Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/Wo1SbWj4uIj2VYAk9L8zjvnKfYg.roa
File: Wo1SbWj4uIj2VYAk9L8zjvnKfYg.roa (raw, json)
Hash identifier: Isba/EFENs9w9xAI9cJ6bNzZvJSwvJZ/kezAG6TZI54=
Subject key identifier: 5A:8D:52:6D:68:F8:B8:88:F6:55:80:24:F4:BF:33:8E:F9:CA:7D:88
Certificate issuer: /CN=588b1024ea056e5ed498f6e9ddc20632bdf6c9c5
Certificate serial: 018CC56EF5E21379D0F98CB2B67B42B6DF55
Authority key identifier: 58:8B:10:24:EA:05:6E:5E:D4:98:F6:E9:DD:C2:06:32:BD:F6:C9:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIsQJOoFbl7UmPbp3cIGMr32ycU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/Wo1SbWj4uIj2VYAk9L8zjvnKfYg.roa
Signing time: Mon 01 Jan 2024 14:30:32 +0000
ROA not before: Mon 01 Jan 2024 14:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211094
IP address blocks: 185.240.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f5:e2:13:79:d0:f9:8c:b2:b6:7b:42:b6:df:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=588b1024ea056e5ed498f6e9ddc20632bdf6c9c5
Validity
Not Before: Jan 1 14:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a8d526d68f8b888f6558024f4bf338ef9ca7d88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:51:bf:81:66:f9:76:44:b9:cd:cd:95:b8:53:
96:1b:37:4d:9a:e3:1d:08:68:66:f2:0c:8d:3b:ec:
a7:c0:5d:66:6d:ef:92:d7:58:1c:e2:22:02:f1:15:
d4:f1:a8:af:74:c0:b6:2d:75:53:d2:f1:64:10:9d:
95:b3:bb:36:61:f2:b6:74:5c:d5:b5:cd:32:72:e8:
25:bf:d9:50:a6:cc:03:71:95:d9:8a:ca:bc:c8:aa:
eb:04:bc:b5:6d:c4:66:23:93:1b:3c:56:d4:f4:38:
25:fa:f4:b2:43:a0:d3:21:ef:46:8b:7e:a1:7b:cd:
87:30:ba:8b:3c:57:36:93:2c:5b:8f:06:11:f1:db:
2e:42:c7:d8:b5:10:8c:12:ea:78:b4:6c:96:75:6c:
34:2f:8d:91:a2:1a:4e:f4:9b:01:16:c0:1c:66:0a:
a6:da:2d:aa:ac:60:6c:ce:b3:31:d5:07:ab:76:ff:
34:2e:c9:94:47:bd:2f:10:de:58:f5:c8:a9:2b:d2:
7a:df:64:aa:2d:d7:3e:47:0b:2a:6a:46:2b:c7:14:
19:55:33:1c:6e:f0:1c:74:f3:97:c3:42:2f:f8:d5:
b8:17:f5:36:cf:f6:03:a2:c0:a9:2f:f7:c6:48:2d:
d7:3e:dc:75:43:c6:ad:68:b4:62:4e:85:77:fb:c3:
cf:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:8D:52:6D:68:F8:B8:88:F6:55:80:24:F4:BF:33:8E:F9:CA:7D:88
X509v3 Authority Key Identifier:
keyid:58:8B:10:24:EA:05:6E:5E:D4:98:F6:E9:DD:C2:06:32:BD:F6:C9:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIsQJOoFbl7UmPbp3cIGMr32ycU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/Wo1SbWj4uIj2VYAk9L8zjvnKfYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/WIsQJOoFbl7UmPbp3cIGMr32ycU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.240.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:3b:50:24:ab:5e:74:e3:a6:d3:45:80:79:ca:d6:69:b3:92:
51:aa:b5:f3:d8:c0:c4:81:b9:d4:87:53:3d:df:c2:b8:ca:ac:
1b:f2:77:33:c9:21:fa:b3:2c:4f:03:ae:34:71:2a:1d:ac:47:
fc:19:21:ba:df:78:8b:37:d0:21:e6:64:2a:43:1d:ee:59:1e:
84:28:1a:31:bd:fd:b8:ce:80:bc:48:4d:ec:c8:34:c9:06:bb:
65:53:8f:e5:31:fd:ee:af:a5:6e:ae:5c:93:dd:37:41:5d:4e:
1c:84:8c:4d:b1:64:2a:1a:7a:d6:87:2a:ae:e8:46:fd:f2:31:
b3:89:4d:ed:a0:62:09:78:69:9e:e8:13:5f:24:f8:0b:37:51:
3b:d8:1d:6d:b8:18:c0:36:60:a5:73:f9:e4:e5:28:31:e4:d9:
38:2b:df:7c:d8:11:d2:49:c4:8e:cc:12:a7:b0:96:9a:c0:1b:
b9:81:dd:92:e3:15:78:0b:23:bb:65:6c:ef:dd:1b:a7:c7:df:
e0:5a:1f:9e:7e:59:f8:cc:56:aa:82:f2:69:8f:e4:b1:17:0c:
1b:b2:2d:54:ef:2d:12:e2:d2:ba:b5:ab:06:fb:f9:3d:e6:c2:
44:6c:7c:4b:4b:0c:80:48:7c:14:34:94:19:8b:85:bd:68:6e:
81:8d:58:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbvXiE3nQ+YyytntCtt9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4OGIxMDI0ZWEwNTZlNWVkNDk4ZjZlOWRkYzIwNjMyYmRm
NmM5YzUwHhcNMjQwMTAxMTQzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YThkNTI2ZDY4ZjhiODg4ZjY1NTgwMjRmNGJmMzM4ZWY5Y2E3ZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulG/gWb5dkS5zc2VuFOWGzdNmuMd
CGhm8gyNO+ynwF1mbe+S11gc4iIC8RXU8aivdMC2LXVT0vFkEJ2Vs7s2YfK2dFzV
tc0ycuglv9lQpswDcZXZisq8yKrrBLy1bcRmI5MbPFbU9Dgl+vSyQ6DTIe9Gi36h
e82HMLqLPFc2kyxbjwYR8dsuQsfYtRCMEup4tGyWdWw0L42RohpO9JsBFsAcZgqm
2i2qrGBszrMx1Qerdv80LsmUR70vEN5Y9cipK9J632SqLdc+RwsqakYrxxQZVTMc
bvAcdPOXw0Iv+NW4F/U2z/YDosCpL/fGSC3XPtx1Q8ataLRiToV3+8PPjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqNUm1o+LiI9lWAJPS/M475yn2IMB8GA1UdIwQY
MBaAFFiLECTqBW5e1Jj26d3CBjK99snFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lzUUpPb0ZibDdVbVBicDNjSUdNcjMyeWNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9kMzRhNzQtZDdjZC00Zjk5LTg0Y2Qt
NTY2MjhhNDZkZjQwLzEvV28xU2JXajR1SWoyVllBazlMOHpqdm5LZllnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9kMzRhNzQtZDdjZC00Zjk5LTg0Y2QtNTY2MjhhNDZkZjQw
LzEvV0lzUUpPb0ZibDdVbVBicDNjSUdNcjMyeWNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufDwMA0G
CSqGSIb3DQEBCwUAA4IBAQA/O1Akq15046bTRYB5ytZps5JRqrXz2MDEgbnUh1M9
38K4yqwb8nczySH6syxPA640cSodrEf8GSG633iLN9Ah5mQqQx3uWR6EKBoxvf24
zoC8SE3syDTJBrtlU4/lMf3ur6VurlyT3TdBXU4chIxNsWQqGnrWhyqu6Eb98jGz
iU3toGIJeGme6BNfJPgLN1E72B1tuBjANmClc/nk5Sgx5Nk4K9982BHSScSOzBKn
sJaawBu5gd2S4xV4CyO7ZWzv3Runx9/gWh+efln4zFaqgvJpj+SxFwwbsi1U7y0S
4tK6tasG+/k95sJEbHxLSwyASHwUNJQZi4W9aG6BjVg5
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:50:42 2025 by rpki-client