Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/wqK3FOzJ1TS01XVGxDFeoBFE4I4.roa
File: wqK3FOzJ1TS01XVGxDFeoBFE4I4.roa (raw, json)
Hash identifier: RLgg0bpypFuMrpRUFWPxvPw5NCUNokCtUyTAA/Pl8N0=
Subject key identifier: C2:A2:B7:14:EC:C9:D5:34:B4:D5:75:46:C4:31:5E:A0:11:44:E0:8E
Certificate issuer: /CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Certificate serial: 018CC94AB8BC6CC804F814144CEE0C0D3894
Authority key identifier: 5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/wqK3FOzJ1TS01XVGxDFeoBFE4I4.roa
Signing time: Tue 02 Jan 2024 08:29:26 +0000
ROA not before: Tue 02 Jan 2024 08:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39235
IP address blocks: 77.95.192.0/21 maxlen: 21
80.251.240.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 10 Dec 2024 11:03:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:b8:bc:6c:c8:04:f8:14:14:4c:ee:0c:0d:38:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Validity
Not Before: Jan 2 08:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2a2b714ecc9d534b4d57546c4315ea01144e08e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:94:7b:06:86:04:e6:03:70:d0:9c:f2:cb:7e:
e4:85:9c:8f:01:c0:45:30:89:99:ae:81:fa:7b:4f:
51:1b:89:6a:f4:6a:31:e1:a7:8d:18:ac:b3:43:ce:
f6:0b:14:75:a7:70:ac:58:c0:11:22:b2:06:e2:99:
ce:bb:73:af:16:61:7f:80:49:ea:c8:96:d8:3c:a8:
10:1d:11:8d:fa:18:cd:6b:91:8a:0b:95:c8:51:5b:
ab:5f:7d:80:7d:51:3c:78:6d:14:f2:af:45:96:32:
f9:ba:ce:c6:80:dc:02:c9:b0:55:dc:8c:a6:71:65:
89:44:bf:42:6a:e3:79:ce:57:49:b8:3a:fd:2f:1b:
7b:ec:3d:48:39:15:d4:b0:ee:c2:61:2f:78:1c:16:
7c:5a:bb:18:60:c7:98:98:b8:2f:52:64:9b:00:67:
f3:23:50:6e:cf:14:e3:9e:0d:8b:47:51:a9:1e:63:
5b:ac:13:e4:22:37:c1:ee:84:7d:f7:34:13:23:5f:
3f:39:cf:2f:0c:82:12:07:59:98:3e:fa:c9:c9:26:
c2:54:75:e5:1c:a1:6e:dd:08:ba:6f:e1:30:fa:c7:
a2:04:08:08:9f:d9:ae:49:cb:c1:be:d0:22:b3:e2:
73:9d:2b:95:45:72:08:18:3d:6c:7b:46:e3:06:29:
b6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:A2:B7:14:EC:C9:D5:34:B4:D5:75:46:C4:31:5E:A0:11:44:E0:8E
X509v3 Authority Key Identifier:
keyid:5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/wqK3FOzJ1TS01XVGxDFeoBFE4I4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/XTnRW9L8yEdxumqimqVEKLIc72A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.192.0/21
80.251.240.0/20
Signature Algorithm: sha256WithRSAEncryption
2d:5b:4f:ca:a7:d5:38:7e:fb:c0:68:8d:db:60:3e:f5:80:30:
34:2b:97:2a:8e:7a:0f:97:ea:ee:21:be:76:4c:51:00:c2:ba:
73:4f:31:d9:40:88:a6:43:52:91:12:64:86:89:f2:b9:23:36:
78:f0:74:15:63:b4:23:b0:7c:70:6e:08:56:7b:15:b6:b5:59:
eb:6c:d9:16:ad:1e:92:d5:ec:b6:67:5a:83:83:de:eb:8b:93:
44:aa:69:17:fc:bc:26:99:3e:82:cf:17:19:23:51:67:3d:1a:
d1:32:4e:ea:86:bb:1d:8f:17:d5:95:e9:15:5e:7f:e5:34:c3:
5a:38:99:5d:e2:8a:42:49:6b:ec:2c:f2:ce:92:3c:f3:05:ed:
81:ac:ce:e9:38:e6:4f:aa:7f:03:bf:4e:1e:60:43:38:33:2b:
65:48:a6:cb:18:ed:5c:06:7d:95:d1:92:5a:c6:84:03:1f:5f:
8e:03:56:19:e1:87:43:95:43:64:01:dd:cd:fe:10:15:b3:60:
4e:b4:5c:b6:01:0d:71:e9:40:e8:14:53:a0:29:97:6c:c0:86:
6f:e1:3c:db:9b:7f:d8:de:4f:51:e9:01:f6:97:88:fe:15:6b:
df:66:dd:bf:05:4d:5c:bb:c0:7e:e0:58:a9:a9:55:6e:c4:43:
6d:24:16:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJSri8bMgE+BQUTO4MDTiUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzlkMTViZDJmY2M4NDc3MWJhNmFhMjlhYTU0NDI4YjIx
Y2VmNjAwHhcNMjQwMTAyMDgyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmEyYjcxNGVjYzlkNTM0YjRkNTc1NDZjNDMxNWVhMDExNDRlMDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5R7BoYE5gNw0Jzyy37khZyPAcBF
MImZroH6e09RG4lq9Gox4aeNGKyzQ872CxR1p3CsWMARIrIG4pnOu3OvFmF/gEnq
yJbYPKgQHRGN+hjNa5GKC5XIUVurX32AfVE8eG0U8q9FljL5us7GgNwCybBV3Iym
cWWJRL9CauN5zldJuDr9Lxt77D1IORXUsO7CYS94HBZ8WrsYYMeYmLgvUmSbAGfz
I1BuzxTjng2LR1GpHmNbrBPkIjfB7oR99zQTI18/Oc8vDIISB1mYPvrJySbCVHXl
HKFu3Qi6b+Ew+seiBAgIn9muScvBvtAis+JznSuVRXIIGD1se0bjBim2NwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMKitxTsydU0tNV1RsQxXqARROCOMB8GA1UdIwQY
MBaAFF050VvS/MhHcbpqopqlRCiyHO9gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAt
YzI5YjQ0ZGU1M2E4LzEvd3FLM0ZPekoxVFMwMVhWR3hERmVvQkZFNEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAtYzI5YjQ0ZGU1M2E4
LzEvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTV/AAwQE
UPvwMA0GCSqGSIb3DQEBCwUAA4IBAQAtW0/Kp9U4fvvAaI3bYD71gDA0K5cqjnoP
l+ruIb52TFEAwrpzTzHZQIimQ1KREmSGifK5IzZ48HQVY7QjsHxwbghWexW2tVnr
bNkWrR6S1ey2Z1qDg97ri5NEqmkX/LwmmT6CzxcZI1FnPRrRMk7qhrsdjxfVlekV
Xn/lNMNaOJld4opCSWvsLPLOkjzzBe2BrM7pOOZPqn8Dv04eYEM4MytlSKbLGO1c
Bn2V0ZJaxoQDH1+OA1YZ4YdDlUNkAd3N/hAVs2BOtFy2AQ1x6UDoFFOgKZdswIZv
4Tzbm3/Y3k9R6QH2l4j+FWvfZt2/BU1cu8B+4FipqVVuxENtJBY+
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:55 2025 by rpki-client