Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/wF5SHYxxKr_U1nVO_VgzCwRfhqo.roa
File: wF5SHYxxKr_U1nVO_VgzCwRfhqo.roa (raw, json)
Hash identifier: gJQaWU/RKGR0c0Rxi3L9fGfy2ebEJaMCujD2f3fOeEE=
Subject key identifier: C0:5E:52:1D:8C:71:2A:BF:D4:D6:75:4E:FD:58:33:0B:04:5F:86:AA
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018CC7941BFB7C807795009FEA8D14F78F33
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/wF5SHYxxKr_U1nVO_VgzCwRfhqo.roa
Signing time: Tue 02 Jan 2024 00:30:21 +0000
ROA not before: Tue 02 Jan 2024 00:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51248
IP address blocks: 188.130.208.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:1b:fb:7c:80:77:95:00:9f:ea:8d:14:f7:8f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 00:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c05e521d8c712abfd4d6754efd58330b045f86aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7c:96:fa:f9:05:7f:bc:48:7a:6d:da:8c:3a:
5b:6c:88:4b:6f:a3:d6:23:fb:fe:66:f0:31:9b:56:
41:c4:3f:ed:49:0b:a9:32:b2:2f:c5:35:93:8f:31:
a2:f6:d5:53:b4:58:09:33:17:fc:d8:06:26:a2:b1:
c9:8d:7b:ec:a4:ba:32:a2:3a:e1:c8:27:2a:68:0a:
6d:18:06:5c:fa:1e:f0:a6:94:4f:64:39:18:ec:66:
73:d4:8c:41:69:27:d3:ff:c1:b1:71:41:19:a3:99:
ec:b6:b7:7e:31:e6:50:fe:3b:c7:7f:ea:c5:b7:ca:
19:bb:51:ff:cc:a3:fe:1e:36:05:e6:4c:c6:66:9a:
03:29:51:b0:a4:01:5e:ee:94:d7:6d:91:2e:30:de:
99:fe:54:59:45:65:92:7d:a3:71:f5:8a:13:97:9e:
76:74:bd:f9:8e:df:bb:2f:da:11:22:7b:c4:f0:82:
78:d4:47:3b:f8:eb:fe:1d:8d:97:74:ef:37:a2:32:
f4:fe:0f:b5:38:9f:45:8a:97:6d:3a:df:19:b9:ee:
1f:6c:27:46:fe:82:83:ca:60:71:ec:5e:21:57:1e:
4f:5b:8c:12:d1:6d:7e:fa:45:a2:d4:a2:73:00:84:
08:20:b4:bb:5f:80:73:88:7c:97:85:da:5d:04:d5:
3b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:5E:52:1D:8C:71:2A:BF:D4:D6:75:4E:FD:58:33:0B:04:5F:86:AA
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/wF5SHYxxKr_U1nVO_VgzCwRfhqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.208.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:87:31:ea:75:70:9e:68:15:58:5e:f8:bf:7e:05:14:f4:af:
50:f0:c8:91:d4:30:cc:3c:35:4c:69:1c:05:12:45:51:6b:dd:
c4:0c:33:ab:71:84:27:f8:a7:05:2f:20:35:c2:5c:3f:f9:8e:
1d:9d:ee:b7:9f:d5:a0:d3:aa:14:08:e2:c2:a2:c5:0f:94:36:
4a:e2:67:c3:84:66:21:9b:15:90:2d:9e:1c:68:9f:05:8e:5d:
78:cb:f7:78:00:45:fe:76:ca:b4:6b:41:e4:20:af:df:13:9b:
15:f6:13:0a:1b:2e:69:d7:4b:c5:f4:eb:3b:75:5a:68:04:09:
2b:cf:03:62:95:5d:2f:9c:53:c8:37:a3:23:b3:53:21:b7:e7:
6d:79:12:68:0c:44:e4:66:98:ca:64:2c:48:bb:3f:f9:15:69:
76:53:7a:8f:b0:14:5b:06:d3:06:c1:92:e3:a5:7e:87:35:02:
2e:28:9a:8b:2b:6f:09:41:d5:c5:9a:0e:53:78:03:e0:44:78:
7a:f5:71:ae:51:88:32:35:5f:02:c8:7a:ee:d0:bc:79:28:dd:
2a:41:05:f7:a4:fd:ef:31:3b:81:61:ea:ca:1e:2d:e5:97:ca:
9e:07:ab:fe:b7:cd:f0:d4:67:e4:3d:80:76:a0:f7:ef:1d:84:
cb:01:3c:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlBv7fIB3lQCf6o0U948zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMTAyMDAzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDVlNTIxZDhjNzEyYWJmZDRkNjc1NGVmZDU4MzMwYjA0NWY4NmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHyW+vkFf7xIem3ajDpbbIhLb6PW
I/v+ZvAxm1ZBxD/tSQupMrIvxTWTjzGi9tVTtFgJMxf82AYmorHJjXvspLoyojrh
yCcqaAptGAZc+h7wppRPZDkY7GZz1IxBaSfT/8GxcUEZo5nstrd+MeZQ/jvHf+rF
t8oZu1H/zKP+HjYF5kzGZpoDKVGwpAFe7pTXbZEuMN6Z/lRZRWWSfaNx9YoTl552
dL35jt+7L9oRInvE8IJ41Ec7+Ov+HY2XdO83ojL0/g+1OJ9FipdtOt8Zue4fbCdG
/oKDymBx7F4hVx5PW4wS0W1++kWi1KJzAIQIILS7X4BziHyXhdpdBNU7awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMBeUh2McSq/1NZ1Tv1YMwsEX4aqMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvd0Y1U0hZeHhLcl9VMW5WT19WZ3pDd1JmaHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvILQMA0G
CSqGSIb3DQEBCwUAA4IBAQCuhzHqdXCeaBVYXvi/fgUU9K9Q8MiR1DDMPDVMaRwF
EkVRa93EDDOrcYQn+KcFLyA1wlw/+Y4dne63n9Wg06oUCOLCosUPlDZK4mfDhGYh
mxWQLZ4caJ8Fjl14y/d4AEX+dsq0a0HkIK/fE5sV9hMKGy5p10vF9Os7dVpoBAkr
zwNilV0vnFPIN6Mjs1Mht+dteRJoDETkZpjKZCxIuz/5FWl2U3qPsBRbBtMGwZLj
pX6HNQIuKJqLK28JQdXFmg5TeAPgRHh69XGuUYgyNV8CyHru0Lx5KN0qQQX3pP3v
MTuBYerKHi3ll8qeB6v+t83w1GfkPYB2oPfvHYTLATwl
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:24:05 2025 by rpki-client