Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/WmEjRggDX7Gg9tAifiycsx0A7ic.roa
File: WmEjRggDX7Gg9tAifiycsx0A7ic.roa (raw, json)
Hash identifier: Ve6DllX5l+/+ktD2ViQKVDKMRQNktzFOlhpMNgeml8g=
Subject key identifier: 5A:61:23:46:08:03:5F:B1:A0:F6:D0:22:7E:2C:9C:B3:1D:00:EE:27
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0194277D211B113C1048FA9D92FBEDA122BB
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/WmEjRggDX7Gg9tAifiycsx0A7ic.roa
Signing time: Thu 02 Jan 2025 14:48:19 +0000
ROA not before: Thu 02 Jan 2025 14:48:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214309
IP address blocks: 89.35.130.0/24 maxlen: 24
188.213.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:7d:21:1b:11:3c:10:48:fa:9d:92:fb:ed:a1:22:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 2 14:48:19 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a61234608035fb1a0f6d0227e2c9cb31d00ee27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fc:b5:f0:11:d1:ea:7a:c5:13:65:dd:c9:ca:
da:f7:36:4e:e3:ef:ac:d3:2c:2c:00:af:16:1b:f0:
9f:a3:06:44:08:02:c5:92:f6:91:47:89:43:9c:02:
94:08:3a:5f:f5:55:e6:ce:09:3d:cd:82:f3:40:77:
64:15:90:cc:36:bf:49:78:e3:9b:f0:36:2d:f5:64:
92:03:ff:fe:51:c7:c8:cc:be:98:39:25:88:bb:3e:
ec:6a:df:26:8d:34:cd:02:4d:86:01:82:3e:ec:34:
fe:62:69:6b:cd:e0:3e:cc:25:cd:09:54:98:e3:25:
e0:2f:19:b6:0a:b6:65:69:5d:43:9c:fa:24:9a:be:
20:50:55:3d:04:79:cf:4a:f0:21:59:d1:e0:dc:12:
cb:30:1c:b7:f8:17:af:d9:2b:c0:f3:93:2f:c0:0b:
ab:ac:b1:20:ab:f0:da:5e:40:84:34:80:f9:ae:5e:
20:85:d0:b7:65:cc:21:71:2c:0a:90:b2:5e:c1:97:
5e:47:3c:e3:f8:d2:c3:69:08:1e:ea:c8:27:e5:50:
38:f6:06:2a:90:e2:04:ee:aa:4d:ce:88:0e:34:36:
bf:2c:2c:54:4c:df:ae:be:4e:a2:a9:de:86:aa:29:
f3:42:75:60:56:32:0b:cc:d6:96:25:c4:f8:bb:f5:
6e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:61:23:46:08:03:5F:B1:A0:F6:D0:22:7E:2C:9C:B3:1D:00:EE:27
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/WmEjRggDX7Gg9tAifiycsx0A7ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.130.0/24
188.213.0.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:f4:fa:7b:23:3e:8c:41:47:ec:86:90:8f:6a:79:e1:0e:c8:
5e:d5:5e:d8:0a:2e:a5:c2:5c:6f:29:04:5f:dc:40:1a:2e:56:
78:68:2a:c1:c5:84:d4:f3:b9:09:4d:78:f5:87:79:14:d0:ea:
f2:b4:fe:68:4b:bb:3b:a2:82:50:0e:25:89:eb:fc:7a:3c:1e:
b7:9a:1a:11:01:8c:e8:0f:44:b7:41:a0:11:63:af:89:32:9e:
79:09:5e:c4:ff:82:5a:8a:95:4a:3a:8e:5c:76:cd:cf:7a:5d:
15:ca:8a:6a:ae:d3:98:f2:17:d3:c5:24:af:33:3a:fd:65:2c:
c8:30:e4:fd:2d:61:e5:2d:26:e8:d4:10:14:c5:5a:29:9a:4b:
53:d2:72:3e:53:f1:54:17:76:f0:69:40:d4:68:91:7a:8d:aa:
4d:eb:6a:a8:35:0b:ca:f9:c4:1b:80:d5:d8:2e:e2:b9:c8:65:
4f:5f:a8:b0:7e:4f:cd:43:14:bc:a3:6a:bc:43:63:f8:09:0d:
5b:9b:ad:6e:84:c1:96:5e:84:a2:b5:be:a8:ff:9f:e2:f6:2d:
f1:f5:6b:71:ba:10:78:f6:92:2c:12:5f:ce:ce:bd:d3:2a:24:
32:8d:88:dd:2f:93:0e:79:28:6c:87:19:27:36:9c:a8:a5:55:
9d:65:90:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnfSEbETwQSPqdkvvtoSK7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTAyMTQ0ODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTYxMjM0NjA4MDM1ZmIxYTBmNmQwMjI3ZTJjOWNiMzFkMDBlZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvy18BHR6nrFE2Xdycra9zZO4++s
0ywsAK8WG/CfowZECALFkvaRR4lDnAKUCDpf9VXmzgk9zYLzQHdkFZDMNr9JeOOb
8DYt9WSSA//+UcfIzL6YOSWIuz7sat8mjTTNAk2GAYI+7DT+YmlrzeA+zCXNCVSY
4yXgLxm2CrZlaV1DnPokmr4gUFU9BHnPSvAhWdHg3BLLMBy3+Bev2SvA85MvwAur
rLEgq/DaXkCENID5rl4ghdC3ZcwhcSwKkLJewZdeRzzj+NLDaQge6sgn5VA49gYq
kOIE7qpNzogONDa/LCxUTN+uvk6iqd6GqinzQnVgVjILzNaWJcT4u/VugQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFphI0YIA1+xoPbQIn4snLMdAO4nMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvV21FalJnZ0RYN0dnOXRBaWZpeWNzeDBBN2ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSOCAwQA
vNUAMA0GCSqGSIb3DQEBCwUAA4IBAQBL9Pp7Iz6MQUfshpCPannhDshe1V7YCi6l
wlxvKQRf3EAaLlZ4aCrBxYTU87kJTXj1h3kU0OrytP5oS7s7ooJQDiWJ6/x6PB63
mhoRAYzoD0S3QaARY6+JMp55CV7E/4JaipVKOo5cds3Pel0VyopqrtOY8hfTxSSv
Mzr9ZSzIMOT9LWHlLSbo1BAUxVopmktT0nI+U/FUF3bwaUDUaJF6japN62qoNQvK
+cQbgNXYLuK5yGVPX6iwfk/NQxS8o2q8Q2P4CQ1bm61uhMGWXoSitb6o/5/i9i3x
9WtxuhB49pIsEl/Ozr3TKiQyjYjdL5MOeShshxknNpyopVWdZZAa
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:42:42 2025 by rpki-client