Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/wMmxnzHtVpkqSBvpHXCbmfMZqns.roa
File: wMmxnzHtVpkqSBvpHXCbmfMZqns.roa (raw, json)
Hash identifier: dXBsYCpH5Xl7LcDEIS51zWsT4iNBx0iVzkEw3u5SoQ4=
Subject key identifier: C0:C9:B1:9F:31:ED:56:99:2A:48:1B:E9:1D:70:9B:99:F3:19:AA:7B
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 018D30B20E4EAD807E518E6F1E8CF94B57D8
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/wMmxnzHtVpkqSBvpHXCbmfMZqns.roa
Signing time: Mon 22 Jan 2024 10:23:11 +0000
ROA not before: Mon 22 Jan 2024 10:23:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1149
IP address blocks: 145.100.118.0/23 maxlen: 24
145.116.218.0/23 maxlen: 24
2001:610:9000::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:b2:0e:4e:ad:80:7e:51:8e:6f:1e:8c:f9:4b:57:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 22 10:23:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0c9b19f31ed56992a481be91d709b99f319aa7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:63:4c:00:81:70:48:d6:46:22:98:e6:46:34:
0a:d0:bb:d8:d0:59:5b:5b:c3:8c:34:17:f4:9f:e0:
6a:19:66:65:61:6d:d1:bd:2f:ab:8d:83:c2:a3:14:
8c:fd:04:34:7a:48:b0:b7:46:29:f8:ca:b8:49:13:
29:af:a3:2e:ed:02:43:a9:10:3e:09:b3:c8:f4:db:
d9:d3:cb:78:73:2c:a7:91:af:34:30:f7:56:ad:07:
74:bc:cc:a1:ee:51:70:df:12:ce:d5:7e:66:83:1d:
28:2d:a1:e9:df:e8:a5:f2:30:39:5a:ea:82:bf:71:
16:f8:cd:1a:49:cc:05:26:9d:ef:dd:3e:de:ad:63:
ea:6a:75:53:90:c6:50:48:71:40:1e:67:94:0b:d1:
09:c3:1e:3a:f7:da:0d:96:d3:3e:d5:4c:06:78:87:
a0:11:b1:a1:05:f9:02:e0:f4:2e:30:01:9c:61:1a:
bf:39:01:f0:a3:4b:e3:00:27:3a:cc:6c:0c:58:ba:
0f:cf:63:92:fb:69:8b:d4:0d:6a:4f:95:8d:0f:b5:
1a:1b:06:a5:44:09:af:31:60:0a:0f:8f:11:4c:7b:
65:95:d9:cc:f9:87:a1:37:10:79:11:23:63:67:aa:
49:c5:5a:aa:e4:8b:22:e6:b2:6f:5e:70:fd:29:95:
23:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:C9:B1:9F:31:ED:56:99:2A:48:1B:E9:1D:70:9B:99:F3:19:AA:7B
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/wMmxnzHtVpkqSBvpHXCbmfMZqns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.100.118.0/23
145.116.218.0/23
IPv6:
2001:610:9000::/40
Signature Algorithm: sha256WithRSAEncryption
8e:34:6b:8c:d0:a4:73:74:fa:09:f8:03:be:e8:57:36:e9:1b:
0c:6f:38:4d:c0:60:6d:d8:44:f8:22:ee:8d:fd:79:45:01:4d:
ae:0b:a1:e6:e1:7b:57:9c:88:a7:c0:73:b5:37:5c:35:b8:09:
18:1b:56:2c:e7:8b:7d:36:73:09:e0:2a:40:1a:73:d7:90:01:
29:8d:35:fb:3f:76:8e:f5:b3:97:8a:d1:cc:34:37:fb:c6:e9:
45:b2:3a:8a:2a:2a:d9:6a:54:70:ad:d4:e2:86:dc:75:26:78:
e2:7a:df:01:70:68:fd:15:96:40:a2:bf:34:f7:12:e0:01:f9:
5e:e6:56:83:ea:4b:16:27:ef:c5:48:eb:d3:4e:3a:b6:36:c9:
d9:77:b2:60:a0:2a:96:09:48:71:3c:52:d4:bd:81:94:1e:35:
4d:63:72:91:a9:ee:9e:27:41:41:85:96:72:1b:ee:09:9d:b0:
7f:3f:fc:61:bd:33:b2:84:fb:13:00:bc:2c:98:1b:a6:13:3a:
8f:91:de:8c:72:b8:7a:ad:ed:23:9b:bf:4f:1e:26:00:00:1d:
7b:1c:7c:6e:3f:d4:4c:4e:b5:93:c6:55:d4:bb:74:87:7c:4a:
26:a3:b5:b0:a5:e2:ac:5a:ce:05:ca:ed:48:79:5b:8b:15:24:
73:99:af:ba
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY0wsg5OrYB+UY5vHoz5S1fYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjQwMTIyMTAyMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGM5YjE5ZjMxZWQ1Njk5MmE0ODFiZTkxZDcwOWI5OWYzMTlhYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGNMAIFwSNZGIpjmRjQK0LvY0Flb
W8OMNBf0n+BqGWZlYW3RvS+rjYPCoxSM/QQ0ekiwt0Yp+Mq4SRMpr6Mu7QJDqRA+
CbPI9NvZ08t4cyynka80MPdWrQd0vMyh7lFw3xLO1X5mgx0oLaHp3+il8jA5WuqC
v3EW+M0aScwFJp3v3T7erWPqanVTkMZQSHFAHmeUC9EJwx4699oNltM+1UwGeIeg
EbGhBfkC4PQuMAGcYRq/OQHwo0vjACc6zGwMWLoPz2OS+2mL1A1qT5WND7UaGwal
RAmvMWAKD48RTHtlldnM+YehNxB5ESNjZ6pJxVqq5Isi5rJvXnD9KZUjVwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMDJsZ8x7VaZKkgb6R1wm5nzGap7MB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvd01teG56SHRWcGtxU0J2cEhYQ2JtZk1acW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQBkWR2AwQB
kXTaMA4EAgACMAgDBgAgAQYQkDANBgkqhkiG9w0BAQsFAAOCAQEAjjRrjNCkc3T6
CfgDvuhXNukbDG84TcBgbdhE+CLujf15RQFNrguh5uF7V5yIp8BztTdcNbgJGBtW
LOeLfTZzCeAqQBpz15ABKY01+z92jvWzl4rRzDQ3+8bpRbI6iioq2WpUcK3U4obc
dSZ44nrfAXBo/RWWQKK/NPcS4AH5XuZWg+pLFifvxUjr0046tjbJ2XeyYKAqlglI
cTxS1L2BlB41TWNykanunidBQYWWchvuCZ2wfz/8Yb0zsoT7EwC8LJgbphM6j5He
jHK4eq3tI5u/Tx4mAAAdexx8bj/UTE61k8ZV1Lt0h3xKJqO1sKXirFrOBcrtSHlb
ixUkc5mvug==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:44:20 2025 by rpki-client