Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/WHPJlMpke_JCRaB2pDyxc9LTty8.roa
File: WHPJlMpke_JCRaB2pDyxc9LTty8.roa (raw, json)
Hash identifier: iVAtd6GMQQpFX8YbVpvbJjqqfbl8Tj87HvkBCF35lQ8=
Subject key identifier: 58:73:C9:94:CA:64:7B:F2:42:45:A0:76:A4:3C:B1:73:D2:D3:B7:2F
Certificate issuer: /CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Certificate serial: 019418F1AC94631D90C17FDC4D402109FFF9
Authority key identifier: 8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/WHPJlMpke_JCRaB2pDyxc9LTty8.roa
Signing time: Mon 30 Dec 2024 19:01:18 +0000
ROA not before: Mon 30 Dec 2024 19:01:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 5.253.226.0/24 maxlen: 24
194.99.112.0/24 maxlen: 24
194.104.1.0/24 maxlen: 24
194.104.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:18:f1:ac:94:63:1d:90:c1:7f:dc:4d:40:21:09:ff:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Validity
Not Before: Dec 30 19:01:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5873c994ca647bf24245a076a43cb173d2d3b72f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:45:87:f1:46:7c:aa:53:24:b8:fe:76:f5:87:
00:37:a7:66:68:06:98:ec:a8:c5:b7:3a:89:f6:46:
04:db:97:c7:63:b5:84:f8:ef:53:06:db:e5:43:4c:
5c:23:2b:da:66:78:71:95:15:d9:80:7f:11:9f:a2:
74:a4:09:c9:4d:f2:62:5a:2e:35:2c:68:de:42:e4:
08:96:b9:c2:11:b9:f5:01:35:cd:11:d6:ea:4e:bc:
4b:42:b6:18:33:80:c4:a8:db:05:87:c1:12:9a:06:
c4:20:c1:53:4e:6a:f0:59:61:97:c0:52:bc:39:f8:
9f:77:5d:33:b5:76:0e:a2:0e:11:1f:10:8c:3d:4b:
e9:29:6a:8e:1b:10:b2:4f:5e:b1:87:00:80:67:c8:
0a:83:f1:03:e9:b8:a8:ed:f6:dc:57:fb:36:33:d8:
94:5a:4f:2a:d4:2e:fe:43:53:04:96:a2:e2:9a:9b:
10:77:d4:70:ab:53:be:83:c5:55:3f:6e:9e:96:0f:
d8:61:ac:bd:b2:e4:d3:34:ee:50:1a:9e:8b:2e:ab:
a8:a4:8b:1a:1f:35:74:d4:e3:60:ce:9d:fa:db:91:
60:a0:08:30:3a:ad:c3:9c:98:eb:4f:e4:31:33:9d:
88:c7:c5:36:de:42:50:5b:a8:a5:06:0f:1e:c7:07:
36:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:73:C9:94:CA:64:7B:F2:42:45:A0:76:A4:3C:B1:73:D2:D3:B7:2F
X509v3 Authority Key Identifier:
keyid:8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/WHPJlMpke_JCRaB2pDyxc9LTty8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.226.0/24
194.99.112.0/24
194.104.1.0/24
194.104.85.0/24
Signature Algorithm: sha256WithRSAEncryption
90:04:0d:1e:bb:01:a1:d3:c7:c1:ec:d7:ae:0f:52:a6:a8:2a:
5d:24:fd:4c:2a:bd:4c:7e:2f:ee:35:ed:41:d0:45:3d:cb:e5:
a6:89:6c:3d:16:ad:e1:85:9e:4b:47:9f:d1:46:b5:93:b9:c6:
df:2c:56:68:de:ba:ac:8b:02:b3:5c:35:4d:ff:c0:df:3f:ab:
d5:b9:7f:5e:2a:2f:e5:1e:83:f9:bd:40:f3:0a:d5:92:f4:06:
4c:33:47:d3:d3:c0:1c:b4:3f:d4:00:c4:15:59:56:15:73:f6:
bf:b3:75:0e:74:75:39:cc:f2:43:de:da:e8:1b:3a:b9:57:d3:
5e:46:9c:1a:24:d4:b3:df:b0:0b:b3:95:5a:f1:50:00:42:cb:
65:42:43:bb:79:ba:81:08:6b:55:17:09:d7:27:88:c3:95:4d:
a5:a7:60:e7:f1:51:4c:8f:de:0c:e3:e5:64:04:77:df:2e:73:
3a:bd:ab:db:e7:27:a0:18:0d:a2:42:f4:dc:d9:3e:08:46:a7:
f8:93:76:7a:c1:b6:3a:d1:12:dc:56:12:17:80:d6:7b:83:2f:
3a:c8:a7:5a:07:a2:1b:15:e2:9b:4e:b7:e8:04:6b:01:1d:45:
7f:6a:57:e7:3c:ab:e3:92:ea:3c:df:db:1c:13:08:6d:7c:88:
d6:ad:33:93
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQY8ayUYx2QwX/cTUAhCf/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYzY5NjQ2NDU3YThiZjhlZjk1NjliOWI0MjdlOWYyYzQ2
MmU1NmUwHhcNMjQxMjMwMTkwMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODczYzk5NGNhNjQ3YmYyNDI0NWEwNzZhNDNjYjE3M2QyZDNiNzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00WH8UZ8qlMkuP529YcAN6dmaAaY
7KjFtzqJ9kYE25fHY7WE+O9TBtvlQ0xcIyvaZnhxlRXZgH8Rn6J0pAnJTfJiWi41
LGjeQuQIlrnCEbn1ATXNEdbqTrxLQrYYM4DEqNsFh8ESmgbEIMFTTmrwWWGXwFK8
Ofifd10ztXYOog4RHxCMPUvpKWqOGxCyT16xhwCAZ8gKg/ED6bio7fbcV/s2M9iU
Wk8q1C7+Q1MElqLimpsQd9Rwq1O+g8VVP26elg/YYay9suTTNO5QGp6LLquopIsa
HzV01ONgzp3625FgoAgwOq3DnJjrT+QxM52Ix8U23kJQW6ilBg8exwc25QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFhzyZTKZHvyQkWgdqQ8sXPS07cvMB8GA1UdIwQY
MBaAFI/GlkZFeov475VpubQn6fLEYuVuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTkt
YjBiMzVhMzRlMzg4LzEvV0hQSmxNcGtlX0pDUmFCMnBEeXhjOUxUdHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTktYjBiMzVhMzRlMzg4
LzEvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABf3iAwQA
wmNwAwQAwmgBAwQAwmhVMA0GCSqGSIb3DQEBCwUAA4IBAQCQBA0euwGh08fB7Neu
D1KmqCpdJP1MKr1Mfi/uNe1B0EU9y+WmiWw9Fq3hhZ5LR5/RRrWTucbfLFZo3rqs
iwKzXDVN/8DfP6vVuX9eKi/lHoP5vUDzCtWS9AZMM0fT08ActD/UAMQVWVYVc/a/
s3UOdHU5zPJD3troGzq5V9NeRpwaJNSz37ALs5Va8VAAQstlQkO7ebqBCGtVFwnX
J4jDlU2lp2Dn8VFMj94M4+VkBHffLnM6vavb5yegGA2iQvTc2T4IRqf4k3Z6wbY6
0RLcVhIXgNZ7gy86yKdaB6IbFeKbTrfoBGsBHUV/alfnPKvjkuo839scEwhtfIjW
rTOT
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:28:56 2025 by rpki-client