Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/wZdatKjUo_zaJdycMSWyDg1nBmw.roa
File: wZdatKjUo_zaJdycMSWyDg1nBmw.roa (raw, json)
Hash identifier: l51mxy5/uTJpBMUHfHYyXYSTVffp8sW2CclI3AaFSTU=
Subject key identifier: C1:97:5A:B4:A8:D4:A3:FC:DA:25:DC:9C:31:25:B2:0E:0D:67:06:6C
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 0192F86C52A3F10ED9642E7E15D950451E7D
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/wZdatKjUo_zaJdycMSWyDg1nBmw.roa
Signing time: Mon 04 Nov 2024 18:25:01 +0000
ROA not before: Mon 04 Nov 2024 18:25:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30738
IP address blocks: 188.130.182.0/24 maxlen: 24
195.211.52.0/22 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 27 Nov 2024 23:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f8:6c:52:a3:f1:0e:d9:64:2e:7e:15:d9:50:45:1e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Nov 4 18:25:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1975ab4a8d4a3fcda25dc9c3125b20e0d67066c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d5:62:b3:40:83:46:06:42:21:24:5b:d8:49:
f7:92:b7:e1:ff:bd:5c:87:d5:de:12:90:01:6d:95:
df:ad:11:fc:30:23:55:b3:6a:c7:4c:cc:55:94:8d:
1b:fa:3c:65:c8:74:9e:f4:3a:ca:08:c1:e5:ac:9f:
2d:19:66:d2:74:cf:26:ff:55:48:4a:21:39:24:1f:
b9:22:71:e6:d8:be:99:77:e6:d9:fb:9b:cf:87:9b:
4f:32:6d:ca:57:f9:f6:c9:4f:6f:2c:b0:90:82:18:
28:15:b5:09:a5:6a:33:91:5d:ba:53:08:f9:a3:f9:
ff:66:a4:2f:ee:22:9a:ae:44:fd:c4:3d:bc:07:53:
e4:0c:79:8b:22:e6:c2:81:df:ab:27:5d:43:6c:25:
02:ab:f1:57:bf:88:a4:ff:ba:8b:6e:41:cf:ac:2c:
17:01:9a:17:29:c5:bc:3f:7d:fe:6f:36:f1:18:73:
f6:6d:a0:b6:4f:be:8c:e9:db:b5:bd:18:4a:fd:1a:
d4:32:39:e8:04:f5:a3:ff:43:fc:38:43:ee:81:d7:
50:90:f5:18:f2:2d:31:57:e8:7d:d6:0f:08:5c:19:
50:2f:19:ce:62:73:cf:2a:5b:59:1d:df:86:6f:a1:
20:e7:8a:d2:22:eb:5c:9e:88:f9:c3:fb:06:9e:54:
52:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:97:5A:B4:A8:D4:A3:FC:DA:25:DC:9C:31:25:B2:0E:0D:67:06:6C
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/wZdatKjUo_zaJdycMSWyDg1nBmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.182.0/24
195.211.52.0/22
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
4c:fa:50:3a:a1:9d:76:3b:20:a0:67:c4:bc:bc:91:c3:41:d3:
96:70:ea:94:54:50:7b:c2:40:d3:5b:eb:9b:88:b7:04:ce:6b:
f9:00:e6:df:53:2a:85:e3:7b:b2:d1:b9:e6:b4:35:c1:c2:c9:
1c:bb:fb:87:76:a2:6a:f9:c1:c9:41:bb:03:b6:8a:3e:31:f9:
1b:ad:70:0c:1c:ff:61:29:6e:8e:2a:68:a9:ab:8b:ea:25:c4:
8b:be:86:d7:87:c5:08:44:5f:e1:18:00:4f:04:2a:67:09:b1:
84:b6:6f:fa:ae:18:8b:f4:e5:2d:56:65:e0:6c:ef:34:b5:16:
59:0b:b2:69:c9:6c:07:e8:1a:af:f8:26:a6:9b:0e:4e:f4:3e:
15:31:55:36:de:c7:cc:b7:51:d7:3f:c0:ba:4a:3e:b5:ac:5c:
1a:11:27:c8:fc:3f:50:f9:b3:66:3c:7a:09:50:5a:3d:1e:e9:
ec:d2:8d:da:02:fa:f5:ec:19:f2:a9:7f:59:92:8d:ef:85:c3:
5d:86:04:ad:a1:6a:06:9b:fc:c4:3b:76:f6:1e:9f:ce:f9:05:
38:64:d2:ce:0c:2a:32:3a:34:c0:96:d6:8d:82:da:43:2d:0f:
05:b6:1a:69:5d:19:70:78:1d:85:8c:01:37:b9:c3:fb:f5:9b:
07:ac:eb:e9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZL4bFKj8Q7ZZC5+FdlQRR59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQxMTA0MTgyNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTk3NWFiNGE4ZDRhM2ZjZGEyNWRjOWMzMTI1YjIwZTBkNjcwNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9Vis0CDRgZCISRb2En3krfh/71c
h9XeEpABbZXfrRH8MCNVs2rHTMxVlI0b+jxlyHSe9DrKCMHlrJ8tGWbSdM8m/1VI
SiE5JB+5InHm2L6Zd+bZ+5vPh5tPMm3KV/n2yU9vLLCQghgoFbUJpWozkV26Uwj5
o/n/ZqQv7iKarkT9xD28B1PkDHmLIubCgd+rJ11DbCUCq/FXv4ik/7qLbkHPrCwX
AZoXKcW8P33+bzbxGHP2baC2T76M6du1vRhK/RrUMjnoBPWj/0P8OEPugddQkPUY
8i0xV+h91g8IXBlQLxnOYnPPKltZHd+Gb6Eg54rSIutcnoj5w/sGnlRShQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMGXWrSo1KP82iXcnDElsg4NZwZsMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvd1pkYXRLalVvX3phSmR5Y01TV3lEZzFuQm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAvIK2AwQC
w9M0MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQBM+lA6oZ12OyCg
Z8S8vJHDQdOWcOqUVFB7wkDTW+ubiLcEzmv5AObfUyqF43uy0bnmtDXBwskcu/uH
dqJq+cHJQbsDtoo+MfkbrXAMHP9hKW6OKmipq4vqJcSLvobXh8UIRF/hGABPBCpn
CbGEtm/6rhiL9OUtVmXgbO80tRZZC7JpyWwH6Bqv+Cammw5O9D4VMVU23sfMt1HX
P8C6Sj61rFwaESfI/D9Q+bNmPHoJUFo9Huns0o3aAvr17BnyqX9Zko3vhcNdhgSt
oWoGm/zEO3b2Hp/O+QU4ZNLODCoyOjTAltaNgtpDLQ8FthppXRlweB2FjAE3ucP7
9ZsHrOvp
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:16:39 2025 by rpki-client