Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/wl2DfVzzQ5xRy-5N1yM5kvgypco.roa
File: wl2DfVzzQ5xRy-5N1yM5kvgypco.roa (raw, json)
Hash identifier: UoTSTqR/Xa7RbVUV7HsDrRCogTWRdt/FiES9SJocXWU=
Subject key identifier: C2:5D:83:7D:5C:F3:43:9C:51:CB:EE:4D:D7:23:39:92:F8:32:A5:CA
Certificate issuer: /CN=b8d251c4bfd526da062d4ce2af56b6e46e925117
Certificate serial: 018CC794753258BF1CACF8806FEA0AAE0A9E
Authority key identifier: B8:D2:51:C4:BF:D5:26:DA:06:2D:4C:E2:AF:56:B6:E4:6E:92:51:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uNJRxL_VJtoGLUzir1a25G6SURc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/wl2DfVzzQ5xRy-5N1yM5kvgypco.roa
Signing time: Tue 02 Jan 2024 00:30:44 +0000
ROA not before: Tue 02 Jan 2024 00:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 132.74.0.0/16 maxlen: 16
132.75.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:75:32:58:bf:1c:ac:f8:80:6f:ea:0a:ae:0a:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8d251c4bfd526da062d4ce2af56b6e46e925117
Validity
Not Before: Jan 2 00:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c25d837d5cf3439c51cbee4dd7233992f832a5ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6a:55:99:3e:66:c9:44:b5:46:ad:30:4a:bb:
f0:35:df:3c:c4:29:a8:c7:61:b0:17:c5:e7:6c:95:
6e:97:9a:ce:19:e3:ac:46:8a:a6:a8:8c:80:5f:de:
cd:c6:1a:0b:a8:7c:85:db:8e:53:41:f2:9f:e2:57:
0e:ce:85:a2:45:9b:86:9d:3f:5e:c2:d8:c1:6a:08:
54:2b:b0:65:4c:07:fd:d2:3e:0f:5d:31:1b:d7:4e:
2c:61:25:64:10:00:08:90:40:69:8a:14:1c:24:ad:
99:55:57:a4:88:40:25:59:75:f7:5a:c1:21:91:e2:
68:65:b4:d8:19:f9:c8:05:3d:3d:b4:be:3a:f6:c6:
7f:bd:f6:c6:85:41:3c:ef:7c:f1:d0:53:65:a8:94:
7a:fa:87:91:b8:7f:dd:ea:14:f5:2f:ab:b3:f8:03:
7e:27:d8:dc:99:1b:6c:6b:97:8f:5c:59:e0:54:a3:
30:c8:e6:86:c7:27:44:3f:d7:87:6b:42:8c:3a:6e:
e1:92:51:da:c8:7b:47:78:8d:f4:51:30:c8:cf:9f:
7d:72:26:c2:65:00:2a:23:c7:d4:cd:19:57:6c:5b:
da:cf:30:76:d5:44:c8:b0:f7:de:ec:55:1c:51:a8:
64:12:fa:f2:a2:10:1c:61:b6:df:e0:45:56:f9:b3:
88:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:5D:83:7D:5C:F3:43:9C:51:CB:EE:4D:D7:23:39:92:F8:32:A5:CA
X509v3 Authority Key Identifier:
keyid:B8:D2:51:C4:BF:D5:26:DA:06:2D:4C:E2:AF:56:B6:E4:6E:92:51:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uNJRxL_VJtoGLUzir1a25G6SURc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/wl2DfVzzQ5xRy-5N1yM5kvgypco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/uNJRxL_VJtoGLUzir1a25G6SURc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.74.0.0/15
Signature Algorithm: sha256WithRSAEncryption
58:16:2a:1f:4e:a8:45:df:70:8c:c3:d2:7a:10:c4:05:9c:c6:
13:4e:5d:91:b6:cd:d8:1d:eb:62:e3:13:c0:32:ba:84:f6:f7:
ef:71:7b:c7:15:4b:1f:70:83:33:e1:b1:0e:38:99:98:7f:29:
ec:fb:69:7f:fe:a4:36:e3:13:df:41:31:87:5f:20:21:51:ea:
c3:38:f2:13:41:68:22:6e:56:3c:58:64:b0:e5:6e:81:53:55:
7d:95:e2:d1:ab:39:a4:be:fa:d8:1e:c7:73:38:60:88:90:d1:
b6:d0:42:b7:15:e4:da:5d:2c:59:cf:31:93:3c:79:97:59:a9:
8e:6a:4d:ed:29:81:71:d9:57:04:52:c2:96:60:eb:48:4c:b9:
57:39:d5:72:25:b5:f7:13:5d:b8:b8:5a:3b:90:d1:c7:58:fe:
2a:dc:13:28:c7:83:0d:b5:11:06:1c:a8:f4:c7:15:e8:03:f6:
f4:0e:41:a5:d5:e0:f4:36:80:bf:89:b3:1c:5c:d9:2f:f4:a3:
36:e8:56:d1:3f:b2:aa:9d:0e:5e:46:52:64:02:2d:64:03:04:
cc:d7:47:49:09:46:60:76:00:93:c8:f8:49:6c:65:ee:f3:7d:
b2:6e:9d:24:4e:96:21:ba:89:fb:ab:15:c1:3a:b1:a1:1e:ef:
ba:78:45:eb
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzHlHUyWL8crPiAb+oKrgqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZDI1MWM0YmZkNTI2ZGEwNjJkNGNlMmFmNTZiNmU0NmU5
MjUxMTcwHhcNMjQwMTAyMDAzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjVkODM3ZDVjZjM0MzljNTFjYmVlNGRkNzIzMzk5MmY4MzJhNWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGpVmT5myUS1Rq0wSrvwNd88xCmo
x2GwF8XnbJVul5rOGeOsRoqmqIyAX97NxhoLqHyF245TQfKf4lcOzoWiRZuGnT9e
wtjBaghUK7BlTAf90j4PXTEb104sYSVkEAAIkEBpihQcJK2ZVVekiEAlWXX3WsEh
keJoZbTYGfnIBT09tL469sZ/vfbGhUE873zx0FNlqJR6+oeRuH/d6hT1L6uz+AN+
J9jcmRtsa5ePXFngVKMwyOaGxydEP9eHa0KMOm7hklHayHtHeI30UTDIz599cibC
ZQAqI8fUzRlXbFvazzB21UTIsPfe7FUcUahkEvryohAcYbbf4EVW+bOIcQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFMJdg31c80OcUcvuTdcjOZL4MqXKMB8GA1UdIwQY
MBaAFLjSUcS/1SbaBi1M4q9WtuRuklEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU5KUnhMX1ZKdG9HTFV6aXIxYTI1RzZTVVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MjE5NDEtZjUzYy00NDhmLWJkMzAt
NDJiM2Q2OGI1Njc2LzEvd2wyRGZWenpRNXhSeS01TjF5TTVrdmd5cGNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MjE5NDEtZjUzYy00NDhmLWJkMzAtNDJiM2Q2OGI1Njc2
LzEvdU5KUnhMX1ZKdG9HTFV6aXIxYTI1RzZTVVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEowDQYJ
KoZIhvcNAQELBQADggEBAFgWKh9OqEXfcIzD0noQxAWcxhNOXZG2zdgd62LjE8Ay
uoT29+9xe8cVSx9wgzPhsQ44mZh/Kez7aX/+pDbjE99BMYdfICFR6sM48hNBaCJu
VjxYZLDlboFTVX2V4tGrOaS++tgex3M4YIiQ0bbQQrcV5NpdLFnPMZM8eZdZqY5q
Te0pgXHZVwRSwpZg60hMuVc51XIltfcTXbi4WjuQ0cdY/ircEyjHgw21EQYcqPTH
FegD9vQOQaXV4PQ2gL+Jsxxc2S/0ozboVtE/sqqdDl5GUmQCLWQDBMzXR0kJRmB2
AJPI+ElsZe7zfbJunSROliG6ifurFcE6saEe77p4Res=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:54:14 2025 by rpki-client