Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/1f1ccb-ed10-4fe8-ae0b-61b982ada662/1/WkYaA-tjakXn4pTSH_4CKcmo7gU.roa
File: WkYaA-tjakXn4pTSH_4CKcmo7gU.roa (raw, json)
Hash identifier: DrW4OkBFTUqZRdjKCWYLrbyd66VmauMftDfudpWyQJs=
Subject key identifier: 5A:46:1A:03:EB:63:6A:45:E7:E2:94:D2:1F:FE:02:29:C9:A8:EE:05
Certificate issuer: /CN=c0ab92de7eaf5fbb2d14a508a90cefc569b54ed4
Certificate serial: 018CC3B7452A1D554588E1A9FF814056CD51
Authority key identifier: C0:AB:92:DE:7E:AF:5F:BB:2D:14:A5:08:A9:0C:EF:C5:69:B5:4E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wKuS3n6vX7stFKUIqQzvxWm1TtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/1f1ccb-ed10-4fe8-ae0b-61b982ada662/1/WkYaA-tjakXn4pTSH_4CKcmo7gU.roa
Signing time: Mon 01 Jan 2024 06:30:17 +0000
ROA not before: Mon 01 Jan 2024 06:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210026
IP address blocks: 151.90.0.0/16 maxlen: 24
185.86.84.0/22 maxlen: 24
2a05:b740::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:51:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:45:2a:1d:55:45:88:e1:a9:ff:81:40:56:cd:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0ab92de7eaf5fbb2d14a508a90cefc569b54ed4
Validity
Not Before: Jan 1 06:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a461a03eb636a45e7e294d21ffe0229c9a8ee05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:25:cd:98:cd:f5:6c:46:50:0e:ed:f6:f4:ff:
ae:df:23:ea:b0:4e:af:33:c1:09:0e:a7:d4:6e:89:
b0:48:a3:88:8c:7d:6b:41:01:44:e2:8a:b9:cc:fd:
ee:d1:d7:27:52:09:f5:2f:07:53:d0:6e:0d:f6:8f:
6a:a2:94:7d:f5:4b:48:9a:f5:19:f0:f1:4d:f1:97:
b8:58:00:92:5d:ae:02:60:b0:27:f3:9a:fc:40:1f:
63:47:3b:9b:ae:69:70:75:1e:33:35:b0:ef:33:57:
77:ab:8a:6e:7f:c0:cb:d6:b0:0c:38:57:ed:0e:c8:
25:89:8b:e4:5a:64:88:c2:3a:a1:1a:94:47:f9:69:
8c:9e:32:4b:4f:de:c5:d0:d7:83:d7:26:05:46:85:
86:7c:e6:bf:07:2b:5b:d5:4e:f2:a0:de:ec:03:9e:
1c:e5:19:24:47:fc:61:62:93:1a:69:5d:e2:26:4e:
16:51:ce:e6:b3:fc:e3:cb:2f:8b:96:34:02:16:39:
d7:fc:4f:41:d1:f1:85:f8:51:07:74:a0:5d:5b:28:
6d:21:71:23:b4:7a:14:55:36:6f:9b:d3:e4:c3:6f:
a6:87:4f:0e:24:e5:ff:e5:01:d9:91:70:ad:09:73:
f0:f5:b7:7c:85:76:1a:4f:9e:d6:ec:16:73:11:6f:
ed:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:46:1A:03:EB:63:6A:45:E7:E2:94:D2:1F:FE:02:29:C9:A8:EE:05
X509v3 Authority Key Identifier:
keyid:C0:AB:92:DE:7E:AF:5F:BB:2D:14:A5:08:A9:0C:EF:C5:69:B5:4E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wKuS3n6vX7stFKUIqQzvxWm1TtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/1f1ccb-ed10-4fe8-ae0b-61b982ada662/1/WkYaA-tjakXn4pTSH_4CKcmo7gU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/1f1ccb-ed10-4fe8-ae0b-61b982ada662/1/wKuS3n6vX7stFKUIqQzvxWm1TtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.90.0.0/16
185.86.84.0/22
IPv6:
2a05:b740::/29
Signature Algorithm: sha256WithRSAEncryption
31:2a:77:56:82:e6:27:e4:17:42:14:54:39:10:3c:0c:e3:0c:
36:ae:ee:43:5a:91:cd:d7:17:81:ed:2f:9f:05:c1:7a:5c:25:
59:b1:37:b6:0f:d9:27:d1:91:06:9d:9d:43:e1:1b:a3:90:06:
61:46:0c:87:7c:e3:73:c1:54:2d:8f:ff:27:8f:18:0f:23:87:
ab:16:a4:60:16:51:c2:99:8a:34:7c:d0:b3:70:72:ef:4e:86:
e5:83:82:0c:f4:cd:7a:8c:22:18:a9:a8:20:59:1d:09:1d:17:
9f:e0:d1:6e:21:2e:fa:59:4d:3e:08:d2:83:a6:b5:7f:a9:47:
9e:d0:9f:56:da:54:d8:45:9d:e7:4e:3f:89:05:55:97:6f:1d:
22:bb:13:f3:84:86:ee:0c:a4:f6:51:9e:2e:7e:ac:76:c3:d5:
65:c1:b8:99:f2:59:fe:48:9a:f8:8e:49:79:75:6a:c8:b5:b1:
4c:da:cb:6a:94:02:61:a1:c9:08:b0:62:55:8e:a7:33:be:c0:
62:56:3e:f8:23:44:f5:a5:5e:00:b5:f1:a5:01:49:74:f6:db:
86:c2:c9:13:48:8d:ce:69:5e:fa:48:d0:19:89:fa:bd:00:c9:
49:73:eb:5f:11:da:80:7a:28:29:ac:0d:29:8f:8e:6a:0e:69:
bc:22:c5:28
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzDt0UqHVVFiOGp/4FAVs1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYWI5MmRlN2VhZjVmYmIyZDE0YTUwOGE5MGNlZmM1Njli
NTRlZDQwHhcNMjQwMTAxMDYzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTQ2MWEwM2ViNjM2YTQ1ZTdlMjk0ZDIxZmZlMDIyOWM5YThlZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSXNmM31bEZQDu329P+u3yPqsE6v
M8EJDqfUbomwSKOIjH1rQQFE4oq5zP3u0dcnUgn1LwdT0G4N9o9qopR99UtImvUZ
8PFN8Ze4WACSXa4CYLAn85r8QB9jRzubrmlwdR4zNbDvM1d3q4puf8DL1rAMOFft
DsgliYvkWmSIwjqhGpRH+WmMnjJLT97F0NeD1yYFRoWGfOa/Bytb1U7yoN7sA54c
5RkkR/xhYpMaaV3iJk4WUc7ms/zjyy+LljQCFjnX/E9B0fGF+FEHdKBdWyhtIXEj
tHoUVTZvm9Pkw2+mh08OJOX/5QHZkXCtCXPw9bd8hXYaT57W7BZzEW/tzQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFpGGgPrY2pF5+KU0h/+AinJqO4FMB8GA1UdIwQY
MBaAFMCrkt5+r1+7LRSlCKkM78VptU7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0t1UzNuNnZYN3N0RktVSXFRenZ4V20xVHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8xZjFjY2ItZWQxMC00ZmU4LWFlMGIt
NjFiOTgyYWRhNjYyLzEvV2tZYUEtdGpha1huNHBUU0hfNENLY21vN2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8xZjFjY2ItZWQxMC00ZmU4LWFlMGItNjFiOTgyYWRhNjYy
LzEvd0t1UzNuNnZYN3N0RktVSXFRenZ4V20xVHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAl1oDBAK5
VlQwDQQCAAIwBwMFAyoFt0AwDQYJKoZIhvcNAQELBQADggEBADEqd1aC5ifkF0IU
VDkQPAzjDDau7kNakc3XF4HtL58FwXpcJVmxN7YP2SfRkQadnUPhG6OQBmFGDId8
43PBVC2P/yePGA8jh6sWpGAWUcKZijR80LNwcu9OhuWDggz0zXqMIhipqCBZHQkd
F5/g0W4hLvpZTT4I0oOmtX+pR57Qn1baVNhFnedOP4kFVZdvHSK7E/OEhu4MpPZR
ni5+rHbD1WXBuJnyWf5ImviOSXl1asi1sUzay2qUAmGhyQiwYlWOpzO+wGJWPvgj
RPWlXgC18aUBSXT224bCyRNIjc5pXvpI0BmJ+r0AyUlz618R2oB6KCmsDSmPjmoO
abwixSg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:59:20 2025 by rpki-client