Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/7e47d7-6137-4300-936b-46925c5249e6/1/WDbv5UdE-rBRhruqOxp8jMBixIs.roa
File: WDbv5UdE-rBRhruqOxp8jMBixIs.roa (raw, json)
Hash identifier: nZBoZHD5XN8pKmRsPLb7g4XRzwNILA1jYcgwQvkFBr4=
Subject key identifier: 58:36:EF:E5:47:44:FA:B0:51:86:BB:AA:3B:1A:7C:8C:C0:62:C4:8B
Certificate issuer: /CN=0b083808763c262541020d2e81da34aaa38283b7
Certificate serial: 018E2D3DAA96F9EB951004B62BE4D5D3026D
Authority key identifier: 0B:08:38:08:76:3C:26:25:41:02:0D:2E:81:DA:34:AA:A3:82:83:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cwg4CHY8JiVBAg0ugdo0qqOCg7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/7e47d7-6137-4300-936b-46925c5249e6/1/WDbv5UdE-rBRhruqOxp8jMBixIs.roa
Signing time: Mon 11 Mar 2024 11:19:59 +0000
ROA not before: Mon 11 Mar 2024 11:19:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24749
IP address blocks: 86.106.188.0/22 maxlen: 22
185.70.148.0/22 maxlen: 22
2a03:35a0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:3d:aa:96:f9:eb:95:10:04:b6:2b:e4:d5:d3:02:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b083808763c262541020d2e81da34aaa38283b7
Validity
Not Before: Mar 11 11:19:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5836efe54744fab05186bbaa3b1a7c8cc062c48b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:af:c7:e9:5c:c9:80:26:5b:a9:db:2b:5d:39:
2b:2b:ae:d4:f6:c8:c9:50:a9:ad:12:93:38:e4:a1:
01:7d:83:e6:fe:bb:83:ff:b2:85:a2:bb:f8:6f:27:
9e:ef:39:e1:9b:79:c5:80:e6:de:1d:7a:2c:32:30:
36:b4:ca:a7:a7:47:fc:5c:b9:22:73:19:40:be:82:
fc:ee:0a:b7:29:64:ff:86:37:0e:37:fe:fd:2c:9c:
cd:59:cc:2f:83:b8:15:39:ac:ab:14:0e:71:35:99:
40:88:8b:21:54:07:62:b6:82:b6:be:61:3a:09:af:
73:9e:14:89:6c:85:8c:f1:dd:c2:36:1a:0c:7f:0a:
eb:40:36:36:8c:76:e9:b4:60:7c:bb:35:0e:41:e6:
9e:09:b7:e7:0e:3c:87:41:d3:23:71:07:d7:1d:f3:
21:ed:99:28:f0:92:ce:3a:99:c2:51:06:dd:fa:ec:
34:b6:72:8c:41:9a:1a:23:61:63:26:d7:05:f7:e4:
46:0b:f0:c0:69:3c:c8:61:e4:34:de:9f:d1:51:d7:
13:cd:92:e8:12:ad:70:2a:b4:e3:f4:58:01:03:d5:
08:8f:6f:9f:be:04:d4:74:3f:62:01:62:ca:c3:fc:
7d:79:91:c9:ea:76:16:e0:99:54:91:2b:ca:0b:6a:
d1:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:36:EF:E5:47:44:FA:B0:51:86:BB:AA:3B:1A:7C:8C:C0:62:C4:8B
X509v3 Authority Key Identifier:
keyid:0B:08:38:08:76:3C:26:25:41:02:0D:2E:81:DA:34:AA:A3:82:83:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cwg4CHY8JiVBAg0ugdo0qqOCg7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/7e47d7-6137-4300-936b-46925c5249e6/1/WDbv5UdE-rBRhruqOxp8jMBixIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/7e47d7-6137-4300-936b-46925c5249e6/1/Cwg4CHY8JiVBAg0ugdo0qqOCg7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.188.0/22
185.70.148.0/22
IPv6:
2a03:35a0::/29
Signature Algorithm: sha256WithRSAEncryption
77:45:3e:4b:23:c8:ff:e3:96:6c:7f:63:4f:fa:a6:b2:7f:30:
23:12:02:d6:8b:bf:a4:f7:2e:44:0d:0d:70:3d:2e:8a:b5:9a:
23:be:59:5f:b2:d0:24:af:99:fe:f5:7e:34:77:60:42:7e:6e:
33:a1:a9:c8:f3:e2:68:e6:d9:f7:bd:b2:6a:d4:38:d9:72:19:
64:95:1d:29:e9:b2:0d:b6:e1:b9:35:ef:59:46:c7:f6:06:64:
cd:21:6a:2c:50:5f:44:16:f3:c8:34:47:54:4d:b6:ae:f7:c7:
69:71:82:ae:6d:12:b0:b7:ad:dd:1f:ef:be:50:62:8a:3b:e7:
9e:88:af:18:97:95:c0:8c:62:a4:33:8a:18:ed:b5:10:8c:6b:
1a:fa:1e:a8:48:62:2b:f2:03:9d:dc:9b:83:9a:48:7b:25:09:
0b:c5:12:f2:6c:49:5b:73:fc:48:6c:75:ac:41:9c:87:f0:c7:
41:1d:c0:90:ea:08:31:ba:e1:67:0c:b7:c2:eb:09:c7:fc:4d:
0f:1e:0d:02:e5:be:f4:10:d4:d8:1a:65:73:73:8a:bc:f5:f1:
ac:15:2c:fd:3e:a2:9d:31:1b:0e:73:9f:24:1f:ca:6b:32:64:
8c:24:25:1e:85:09:8e:f0:30:7a:d0:fd:80:51:16:3e:21:02:
86:95:b1:f9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY4tPaqW+euVEAS2K+TV0wJtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMDgzODA4NzYzYzI2MjU0MTAyMGQyZTgxZGEzNGFhYTM4
MjgzYjcwHhcNMjQwMzExMTExOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODM2ZWZlNTQ3NDRmYWIwNTE4NmJiYWEzYjFhN2M4Y2MwNjJjNDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa/H6VzJgCZbqdsrXTkrK67U9sjJ
UKmtEpM45KEBfYPm/ruD/7KForv4byee7znhm3nFgObeHXosMjA2tMqnp0f8XLki
cxlAvoL87gq3KWT/hjcON/79LJzNWcwvg7gVOayrFA5xNZlAiIshVAditoK2vmE6
Ca9znhSJbIWM8d3CNhoMfwrrQDY2jHbptGB8uzUOQeaeCbfnDjyHQdMjcQfXHfMh
7Zko8JLOOpnCUQbd+uw0tnKMQZoaI2FjJtcF9+RGC/DAaTzIYeQ03p/RUdcTzZLo
Eq1wKrTj9FgBA9UIj2+fvgTUdD9iAWLKw/x9eZHJ6nYW4JlUkSvKC2rR5QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFg27+VHRPqwUYa7qjsafIzAYsSLMB8GA1UdIwQY
MBaAFAsIOAh2PCYlQQINLoHaNKqjgoO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3dnNENIWThKaVZCQWcwdWdkbzBxcU9DZzdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni83ZTQ3ZDctNjEzNy00MzAwLTkzNmIt
NDY5MjVjNTI0OWU2LzEvV0RidjVVZEUtckJSaHJ1cU94cDhqTUJpeElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni83ZTQ3ZDctNjEzNy00MzAwLTkzNmItNDY5MjVjNTI0OWU2
LzEvQ3dnNENIWThKaVZCQWcwdWdkbzBxcU9DZzdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCVmq8AwQC
uUaUMA0EAgACMAcDBQMqAzWgMA0GCSqGSIb3DQEBCwUAA4IBAQB3RT5LI8j/45Zs
f2NP+qayfzAjEgLWi7+k9y5EDQ1wPS6KtZojvllfstAkr5n+9X40d2BCfm4zoanI
8+Jo5tn3vbJq1DjZchlklR0p6bINtuG5Ne9ZRsf2BmTNIWosUF9EFvPINEdUTbau
98dpcYKubRKwt63dH+++UGKKO+eeiK8Yl5XAjGKkM4oY7bUQjGsa+h6oSGIr8gOd
3JuDmkh7JQkLxRLybElbc/xIbHWsQZyH8MdBHcCQ6ggxuuFnDLfC6wnH/E0PHg0C
5b70ENTYGmVzc4q89fGsFSz9PqKdMRsOc58kH8prMmSMJCUehQmO8DB60P2AURY+
IQKGlbH5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:18 2025 by rpki-client