Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/86cc47-f0c0-473a-b11b-f5c09ff38a00/1/W0rGtsHSbD1y10TcVpfeSn3yCFE.roa
File: W0rGtsHSbD1y10TcVpfeSn3yCFE.roa (raw, json)
Hash identifier: gDwF2oj/O+KNG+IEqmR0mtQ9RcIHRGT8mTdMfBqV8hw=
Subject key identifier: 5B:4A:C6:B6:C1:D2:6C:3D:72:D7:44:DC:56:97:DE:4A:7D:F2:08:51
Certificate issuer: /CN=e7cc8626138bf1e9cb3fd1fec26c68c4a634096b
Certificate serial: 018CC3494D772289403DF0A2B325B25CB8E7
Authority key identifier: E7:CC:86:26:13:8B:F1:E9:CB:3F:D1:FE:C2:6C:68:C4:A6:34:09:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/58yGJhOL8enLP9H-wmxoxKY0CWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/86cc47-f0c0-473a-b11b-f5c09ff38a00/1/W0rGtsHSbD1y10TcVpfeSn3yCFE.roa
Signing time: Mon 01 Jan 2024 04:30:10 +0000
ROA not before: Mon 01 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199424
IP address blocks: 195.2.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4d:77:22:89:40:3d:f0:a2:b3:25:b2:5c:b8:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cc8626138bf1e9cb3fd1fec26c68c4a634096b
Validity
Not Before: Jan 1 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b4ac6b6c1d26c3d72d744dc5697de4a7df20851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:84:6e:2d:3d:5e:5a:bd:62:e1:f4:f0:e9:f2:
bc:6e:fa:db:7c:26:51:05:dc:91:73:a2:56:76:7f:
c3:b1:d1:be:cc:11:df:d6:cf:23:1d:2e:66:b5:68:
94:64:c2:29:c7:6a:d9:53:23:ca:39:86:52:60:b7:
b9:42:33:89:82:8c:9d:d8:e3:7c:4f:b9:da:8b:5d:
72:ec:80:fd:ab:f5:e8:51:d5:38:1b:c9:5a:e9:b2:
99:57:b5:a7:da:6b:3f:a5:18:c4:52:c9:ac:75:c8:
8c:6a:a5:b3:35:d2:8c:f6:da:37:f3:94:b9:60:f0:
9a:fc:18:dc:7b:3d:fa:b8:70:2a:98:12:a8:f9:5c:
73:56:4c:a7:ee:b7:f7:6a:d5:69:d0:42:e6:b2:2d:
00:69:42:ee:93:b9:a6:0a:5f:6d:a9:c8:dc:f0:52:
5b:32:3d:e7:aa:4b:a1:f4:58:67:a6:cf:7f:97:15:
a0:2a:c4:1f:22:c6:d5:0b:f8:56:16:6d:1b:2a:37:
e6:3d:84:5d:fd:c8:17:50:72:41:c1:e1:35:f8:d9:
8a:0f:96:bd:8c:0c:66:34:eb:a3:a8:ff:bc:b1:7c:
b8:28:de:ca:df:5b:38:48:81:46:e4:e9:51:ec:34:
c9:83:2f:a4:ce:44:c8:ef:4f:cd:08:63:bc:8a:a9:
a7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:4A:C6:B6:C1:D2:6C:3D:72:D7:44:DC:56:97:DE:4A:7D:F2:08:51
X509v3 Authority Key Identifier:
keyid:E7:CC:86:26:13:8B:F1:E9:CB:3F:D1:FE:C2:6C:68:C4:A6:34:09:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/58yGJhOL8enLP9H-wmxoxKY0CWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/86cc47-f0c0-473a-b11b-f5c09ff38a00/1/W0rGtsHSbD1y10TcVpfeSn3yCFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/86cc47-f0c0-473a-b11b-f5c09ff38a00/1/58yGJhOL8enLP9H-wmxoxKY0CWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.2.226.0/24
Signature Algorithm: sha256WithRSAEncryption
97:8d:09:ea:3d:f5:42:68:65:2c:40:30:8b:8e:97:80:8d:d7:
77:1c:6a:99:40:47:86:f5:47:f0:e3:f7:ca:bc:96:7f:ab:06:
d1:bb:c9:12:9e:66:3e:71:e8:3c:fd:e6:46:3b:46:91:51:3e:
a2:20:d3:59:58:79:d5:76:f1:6d:16:07:52:b6:66:91:7a:47:
f8:22:4a:12:07:97:a1:58:7b:78:57:2d:a2:0f:67:46:2a:9e:
2c:95:f1:a8:22:4c:91:3c:89:11:87:e5:20:ba:a4:0b:c1:8f:
02:a8:fb:08:b7:9a:4f:0c:ef:83:7a:76:75:a0:08:d1:6d:48:
af:97:1b:0c:f6:37:60:d7:39:d1:f6:10:9d:e3:5a:60:75:52:
41:67:32:63:39:4b:59:7d:01:99:f9:05:69:fa:b0:e0:30:0c:
80:95:d2:34:0f:89:dc:ff:03:c3:fa:7d:b5:96:09:05:4e:97:
90:8a:7f:d8:2b:d8:48:84:eb:12:50:dc:d4:14:97:ad:c6:9c:
96:30:a3:a0:52:d0:e1:c7:1a:34:33:d3:c8:c6:93:2d:b6:1c:
ff:7d:26:0c:b3:29:76:ee:91:8c:6f:eb:fc:80:bf:6c:7f:c1:
39:fe:72:3c:19:58:03:6a:3c:83:b8:0c:e4:26:ae:23:ba:4e:
c8:49:e2:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSU13IolAPfCisyWyXLjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2M4NjI2MTM4YmYxZTljYjNmZDFmZWMyNmM2OGM0YTYz
NDA5NmIwHhcNMjQwMTAxMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjRhYzZiNmMxZDI2YzNkNzJkNzQ0ZGM1Njk3ZGU0YTdkZjIwODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoRuLT1eWr1i4fTw6fK8bvrbfCZR
BdyRc6JWdn/DsdG+zBHf1s8jHS5mtWiUZMIpx2rZUyPKOYZSYLe5QjOJgoyd2ON8
T7nai11y7ID9q/XoUdU4G8la6bKZV7Wn2ms/pRjEUsmsdciMaqWzNdKM9to385S5
YPCa/Bjcez36uHAqmBKo+VxzVkyn7rf3atVp0ELmsi0AaULuk7mmCl9tqcjc8FJb
Mj3nqkuh9Fhnps9/lxWgKsQfIsbVC/hWFm0bKjfmPYRd/cgXUHJBweE1+NmKD5a9
jAxmNOujqP+8sXy4KN7K31s4SIFG5OlR7DTJgy+kzkTI70/NCGO8iqmn0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFtKxrbB0mw9ctdE3FaX3kp98ghRMB8GA1UdIwQY
MBaAFOfMhiYTi/Hpyz/R/sJsaMSmNAlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTh5R0poT0w4ZW5MUDlILXdteG94S1kwQ1dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny84NmNjNDctZjBjMC00NzNhLWIxMWIt
ZjVjMDlmZjM4YTAwLzEvVzByR3RzSFNiRDF5MTBUY1ZwZmVTbjN5Q0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny84NmNjNDctZjBjMC00NzNhLWIxMWItZjVjMDlmZjM4YTAw
LzEvNTh5R0poT0w4ZW5MUDlILXdteG94S1kwQ1dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwLiMA0G
CSqGSIb3DQEBCwUAA4IBAQCXjQnqPfVCaGUsQDCLjpeAjdd3HGqZQEeG9Ufw4/fK
vJZ/qwbRu8kSnmY+ceg8/eZGO0aRUT6iINNZWHnVdvFtFgdStmaRekf4IkoSB5eh
WHt4Vy2iD2dGKp4slfGoIkyRPIkRh+UguqQLwY8CqPsIt5pPDO+DenZ1oAjRbUiv
lxsM9jdg1znR9hCd41pgdVJBZzJjOUtZfQGZ+QVp+rDgMAyAldI0D4nc/wPD+n21
lgkFTpeQin/YK9hIhOsSUNzUFJetxpyWMKOgUtDhxxo0M9PIxpMtthz/fSYMsyl2
7pGMb+v8gL9sf8E5/nI8GVgDajyDuAzkJq4juk7ISeJb
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:32 2025 by rpki-client