Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/WITtAVLvfi234Mrxn3ca9Qjj4z8.roa
File: WITtAVLvfi234Mrxn3ca9Qjj4z8.roa (raw, json)
Hash identifier: 3DCfbY/oE474WHxt44Nr0/rMX0jKLCWVUPYnsCBRdDQ=
Subject key identifier: 58:84:ED:01:52:EF:7E:2D:B7:E0:CA:F1:9F:77:1A:F5:08:E3:E3:3F
Certificate issuer: /CN=9b759ec9ff54de03a7ff3a65edbb2e0758e6878c
Certificate serial: 018CC64ACA30AC5BFA4515180AE3499168C3
Authority key identifier: 9B:75:9E:C9:FF:54:DE:03:A7:FF:3A:65:ED:BB:2E:07:58:E6:87:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m3Weyf9U3gOn_zpl7bsuB1jmh4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/WITtAVLvfi234Mrxn3ca9Qjj4z8.roa
Signing time: Mon 01 Jan 2024 18:30:39 +0000
ROA not before: Mon 01 Jan 2024 18:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212727
IP address blocks: 164.153.132.0/24 maxlen: 24
164.153.134.0/24 maxlen: 24
164.153.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:ca:30:ac:5b:fa:45:15:18:0a:e3:49:91:68:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b759ec9ff54de03a7ff3a65edbb2e0758e6878c
Validity
Not Before: Jan 1 18:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5884ed0152ef7e2db7e0caf19f771af508e3e33f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:2e:d9:e5:11:1d:18:16:65:dd:4e:b6:91:67:
84:78:07:30:c1:ff:06:3e:a1:ff:ff:27:a9:45:cd:
a1:40:5f:d6:53:02:b7:1e:52:16:a5:2b:01:ca:e8:
f4:2f:2b:47:af:72:83:26:b4:55:fa:1e:ab:2a:77:
96:46:1b:0c:a5:1c:48:1a:3b:51:6c:ea:19:56:85:
ec:f3:76:fe:ee:be:a8:b0:69:d0:64:27:99:90:c0:
e8:0f:30:8d:f9:b8:46:ef:64:b4:f6:d2:31:35:85:
83:d7:fd:ff:22:2a:e4:b6:c8:e1:a0:43:0e:f0:74:
1c:e8:2b:6b:67:20:0c:6e:9f:26:33:d6:58:41:f7:
11:4f:f7:4b:9e:cf:f8:5c:b1:bf:31:25:52:1a:53:
c9:6e:a4:48:6b:b2:c6:c1:15:a5:eb:f8:28:61:4a:
83:21:c5:bb:13:7c:19:04:91:12:78:5b:54:ad:f8:
a8:1e:6f:16:51:09:f3:9b:5b:95:f3:04:a8:71:14:
73:8d:c4:7d:6a:40:93:8f:c0:50:99:f0:af:24:c7:
6a:cd:e4:12:a7:b3:12:fa:89:7e:94:e0:f3:27:54:
09:18:e8:f5:82:c4:1f:c3:2c:32:51:b4:2f:ce:fb:
9a:5a:53:0e:86:7d:4f:0d:41:bf:ac:86:3d:de:56:
f7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:84:ED:01:52:EF:7E:2D:B7:E0:CA:F1:9F:77:1A:F5:08:E3:E3:3F
X509v3 Authority Key Identifier:
keyid:9B:75:9E:C9:FF:54:DE:03:A7:FF:3A:65:ED:BB:2E:07:58:E6:87:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m3Weyf9U3gOn_zpl7bsuB1jmh4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/WITtAVLvfi234Mrxn3ca9Qjj4z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/m3Weyf9U3gOn_zpl7bsuB1jmh4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.153.132.0-164.153.134.255
Signature Algorithm: sha256WithRSAEncryption
46:52:37:c4:fc:2e:b2:be:c5:94:b4:bf:c6:8e:02:be:2c:49:
12:83:c1:0e:e5:28:4f:8d:93:4c:d1:f7:f6:ac:9a:d2:b1:6b:
02:1e:b2:77:57:f3:cc:6d:b6:05:6b:cb:c1:32:f3:0b:a4:f1:
71:92:35:fc:28:c4:cc:f4:5f:c8:dd:65:bd:54:72:67:2c:b4:
cc:8b:72:a8:4a:bb:8a:a3:13:80:be:a2:46:66:9f:e7:05:b4:
d4:09:fc:39:ea:41:f1:26:11:92:27:a0:52:8c:7f:d7:11:c3:
51:66:ee:c1:85:6c:c6:83:e8:41:50:a2:7e:3d:01:f9:0c:59:
55:6c:46:00:f9:bf:da:ef:6f:97:49:4a:ff:c9:06:65:3b:40:
21:ae:ee:77:2f:d7:7a:7b:eb:82:7b:1d:53:02:8d:1f:2c:f6:
2b:82:94:3b:d3:16:30:9a:5d:77:1d:d9:2b:09:89:29:c9:4f:
f1:2a:0f:c2:1c:35:3c:4c:a5:d7:d7:fd:16:24:63:d0:b0:08:
ed:20:0d:71:12:30:a6:c7:d5:dc:60:e5:57:c1:38:40:90:2a:
8b:0e:29:45:5c:30:27:bc:e2:0e:6e:0c:a2:01:45:af:fb:9b:
24:4f:b9:15:91:b0:07:a5:85:77:1b:33:81:b3:eb:9a:32:05:
9a:74:7f:5b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGSsowrFv6RRUYCuNJkWjDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNzU5ZWM5ZmY1NGRlMDNhN2ZmM2E2NWVkYmIyZTA3NThl
Njg3OGMwHhcNMjQwMTAxMTgzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODg0ZWQwMTUyZWY3ZTJkYjdlMGNhZjE5Zjc3MWFmNTA4ZTNlMzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8y7Z5REdGBZl3U62kWeEeAcwwf8G
PqH//yepRc2hQF/WUwK3HlIWpSsByuj0LytHr3KDJrRV+h6rKneWRhsMpRxIGjtR
bOoZVoXs83b+7r6osGnQZCeZkMDoDzCN+bhG72S09tIxNYWD1/3/IirktsjhoEMO
8HQc6CtrZyAMbp8mM9ZYQfcRT/dLns/4XLG/MSVSGlPJbqRIa7LGwRWl6/goYUqD
IcW7E3wZBJESeFtUrfioHm8WUQnzm1uV8wSocRRzjcR9akCTj8BQmfCvJMdqzeQS
p7MS+ol+lODzJ1QJGOj1gsQfwywyUbQvzvuaWlMOhn1PDUG/rIY93lb3aQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFiE7QFS734tt+DK8Z93GvUI4+M/MB8GA1UdIwQY
MBaAFJt1nsn/VN4Dp/86Ze27LgdY5oeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTNXZXlmOVUzZ09uX3pwbDdic3VCMWptaDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS81YWQ3M2ItZGIxNy00MzIyLWFkZTUt
YjlhOWQ4YWU5NDIxLzEvV0lUdEFWTHZmaTIzNE1yeG4zY2E5UWpqNHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS81YWQ3M2ItZGIxNy00MzIyLWFkZTUtYjlhOWQ4YWU5NDIx
LzEvbTNXZXlmOVUzZ09uX3pwbDdic3VCMWptaDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKkmYQD
BACkmYYwDQYJKoZIhvcNAQELBQADggEBAEZSN8T8LrK+xZS0v8aOAr4sSRKDwQ7l
KE+Nk0zR9/asmtKxawIesndX88xttgVry8Ey8wuk8XGSNfwoxMz0X8jdZb1Ucmcs
tMyLcqhKu4qjE4C+okZmn+cFtNQJ/DnqQfEmEZInoFKMf9cRw1Fm7sGFbMaD6EFQ
on49AfkMWVVsRgD5v9rvb5dJSv/JBmU7QCGu7ncv13p764J7HVMCjR8s9iuClDvT
FjCaXXcd2SsJiSnJT/EqD8IcNTxMpdfX/RYkY9CwCO0gDXESMKbH1dxg5VfBOECQ
KosOKUVcMCe84g5uDKIBRa/7myRPuRWRsAelhXcbM4Gz65oyBZp0f1s=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:04:42 2025 by rpki-client