Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/wThCCcc-9BxWu3Kb9HQKJpqZ6zw.roa
File: wThCCcc-9BxWu3Kb9HQKJpqZ6zw.roa (raw, json)
Hash identifier: Qn6KMcHAdY/Hw0N4FfxFB25BpJAiKwcZEJOPAF2/MLA=
Subject key identifier: C1:38:42:09:C7:3E:F4:1C:56:BB:72:9B:F4:74:0A:26:9A:99:EB:3C
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018CCA2A38B0F10A7FC95BDFAB8394066EA4
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/wThCCcc-9BxWu3Kb9HQKJpqZ6zw.roa
Signing time: Tue 02 Jan 2024 12:33:33 +0000
ROA not before: Tue 02 Jan 2024 12:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 176.221.24.0/22 maxlen: 22
176.221.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 04 Jan 2024 08:07:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:38:b0:f1:0a:7f:c9:5b:df:ab:83:94:06:6e:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 2 12:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1384209c73ef41c56bb729bf4740a269a99eb3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:84:2f:c9:e9:e0:9d:b2:55:40:ff:d8:06:4d:
78:18:06:d3:d5:35:2a:ea:72:9d:69:40:3d:58:5a:
f3:08:e6:88:64:d2:aa:95:c9:56:44:bc:f7:95:b9:
4a:21:bd:6e:c0:de:ef:3c:80:8d:1c:4b:56:cb:04:
0e:0a:3a:8c:9c:7d:13:63:07:5e:39:81:48:d8:75:
2e:bf:ef:c8:7a:c2:a1:c7:0d:a5:27:18:92:fd:1f:
aa:8d:b1:a8:17:b1:c7:f7:18:ab:7c:33:53:e3:1a:
64:f2:94:f9:83:0b:7a:35:01:fc:fe:44:0a:9a:13:
3f:b9:f2:e0:21:58:8e:5d:e1:69:0a:89:1c:da:10:
a4:b4:8c:15:71:94:05:dd:e2:2a:a2:05:04:5e:71:
93:de:f0:7a:95:d8:3a:ee:ed:63:f4:d1:ef:5e:bc:
03:7e:c9:e0:8d:aa:3f:68:eb:f4:2c:c1:94:9d:ea:
0e:40:1e:98:2b:4f:6e:4a:dd:b1:90:96:10:da:a0:
93:79:27:27:54:6f:40:30:81:ae:ae:9d:84:ec:f9:
9b:e7:d6:05:cd:b5:a4:2b:bf:a9:7c:c6:6e:1d:16:
e6:83:01:9a:95:d5:55:d1:8c:f6:08:80:21:b1:0d:
8a:bc:61:79:42:8f:08:ac:d5:cc:a9:d6:2b:f8:e6:
51:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:38:42:09:C7:3E:F4:1C:56:BB:72:9B:F4:74:0A:26:9A:99:EB:3C
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/wThCCcc-9BxWu3Kb9HQKJpqZ6zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.20.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
58:4f:9c:55:05:ca:b7:be:10:75:c4:f7:21:8e:1a:d7:be:8f:
18:ba:18:a4:72:75:5b:f9:bb:ae:e3:ab:5f:f8:9e:41:19:52:
1a:a8:1b:99:2a:75:81:1b:38:83:0b:eb:d7:57:e9:5f:19:f2:
94:e4:5a:98:ee:93:a9:04:6c:a2:f0:51:8d:9c:5f:a4:b1:72:
34:3a:92:cb:fa:f2:9e:ab:7f:df:e2:57:70:01:c1:5f:d3:97:
e1:03:4c:ef:28:17:0f:ce:89:e7:e0:24:f4:41:57:08:aa:ad:
f3:b9:05:e1:af:3b:b8:1a:31:90:e8:f0:88:7d:14:a9:67:9e:
88:f5:ad:d9:83:2c:17:54:0b:08:a2:12:23:bd:05:aa:c8:96:
30:38:47:6b:90:a5:b2:2b:7d:31:c3:5a:49:f5:9e:e9:b8:b3:
fc:12:74:a1:fc:0f:6d:a5:34:f0:c4:28:5f:3f:2d:a7:94:e5:
a0:e1:81:2a:38:3a:06:c0:c1:03:e6:16:01:79:ea:c2:bb:a7:
3b:0e:f3:f7:d6:31:8e:01:03:f3:14:47:6f:59:08:b6:64:0d:
fe:1f:c8:91:37:95:f1:14:f6:05:e2:bb:d0:ef:ac:70:51:8e:
b2:a1:7e:00:00:77:75:6d:ac:91:28:81:7c:e6:32:21:65:f2:
9f:60:3a:89
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKKjiw8Qp/yVvfq4OUBm6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTM4NDIwOWM3M2VmNDFjNTZiYjcyOWJmNDc0MGEyNjlhOTllYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYQvyengnbJVQP/YBk14GAbT1TUq
6nKdaUA9WFrzCOaIZNKqlclWRLz3lblKIb1uwN7vPICNHEtWywQOCjqMnH0TYwde
OYFI2HUuv+/IesKhxw2lJxiS/R+qjbGoF7HH9xirfDNT4xpk8pT5gwt6NQH8/kQK
mhM/ufLgIViOXeFpCokc2hCktIwVcZQF3eIqogUEXnGT3vB6ldg67u1j9NHvXrwD
fsngjao/aOv0LMGUneoOQB6YK09uSt2xkJYQ2qCTeScnVG9AMIGurp2E7Pmb59YF
zbWkK7+pfMZuHRbmgwGaldVV0Yz2CIAhsQ2KvGF5Qo8IrNXMqdYr+OZRtQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFME4QgnHPvQcVrtym/R0Ciaames8MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvd1RoQ0NjYy05QnhXdTNLYjlIUUtKcHFaNnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKw3RQD
BAKw3RgwDQYJKoZIhvcNAQELBQADggEBAFhPnFUFyre+EHXE9yGOGte+jxi6GKRy
dVv5u67jq1/4nkEZUhqoG5kqdYEbOIML69dX6V8Z8pTkWpjuk6kEbKLwUY2cX6Sx
cjQ6ksv68p6rf9/iV3ABwV/Tl+EDTO8oFw/OiefgJPRBVwiqrfO5BeGvO7gaMZDo
8Ih9FKlnnoj1rdmDLBdUCwiiEiO9BarIljA4R2uQpbIrfTHDWkn1num4s/wSdKH8
D22lNPDEKF8/LaeU5aDhgSo4OgbAwQPmFgF56sK7pzsO8/fWMY4BA/MUR29ZCLZk
Df4fyJE3lfEU9gXiu9DvrHBRjrKhfgAAd3VtrJEogXzmMiFl8p9gOok=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:31 2025 by rpki-client