Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/WtUFPGYOxFVUpWoWQOTCxf4RGgY.roa
File: WtUFPGYOxFVUpWoWQOTCxf4RGgY.roa (raw, json)
Hash identifier: wRFvb5DRaLjyB1D0SeKt3cT6oc1dZ4IblGB5kqmyjag=
Subject key identifier: 5A:D5:05:3C:66:0E:C4:55:54:A5:6A:16:40:E4:C2:C5:FE:11:1A:06
Certificate issuer: /CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Certificate serial: 01942521461820C2847A7B95CFBB750422A2
Authority key identifier: B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/WtUFPGYOxFVUpWoWQOTCxf4RGgY.roa
Signing time: Thu 02 Jan 2025 03:48:45 +0000
ROA not before: Thu 02 Jan 2025 03:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40964
IP address blocks: 89.107.134.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 20 Jan 2025 22:09:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:46:18:20:c2:84:7a:7b:95:cf:bb:75:04:22:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Validity
Not Before: Jan 2 03:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ad5053c660ec45554a56a1640e4c2c5fe111a06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:dd:c6:6e:99:30:68:9e:33:92:8c:97:e6:6d:
15:ba:82:62:8c:02:3d:f8:b2:2e:67:9c:d9:e9:b5:
88:46:4c:5c:76:98:da:81:95:30:91:8a:e7:59:98:
47:13:09:14:7c:3f:f5:b0:ad:49:f6:31:27:f3:ad:
c5:6c:73:4e:6c:7e:d9:85:c2:73:5f:63:e3:fb:a0:
53:fd:a4:cd:ae:d2:19:ca:ca:29:a7:f4:bc:2b:a4:
93:62:05:2f:cf:5c:33:87:f0:da:c8:97:a6:8c:aa:
7e:41:72:7e:a9:81:df:2b:ca:a6:af:1b:f1:27:92:
63:3f:e1:51:ff:3f:23:78:f3:b5:b2:fb:0f:8d:d0:
dd:78:ac:25:0f:6d:88:47:ac:22:fc:7f:a1:c5:c8:
9e:1d:af:62:92:b0:8b:54:19:ad:ac:54:ed:c0:bd:
1d:16:88:82:6a:93:07:56:b6:c8:88:b6:8f:aa:17:
7b:36:8b:f7:fd:4b:42:65:8f:db:07:df:00:73:e2:
e4:e1:1c:fb:eb:6d:8d:49:f8:c3:f1:3b:31:0a:bd:
ee:2f:0f:20:e8:59:79:f0:4e:b7:d9:14:a3:5c:d1:
5a:a2:3c:93:eb:58:0a:26:6b:b4:0d:5a:ba:9b:e8:
9d:ef:81:41:22:e9:fb:bc:d4:84:9c:bc:13:9a:d6:
d8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D5:05:3C:66:0E:C4:55:54:A5:6A:16:40:E4:C2:C5:FE:11:1A:06
X509v3 Authority Key Identifier:
keyid:B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/WtUFPGYOxFVUpWoWQOTCxf4RGgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.134.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:c7:23:9f:9c:4b:02:d6:4a:15:49:67:42:0f:95:0a:38:48:
7a:71:d6:6e:13:50:32:5d:68:66:3d:13:be:c3:4d:a4:f7:e8:
ae:b0:50:e1:d7:52:68:e8:88:60:48:f3:85:31:d1:7e:5e:73:
0c:19:85:97:23:a9:1a:2c:7b:3f:2e:ba:ea:06:99:8f:51:b5:
06:5c:e6:a0:58:2b:45:3e:13:89:74:67:f5:b0:7d:3b:7e:18:
43:a3:e5:57:74:57:03:12:06:84:c4:70:d5:c7:81:e0:83:58:
79:1d:9a:81:3d:91:92:aa:4d:de:c4:cf:87:c1:be:f6:b7:9e:
f5:8a:b3:e8:f7:55:ca:dd:36:c4:e7:74:f4:f2:01:fc:b4:3f:
d6:54:cc:25:df:75:d9:d7:f6:97:fb:73:21:90:e4:0f:27:8a:
78:63:2c:41:2a:05:79:50:01:d2:e3:98:d0:66:a7:b7:14:6b:
67:bb:3c:6b:4b:75:57:d5:02:a4:b2:c4:46:ff:13:72:e3:75:
15:31:8d:5b:c6:5a:c0:76:fb:de:9a:04:9c:4b:f5:09:b5:59:
db:32:e2:05:bf:c7:4a:7f:85:99:96:ed:86:cc:6b:d7:de:ad:
dd:b8:68:ac:35:72:1d:a2:95:70:a1:bb:c6:5c:ad:af:43:da:
53:0e:2d:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIUYYIMKEenuVz7t1BCKiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQzNWNjZmY2YzJiODZhMWZhZDhmMTAzYmMyMDA3MGQw
OWU1MGQwHhcNMjUwMTAyMDM0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWQ1MDUzYzY2MGVjNDU1NTRhNTZhMTY0MGU0YzJjNWZlMTExYTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArd3GbpkwaJ4zkoyX5m0VuoJijAI9
+LIuZ5zZ6bWIRkxcdpjagZUwkYrnWZhHEwkUfD/1sK1J9jEn863FbHNObH7ZhcJz
X2Pj+6BT/aTNrtIZysopp/S8K6STYgUvz1wzh/DayJemjKp+QXJ+qYHfK8qmrxvx
J5JjP+FR/z8jePO1svsPjdDdeKwlD22IR6wi/H+hxcieHa9ikrCLVBmtrFTtwL0d
FoiCapMHVrbIiLaPqhd7Nov3/UtCZY/bB98Ac+Lk4Rz7622NSfjD8TsxCr3uLw8g
6Fl58E632RSjXNFaojyT61gKJmu0DVq6m+id74FBIun7vNSEnLwTmtbY3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFrVBTxmDsRVVKVqFkDkwsX+ERoGMB8GA1UdIwQY
MBaAFLPdNcz/bCuGofrY8QO8IAcNCeUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEt
MmIxMDUwNTFiYTU5LzEvV3RVRlBHWU94RlZVcFdvV1FPVEN4ZjRSR2dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEtMmIxMDUwNTFiYTU5
LzEvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWWuGMA0G
CSqGSIb3DQEBCwUAA4IBAQA6xyOfnEsC1koVSWdCD5UKOEh6cdZuE1AyXWhmPRO+
w02k9+iusFDh11Jo6IhgSPOFMdF+XnMMGYWXI6kaLHs/LrrqBpmPUbUGXOagWCtF
PhOJdGf1sH07fhhDo+VXdFcDEgaExHDVx4Hgg1h5HZqBPZGSqk3exM+Hwb72t571
irPo91XK3TbE53T08gH8tD/WVMwl33XZ1/aX+3MhkOQPJ4p4YyxBKgV5UAHS45jQ
Zqe3FGtnuzxrS3VX1QKkssRG/xNy43UVMY1bxlrAdvvemgScS/UJtVnbMuIFv8dK
f4WZlu2GzGvX3q3duGisNXIdopVwobvGXK2vQ9pTDi00
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:39:20 2025 by rpki-client