Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/WHW0GxSdq8584vwdT4wH_YSSBLA.roa
File: WHW0GxSdq8584vwdT4wH_YSSBLA.roa (raw, json)
Hash identifier: x9MRlYppHjsXXo991GSODjbAPGHTO3cxMuPfv2yhdFA=
Subject key identifier: 58:75:B4:1B:14:9D:AB:CE:7C:E2:FC:1D:4F:8C:07:FD:84:92:04:B0
Certificate issuer: /CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Certificate serial: 019447C5975CE011CC96CBC4CDDB154C3B7A
Authority key identifier: 38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/WHW0GxSdq8584vwdT4wH_YSSBLA.roa
Signing time: Wed 08 Jan 2025 21:15:19 +0000
ROA not before: Wed 08 Jan 2025 21:15:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201148
IP address blocks: 5.63.19.0/24 maxlen: 24
2a13:3f40::/29 maxlen: 29
2a13:3f40:1000::/48 maxlen: 48
2a13:3f40:1001::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Jan 2025 15:15:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:47:c5:97:5c:e0:11:cc:96:cb:c4:cd:db:15:4c:3b:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Validity
Not Before: Jan 8 21:15:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5875b41b149dabce7ce2fc1d4f8c07fd849204b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1f:17:6e:f0:f7:24:2c:93:e6:65:3e:aa:c5:
31:9b:73:ae:71:31:1c:b6:57:ce:b5:65:60:37:a8:
eb:31:68:ba:79:c9:71:dc:29:e8:e0:68:ad:e9:4d:
5b:14:36:12:19:7b:ee:fc:43:e1:91:a2:d1:38:7d:
74:b3:34:45:73:70:c2:11:ab:ec:94:17:6a:7c:04:
05:41:d6:54:14:4a:d4:b1:39:e8:61:ad:de:c4:a8:
f7:ff:96:22:53:cd:8f:87:a2:38:01:dc:df:bc:d7:
04:f9:89:c2:57:3f:6b:af:3a:3b:57:6d:09:ad:18:
cb:1d:63:59:fe:9a:a2:62:75:19:5d:3d:b4:58:5c:
9d:d1:d1:25:7e:56:95:ea:c7:b2:03:be:5e:b9:b6:
f6:7b:b9:68:37:2a:e8:3e:9e:e1:e0:77:0f:cf:0c:
65:3e:32:90:21:cc:02:34:e5:e5:96:5c:8c:65:e7:
b4:e8:fc:a0:85:8b:1e:30:7c:0c:a4:66:77:69:c3:
1c:cf:07:31:38:08:2b:cd:96:d5:29:56:e0:b4:09:
23:56:60:5f:28:97:62:b4:6f:b7:fa:31:bc:fd:4f:
a9:56:91:c3:7a:39:ca:cb:0b:52:ea:06:4c:89:2f:
ae:36:de:5a:a8:51:f3:3f:93:e5:a6:29:1f:b6:97:
54:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:75:B4:1B:14:9D:AB:CE:7C:E2:FC:1D:4F:8C:07:FD:84:92:04:B0
X509v3 Authority Key Identifier:
keyid:38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/WHW0GxSdq8584vwdT4wH_YSSBLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.19.0/24
IPv6:
2a13:3f40::/29
Signature Algorithm: sha256WithRSAEncryption
91:1a:a9:66:ee:10:67:f3:e9:e8:8d:92:58:bb:82:76:4d:16:
db:57:31:8f:7a:c0:7e:8b:85:bb:01:a3:9d:7e:1d:05:0c:80:
7d:56:6b:b5:cc:ee:0e:7b:04:17:27:48:6c:85:71:f0:50:a1:
f4:01:d5:82:e9:22:b3:7b:d3:d2:f5:78:d2:c3:1d:6c:b7:7b:
fe:71:1f:5d:9a:73:b5:35:e8:0b:e4:78:41:59:6c:63:18:27:
d9:60:72:c9:fe:aa:08:e9:51:03:10:9c:d5:4a:a8:66:3f:f3:
f7:e9:e6:04:9a:63:e1:e9:9d:10:d9:5e:cf:92:49:a3:29:ed:
84:dc:a0:19:03:e4:8e:95:77:51:92:b9:5b:c5:f5:e1:b7:a6:
4f:c8:c6:79:11:d9:55:11:5c:65:02:b1:eb:6c:d9:66:13:f0:
1f:ad:6f:e4:ef:1d:bc:fb:49:fc:b7:7b:35:c0:b2:25:d0:01:
9a:7a:f9:7a:cb:3a:94:65:b2:4f:cc:6e:e9:bc:0a:b7:a4:a2:
c8:7a:cb:79:4e:5d:e8:92:a5:2f:98:9a:f7:0a:53:04:d9:14:
9c:ec:bd:17:d5:80:93:c9:37:bf:2f:f0:2f:89:71:3b:0d:c7:
11:aa:a9:4f:3d:dd:3d:0c:8f:ca:f9:02:a8:43:15:38:89:55:
dc:66:90:e6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZRHxZdc4BHMlsvEzdsVTDt6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmU1MzMwMzNiM2NlOTVlNDk3MmJmMjM4MmRkYWMyOTNj
MmRjMDEwHhcNMjUwMTA4MjExNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODc1YjQxYjE0OWRhYmNlN2NlMmZjMWQ0ZjhjMDdmZDg0OTIwNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmR8XbvD3JCyT5mU+qsUxm3OucTEc
tlfOtWVgN6jrMWi6eclx3Cno4Git6U1bFDYSGXvu/EPhkaLROH10szRFc3DCEavs
lBdqfAQFQdZUFErUsTnoYa3exKj3/5YiU82Ph6I4AdzfvNcE+YnCVz9rrzo7V20J
rRjLHWNZ/pqiYnUZXT20WFyd0dElflaV6seyA75eubb2e7loNyroPp7h4HcPzwxl
PjKQIcwCNOXlllyMZee06PyghYseMHwMpGZ3acMczwcxOAgrzZbVKVbgtAkjVmBf
KJditG+3+jG8/U+pVpHDejnKywtS6gZMiS+uNt5aqFHzP5PlpikftpdUaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFh1tBsUnavOfOL8HU+MB/2EkgSwMB8GA1UdIwQY
MBaAFDguUzAzs86V5Jcr8jgt2sKTwtwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQt
ZWFhMDkwNTE0YjUyLzEvV0hXMEd4U2RxODU4NHZ3ZFQ0d0hfWVNTQkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQtZWFhMDkwNTE0YjUy
LzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQABT8TMA0E
AgACMAcDBQMqEz9AMA0GCSqGSIb3DQEBCwUAA4IBAQCRGqlm7hBn8+nojZJYu4J2
TRbbVzGPesB+i4W7AaOdfh0FDIB9Vmu1zO4OewQXJ0hshXHwUKH0AdWC6SKze9PS
9XjSwx1st3v+cR9dmnO1NegL5HhBWWxjGCfZYHLJ/qoI6VEDEJzVSqhmP/P36eYE
mmPh6Z0Q2V7PkkmjKe2E3KAZA+SOlXdRkrlbxfXht6ZPyMZ5EdlVEVxlArHrbNlm
E/AfrW/k7x28+0n8t3s1wLIl0AGaevl6yzqUZbJPzG7pvAq3pKLIest5Tl3okqUv
mJr3ClME2RSc7L0X1YCTyTe/L/AviXE7DccRqqlPPd09DI/K+QKoQxU4iVXcZpDm
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:04:07 2025 by rpki-client