd8Fe1ZwLT8LwPSzTKmaiFvIR1YMKjT1IIhvlrco2jy73GJxLsY
33fqEfpm4yiZwDswW2X+JH0qFdiUnfo307zpJFGhqDVTI4s5q9uTlYdlh9c3LerU
bCjNcheoL621+Y8PpwZ0Lb5BH0DnD/jN6QPBButJrMjw51bncS2TLyEg4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFhMJISs0YGwwM55eXc0VpDSVVEcMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvV0V3a2hLelJnYkRBem5sNWR6UldrTkpWVVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAueunMA0E
AgACMAcDBQAqAq/AMA0GCSqGSIb3DQEBCwUAA4IBAQB570BwxzV1e56dED6EG651
Yoe6JuNy8y61wjK/gVm553aOYt3QgS/4EwyvHlsqQdzqKUxXtAoeJlcc0D+GmLNf
2YCM8bzUUjyewRB2S0m3T2WxsgDRa5sXgmvqBkRodsTkHgBlnxFtX56DU8vE9+mV
0m7H/bENgggnStzMUJfxVJtpTucBIctPT7SucSxJ1MUMdegyPD7fFs0cEitN54vw
JeQWxl9MqYNBdo/oOrYNdi0PD7CrLklexgEnXKA+YLi287WacMYhl8DtdeJvVaZk
g2Y7nJ0CusOL3SpIUqn9HspfdZvE07wWRyCdZRCsMc9+zTaPo47ecAkCFkGUUUUi
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:15 2025 by rpki-client