Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/wtiQzD4ir8krc_cdtwLwsOIwjvk.roa
File: wtiQzD4ir8krc_cdtwLwsOIwjvk.roa (raw, json)
Hash identifier: Xeu7tGvDLBkZAjzFbqQWFQnxzlMBvpB7BO9RQhQynz0=
Subject key identifier: C2:D8:90:CC:3E:22:AF:C9:2B:73:F7:1D:B7:02:F0:B0:E2:30:8E:F9
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018F06056860897A43C0EE53D46D6F9C5C0C
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/wtiQzD4ir8krc_cdtwLwsOIwjvk.roa
Signing time: Mon 22 Apr 2024 13:36:08 +0000
ROA not before: Mon 22 Apr 2024 13:36:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43395
IP address blocks: 94.182.56.0/22 maxlen: 22
94.182.56.0/24 maxlen: 24
94.182.57.0/24 maxlen: 24
94.182.58.0/24 maxlen: 24
94.182.59.0/24 maxlen: 24
94.182.60.0/22 maxlen: 22
94.182.60.0/24 maxlen: 24
94.182.61.0/24 maxlen: 24
94.182.62.0/24 maxlen: 24
94.182.63.0/24 maxlen: 24
151.247.212.0/23 maxlen: 23
151.247.228.0/22 maxlen: 22
151.247.232.0/22 maxlen: 22
151.247.236.0/22 maxlen: 22
151.247.236.0/24 maxlen: 24
151.247.237.0/24 maxlen: 24
151.247.238.0/24 maxlen: 24
151.247.239.0/24 maxlen: 24
151.247.240.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Sep 2024 04:20:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:05:68:60:89:7a:43:c0:ee:53:d4:6d:6f:9c:5c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Apr 22 13:36:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2d890cc3e22afc92b73f71db702f0b0e2308ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b0:3d:14:65:aa:90:18:6c:f4:eb:f6:c0:f0:
b5:48:9d:38:23:2b:cf:c4:34:bc:fa:5e:69:6e:5e:
b2:95:82:c0:39:a7:51:5b:e1:3e:ea:63:5c:b1:f3:
fc:c4:a7:37:db:7c:4d:ef:5b:53:54:91:aa:cf:41:
9f:b1:6a:78:2d:fe:3b:ca:0d:fb:9d:23:76:5b:ce:
29:64:f0:d6:af:d0:e8:e4:c1:27:d7:86:ce:2d:2c:
88:ea:a8:f7:4a:f0:76:d0:74:7d:e9:d2:eb:34:24:
c2:4c:c1:87:3a:6c:1c:a4:37:af:76:d5:f6:d9:9f:
69:8e:66:67:15:b9:6a:05:1a:12:7f:dd:f8:f7:32:
ec:cb:e4:f1:c9:55:b3:1d:df:ea:b0:38:e8:c0:64:
63:c8:25:a8:14:3b:85:55:9b:55:dd:e8:55:de:a2:
01:6e:ec:5c:a4:6d:05:d9:d9:6a:be:fe:5e:a3:04:
92:7b:48:c4:7e:44:e9:da:3e:c3:f4:5b:ea:2e:8d:
a5:5d:cb:13:27:6d:19:38:65:da:ef:a2:fc:45:88:
42:ed:db:f7:7f:bf:57:89:29:82:bb:a8:1f:1a:b7:
bf:8d:ae:65:9f:a3:e0:72:f5:ce:49:68:9d:08:4e:
87:c4:f4:31:0b:4f:15:45:09:59:fa:41:52:b3:dd:
53:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D8:90:CC:3E:22:AF:C9:2B:73:F7:1D:B7:02:F0:B0:E2:30:8E:F9
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/wtiQzD4ir8krc_cdtwLwsOIwjvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.182.56.0/21
151.247.212.0/23
151.247.228.0-151.247.241.255
Signature Algorithm: sha256WithRSAEncryption
13:12:c8:d9:81:5c:4f:33:5a:32:78:01:19:8a:f6:97:43:a0:
d4:de:f5:1a:6e:f6:3d:d2:2b:bd:51:40:af:5c:a3:40:47:fc:
f0:bd:ec:e1:08:b0:3d:36:04:ec:a0:52:45:54:67:74:cd:75:
f6:01:d2:ba:7c:08:6f:d7:61:25:bb:c2:4f:17:6a:89:4c:5e:
87:09:d2:b1:bb:fe:bf:9e:7b:08:2f:0e:4f:b5:da:7d:c2:7c:
57:5f:21:b8:35:6b:02:cb:57:00:56:4f:24:bb:c0:cf:ec:3a:
5b:04:67:88:36:e5:7d:15:64:a7:0b:80:c9:13:e8:16:09:65:
cf:94:60:d8:4e:fa:4a:f1:eb:ce:26:69:27:3f:41:af:18:4e:
b9:75:88:b1:37:03:22:32:d4:66:32:89:74:64:2c:18:26:f8:
cf:71:aa:fd:2e:b5:26:91:09:52:8f:20:3e:75:0f:ab:27:9b:
2f:1c:29:d8:c9:6d:d4:d6:95:c8:06:4f:5d:72:70:5b:9d:57:
93:25:26:83:c1:95:af:83:61:71:33:d3:25:97:d0:01:0e:57:
8b:64:e9:40:dd:cb:9e:ca:04:a8:37:da:ff:26:44:18:70:64:
ac:d9:34:1b:ab:b7:4e:b8:c8:5a:07:68:25:8e:0e:dc:4b:6a:
b9:e6:74:d6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY8GBWhgiXpDwO5T1G1vnFwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwNDIyMTMzNjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmQ4OTBjYzNlMjJhZmM5MmI3M2Y3MWRiNzAyZjBiMGUyMzA4ZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7A9FGWqkBhs9Ov2wPC1SJ04IyvP
xDS8+l5pbl6ylYLAOadRW+E+6mNcsfP8xKc323xN71tTVJGqz0GfsWp4Lf47yg37
nSN2W84pZPDWr9Do5MEn14bOLSyI6qj3SvB20HR96dLrNCTCTMGHOmwcpDevdtX2
2Z9pjmZnFblqBRoSf9349zLsy+TxyVWzHd/qsDjowGRjyCWoFDuFVZtV3ehV3qIB
buxcpG0F2dlqvv5eowSSe0jEfkTp2j7D9FvqLo2lXcsTJ20ZOGXa76L8RYhC7dv3
f79XiSmCu6gfGre/ja5ln6PgcvXOSWidCE6HxPQxC08VRQlZ+kFSs91T9wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMLYkMw+Iq/JK3P3HbcC8LDiMI75MB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvd3RpUXpENGlyOGtyY19jZHR3THdzT0l3anZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDXrY4AwQB
l/fUMAwDBAKX9+QDBAGX9/AwDQYJKoZIhvcNAQELBQADggEBABMSyNmBXE8zWjJ4
ARmK9pdDoNTe9Rpu9j3SK71RQK9co0BH/PC97OEIsD02BOygUkVUZ3TNdfYB0rp8
CG/XYSW7wk8XaolMXocJ0rG7/r+eewgvDk+12n3CfFdfIbg1awLLVwBWTyS7wM/s
OlsEZ4g25X0VZKcLgMkT6BYJZc+UYNhO+krx684maSc/Qa8YTrl1iLE3AyIy1GYy
iXRkLBgm+M9xqv0utSaRCVKPID51D6snmy8cKdjJbdTWlcgGT11ycFudV5MlJoPB
la+DYXEz0yWX0AEOV4tk6UDdy57KBKg32v8mRBhwZKzZNBurt064yFoHaCWODtxL
arnmdNY=
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:09:38 2025 by rpki-client