Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/wgXW4wkodn_BFnqC9jH4tEFiaSs.roa
File: wgXW4wkodn_BFnqC9jH4tEFiaSs.roa (raw, json)
Hash identifier: opvZSyfmnwohB+7vMm6LivOLkFUDjaY3RbUaMyQLLXI=
Subject key identifier: C2:05:D6:E3:09:28:76:7F:C1:16:7A:82:F6:31:F8:B4:41:62:69:2B
Certificate issuer: /CN=408562e2b8961b22e29c762d6c990331ba36666f
Certificate serial: 0192D737E2F4E5BB4417E9A1B28A9F81E1DB
Authority key identifier: 40:85:62:E2:B8:96:1B:22:E2:9C:76:2D:6C:99:03:31:BA:36:66:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIVi4riWGyLinHYtbJkDMbo2Zm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/wgXW4wkodn_BFnqC9jH4tEFiaSs.roa
Signing time: Tue 29 Oct 2024 07:40:16 +0000
ROA not before: Tue 29 Oct 2024 07:40:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50795
IP address blocks: 185.83.80.0/22 maxlen: 22
185.83.80.0/23 maxlen: 23
185.83.80.0/24 maxlen: 24
185.83.81.0/24 maxlen: 24
185.83.82.0/23 maxlen: 23
185.83.82.0/24 maxlen: 24
185.83.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d7:37:e2:f4:e5:bb:44:17:e9:a1:b2:8a:9f:81:e1:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408562e2b8961b22e29c762d6c990331ba36666f
Validity
Not Before: Oct 29 07:40:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c205d6e30928767fc1167a82f631f8b44162692b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7b:8c:89:fd:99:1f:2b:69:34:2e:1e:74:a9:
18:f0:da:a3:f7:cc:f8:ac:f1:f6:05:c2:fc:07:9d:
55:c8:1a:0c:54:54:d0:6a:bb:65:3d:21:90:82:96:
3f:7d:bc:7b:0d:63:35:b6:f2:f3:1a:44:5b:87:93:
a2:2b:f5:60:81:35:ef:45:02:da:24:ed:45:fa:ab:
67:f3:b9:b2:6f:83:78:3d:79:26:7e:ac:82:01:aa:
72:58:55:40:42:bc:63:01:1b:e2:75:93:1d:0a:f8:
95:32:70:28:81:e9:37:f9:93:bf:2a:99:f0:58:08:
a2:4b:56:ae:2d:56:3d:71:39:82:00:7d:44:d9:59:
a9:b3:1a:64:ea:fb:80:7b:cc:48:fa:3e:08:12:d4:
6f:8d:75:1a:14:cf:70:2a:32:06:4f:51:9a:20:f3:
34:54:84:32:91:81:49:52:d4:ac:9f:cb:02:35:22:
79:ff:89:d3:b0:bc:d7:ca:4d:ac:10:99:8a:a9:2a:
95:69:c3:cb:11:83:6b:df:76:ce:01:12:88:fc:f7:
f9:6f:42:70:c3:ef:f5:2a:1d:f9:30:46:11:f0:c2:
58:9e:84:ff:8d:84:f4:9d:e5:5d:76:ea:58:9c:68:
c2:17:c1:68:28:44:ca:bb:ff:da:02:bf:cb:c8:3d:
d7:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:05:D6:E3:09:28:76:7F:C1:16:7A:82:F6:31:F8:B4:41:62:69:2B
X509v3 Authority Key Identifier:
keyid:40:85:62:E2:B8:96:1B:22:E2:9C:76:2D:6C:99:03:31:BA:36:66:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIVi4riWGyLinHYtbJkDMbo2Zm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/wgXW4wkodn_BFnqC9jH4tEFiaSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/QIVi4riWGyLinHYtbJkDMbo2Zm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.80.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:7e:f6:ef:15:17:5b:cf:d9:4e:72:1e:df:1f:56:ca:fb:ce:
44:7a:f6:d7:3e:13:12:9d:25:9e:44:74:c2:51:ac:29:d4:b5:
b5:9d:4c:25:8c:c2:ea:34:16:32:fc:5f:a8:44:88:43:6f:4c:
17:bc:b2:26:1e:00:34:0c:17:2c:59:a5:56:2d:35:46:80:cd:
a2:fd:b7:da:76:f0:73:d4:e5:36:25:21:3a:38:ee:42:10:05:
9a:1f:d7:a9:ed:f1:a4:11:35:c3:a4:f9:d2:79:f6:c1:be:a4:
0f:d3:70:61:82:4c:a1:ec:30:e5:66:50:62:0c:03:cd:8b:9a:
80:20:7e:19:72:41:23:b7:bf:ac:cb:85:40:44:81:85:81:61:
f7:a1:5f:48:94:d7:ab:cc:eb:89:4e:15:e9:0e:7a:43:f1:36:
53:d9:7e:e8:07:d3:66:fe:d0:8f:dd:22:28:f2:50:69:a8:3a:
f2:20:98:e3:05:9e:c8:19:54:ec:54:fa:d4:d0:c3:2b:c8:f8:
ce:a8:b0:ab:ae:7d:67:ce:ff:04:f0:ad:f9:50:d8:17:4a:2b:
69:ca:ec:57:4c:d3:40:a8:3d:83:c8:82:26:07:40:c7:67:e9:
f8:23:da:f3:d8:2d:28:d3:22:74:74:fc:84:47:c4:9a:38:00:
01:62:03:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLXN+L05btEF+mhsoqfgeHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODU2MmUyYjg5NjFiMjJlMjljNzYyZDZjOTkwMzMxYmEz
NjY2NmYwHhcNMjQxMDI5MDc0MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjA1ZDZlMzA5Mjg3NjdmYzExNjdhODJmNjMxZjhiNDQxNjI2OTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3uMif2ZHytpNC4edKkY8Nqj98z4
rPH2BcL8B51VyBoMVFTQartlPSGQgpY/fbx7DWM1tvLzGkRbh5OiK/VggTXvRQLa
JO1F+qtn87myb4N4PXkmfqyCAapyWFVAQrxjARvidZMdCviVMnAogek3+ZO/Kpnw
WAiiS1auLVY9cTmCAH1E2Vmpsxpk6vuAe8xI+j4IEtRvjXUaFM9wKjIGT1GaIPM0
VIQykYFJUtSsn8sCNSJ5/4nTsLzXyk2sEJmKqSqVacPLEYNr33bOARKI/Pf5b0Jw
w+/1Kh35MEYR8MJYnoT/jYT0neVddupYnGjCF8FoKETKu//aAr/LyD3XQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIF1uMJKHZ/wRZ6gvYx+LRBYmkrMB8GA1UdIwQY
MBaAFECFYuK4lhsi4px2LWyZAzG6NmZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlWaTRyaVdHeUxpbkhZdGJKa0RNYm8yWm04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81MmE2ZGUtNzIzMi00OWIxLTkxYzct
Y2ZkZmNkNGVlMGYyLzEvd2dYVzR3a29kbl9CRm5xQzlqSDR0RUZpYVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81MmE2ZGUtNzIzMi00OWIxLTkxYzctY2ZkZmNkNGVlMGYy
LzEvUUlWaTRyaVdHeUxpbkhZdGJKa0RNYm8yWm04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVNQMA0G
CSqGSIb3DQEBCwUAA4IBAQBrfvbvFRdbz9lOch7fH1bK+85EevbXPhMSnSWeRHTC
Uawp1LW1nUwljMLqNBYy/F+oRIhDb0wXvLImHgA0DBcsWaVWLTVGgM2i/bfadvBz
1OU2JSE6OO5CEAWaH9ep7fGkETXDpPnSefbBvqQP03Bhgkyh7DDlZlBiDAPNi5qA
IH4ZckEjt7+sy4VARIGFgWH3oV9IlNerzOuJThXpDnpD8TZT2X7oB9Nm/tCP3SIo
8lBpqDryIJjjBZ7IGVTsVPrU0MMryPjOqLCrrn1nzv8E8K35UNgXSitpyuxXTNNA
qD2DyIImB0DHZ+n4I9rz2C0o0yJ0dPyER8SaOAABYgMx
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:30 2025 by rpki-client