Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/wcVl30ZLLoLnoOb0LVTaQxXR0Ts.roa
File: wcVl30ZLLoLnoOb0LVTaQxXR0Ts.roa (raw, json)
Hash identifier: dNRLkbkwXyOQzFJc7pZXooPQigK0mjK/xe2jbf1/WjA=
Subject key identifier: C1:C5:65:DF:46:4B:2E:82:E7:A0:E6:F4:2D:54:DA:43:15:D1:D1:3B
Certificate issuer: /CN=b1e8cf7386200dfda9b067db9c77d30660d74cda
Certificate serial: 018CCA2A4FC1F2FA596351684F74B08D40F2
Authority key identifier: B1:E8:CF:73:86:20:0D:FD:A9:B0:67:DB:9C:77:D3:06:60:D7:4C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sejPc4YgDf2psGfbnHfTBmDXTNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/wcVl30ZLLoLnoOb0LVTaQxXR0Ts.roa
Signing time: Tue 02 Jan 2024 12:33:39 +0000
ROA not before: Tue 02 Jan 2024 12:33:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12384
IP address blocks: 185.173.196.0/22 maxlen: 22
77.235.224.0/19 maxlen: 19
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:4f:c1:f2:fa:59:63:51:68:4f:74:b0:8d:40:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1e8cf7386200dfda9b067db9c77d30660d74cda
Validity
Not Before: Jan 2 12:33:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1c565df464b2e82e7a0e6f42d54da4315d1d13b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:dc:1a:46:b1:58:21:b2:3c:af:40:7a:43:f7:
c8:92:ee:3e:6c:fa:61:d4:f6:a2:d7:02:d6:14:22:
4b:6d:8f:a1:3f:c8:ac:16:75:9d:7c:c5:3d:ba:30:
ad:1f:e0:23:8b:86:60:f0:25:61:95:61:ef:d7:91:
b9:e9:8f:d8:bc:57:51:6c:b6:a0:4f:36:0f:75:61:
d8:8a:70:31:8e:f1:d8:2d:2d:01:e6:2e:d4:25:74:
d9:5d:63:fc:c5:e6:d8:f3:a2:9b:0e:32:62:10:e5:
20:9d:5f:e5:a3:e1:5d:1e:0f:1c:16:0c:1d:be:79:
df:1e:7a:d1:67:64:b2:aa:45:f4:8d:2f:96:63:9f:
53:fb:f5:1b:cb:3c:63:b3:a6:c0:84:30:df:34:1f:
a4:b8:de:75:9a:44:cf:62:54:61:95:f0:f4:71:8a:
0e:ae:9a:c1:0d:bf:a5:d9:da:40:7c:c6:f3:bf:9b:
fd:4d:49:67:49:a3:01:06:51:2c:47:3d:cf:5e:12:
3b:fd:00:eb:d2:b1:b6:37:d4:b1:82:9e:20:05:97:
3e:74:ba:6b:b1:98:f2:87:34:bb:13:cb:da:1b:f1:
3d:92:af:82:ac:bf:19:d1:b4:67:91:ba:2f:a8:76:
65:4c:7d:b5:95:d3:02:a8:fd:38:44:a8:61:fa:14:
df:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C5:65:DF:46:4B:2E:82:E7:A0:E6:F4:2D:54:DA:43:15:D1:D1:3B
X509v3 Authority Key Identifier:
keyid:B1:E8:CF:73:86:20:0D:FD:A9:B0:67:DB:9C:77:D3:06:60:D7:4C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sejPc4YgDf2psGfbnHfTBmDXTNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/wcVl30ZLLoLnoOb0LVTaQxXR0Ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/sejPc4YgDf2psGfbnHfTBmDXTNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.235.224.0/19
185.173.196.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:4e:61:ea:41:ca:b0:cf:38:7e:db:d8:3c:af:df:98:77:13:
be:5f:74:e5:c2:3c:ad:ed:87:45:2f:0c:c8:d1:7a:f0:db:54:
9d:d9:b5:32:68:bf:ea:c8:9d:2d:e9:b8:20:ec:c0:8b:f3:1e:
80:5e:96:58:16:36:05:f4:c5:95:0c:5b:6e:f0:23:37:65:61:
ac:37:cf:f3:a3:9a:41:f6:dd:78:6e:6a:93:7a:43:ec:6f:81:
b4:c2:3a:ac:a5:9f:60:de:50:b9:cf:a1:c2:4c:ae:f2:fb:33:
00:d1:84:3d:59:a2:65:90:40:84:ce:e0:cc:40:7a:10:e1:34:
b2:01:19:58:84:b9:17:4c:83:04:66:bc:68:1c:74:6c:e7:2c:
f5:36:63:5b:a1:2f:71:98:f3:dd:e6:f2:bb:5d:5f:c7:ca:10:
1a:cf:3a:c2:8b:63:42:05:cb:8f:96:e4:06:b4:1b:b1:23:9f:
ae:2f:ef:b8:e0:bd:6a:46:36:7a:78:03:be:8f:64:e7:2c:b6:
f7:0b:65:4a:40:b3:c3:2e:15:01:97:79:80:29:e4:07:67:89:
21:16:c9:b5:c1:cb:66:e7:3b:c5:f2:b9:99:4b:f7:7b:a9:88:
2f:28:22:5c:8f:ca:2b:58:07:03:0f:d1:e4:3d:7b:50:80:87:
68:e4:46:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKk/B8vpZY1FoT3SwjUDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZThjZjczODYyMDBkZmRhOWIwNjdkYjljNzdkMzA2NjBk
NzRjZGEwHhcNMjQwMTAyMTIzMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWM1NjVkZjQ2NGIyZTgyZTdhMGU2ZjQyZDU0ZGE0MzE1ZDFkMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtwaRrFYIbI8r0B6Q/fIku4+bPph
1Pai1wLWFCJLbY+hP8isFnWdfMU9ujCtH+Aji4Zg8CVhlWHv15G56Y/YvFdRbLag
TzYPdWHYinAxjvHYLS0B5i7UJXTZXWP8xebY86KbDjJiEOUgnV/lo+FdHg8cFgwd
vnnfHnrRZ2SyqkX0jS+WY59T+/Ubyzxjs6bAhDDfNB+kuN51mkTPYlRhlfD0cYoO
rprBDb+l2dpAfMbzv5v9TUlnSaMBBlEsRz3PXhI7/QDr0rG2N9Sxgp4gBZc+dLpr
sZjyhzS7E8vaG/E9kq+CrL8Z0bRnkbovqHZlTH21ldMCqP04RKhh+hTfRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMHFZd9GSy6C56Dm9C1U2kMV0dE7MB8GA1UdIwQY
MBaAFLHoz3OGIA39qbBn25x30wZg10zaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2VqUGM0WWdEZjJwc0dmYm5IZlRCbURYVE5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mNDk5Y2QtZmFkNi00ZmIwLTliZTct
NGE3OTA0ZmZjOGUxLzEvd2NWbDMwWkxMb0xub09iMExWVGFReFhSMFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mNDk5Y2QtZmFkNi00ZmIwLTliZTctNGE3OTA0ZmZjOGUx
LzEvc2VqUGM0WWdEZjJwc0dmYm5IZlRCbURYVE5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFTevgAwQC
ua3EMA0GCSqGSIb3DQEBCwUAA4IBAQBvTmHqQcqwzzh+29g8r9+YdxO+X3Tlwjyt
7YdFLwzI0Xrw21Sd2bUyaL/qyJ0t6bgg7MCL8x6AXpZYFjYF9MWVDFtu8CM3ZWGs
N8/zo5pB9t14bmqTekPsb4G0wjqspZ9g3lC5z6HCTK7y+zMA0YQ9WaJlkECEzuDM
QHoQ4TSyARlYhLkXTIMEZrxoHHRs5yz1NmNboS9xmPPd5vK7XV/HyhAazzrCi2NC
BcuPluQGtBuxI5+uL++44L1qRjZ6eAO+j2TnLLb3C2VKQLPDLhUBl3mAKeQHZ4kh
Fsm1wctm5zvF8rmZS/d7qYgvKCJcj8orWAcDD9HkPXtQgIdo5EYT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:52 2025 by rpki-client