Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/w4_xqHqRxFlB7ABlXaTcVDYm_bU.roa
File: w4_xqHqRxFlB7ABlXaTcVDYm_bU.roa (raw, json)
Hash identifier: vmhQoPcRtWh3J1T8XX6Ba1k3qIjUvgHMJi+SMSRgPbM=
Subject key identifier: C3:8F:F1:A8:7A:91:C4:59:41:EC:00:65:5D:A4:DC:54:36:26:FD:B5
Certificate issuer: /CN=4c7594b0214264f06677609bb4aa4779eb1eecad
Certificate serial: 018CC9BC17172CD7E866BEADE6BD94394E80
Authority key identifier: 4C:75:94:B0:21:42:64:F0:66:77:60:9B:B4:AA:47:79:EB:1E:EC:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THWUsCFCZPBmd2CbtKpHeese7K0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/w4_xqHqRxFlB7ABlXaTcVDYm_bU.roa
Signing time: Tue 02 Jan 2024 10:33:16 +0000
ROA not before: Tue 02 Jan 2024 10:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29263
IP address blocks: 217.68.49.65/32 maxlen: 32
217.68.48.0/28 maxlen: 28
217.68.58.0/24 maxlen: 24
217.68.56.0/21 maxlen: 21
217.68.61.0/24 maxlen: 24
217.68.60.0/24 maxlen: 24
217.68.48.124/30 maxlen: 30
217.68.49.75/32 maxlen: 32
217.68.48.144/29 maxlen: 29
217.68.49.208/29 maxlen: 29
217.68.49.85/32 maxlen: 32
217.68.48.128/30 maxlen: 30
217.68.48.160/27 maxlen: 27
217.68.48.0/20 maxlen: 20
217.68.48.0/21 maxlen: 21
217.68.51.0/24 maxlen: 24
217.68.50.0/24 maxlen: 24
217.68.48.252/32 maxlen: 32
217.68.48.253/32 maxlen: 32
217.68.49.93/32 maxlen: 32
217.68.49.216/29 maxlen: 29
2a02:2400::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 07:55:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:17:17:2c:d7:e8:66:be:ad:e6:bd:94:39:4e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7594b0214264f06677609bb4aa4779eb1eecad
Validity
Not Before: Jan 2 10:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c38ff1a87a91c45941ec00655da4dc543626fdb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:73:f2:5d:d6:c5:d7:25:50:10:08:6c:5d:41:
19:c0:b4:f0:cd:5e:b0:07:be:23:19:cc:81:a7:b3:
c4:53:f1:85:ad:6f:0b:6c:1b:80:7c:dd:92:61:a0:
c9:8b:5b:80:d3:a1:c2:f5:1a:47:0c:d2:4e:3f:fe:
45:24:23:21:55:30:67:14:5b:d6:a4:41:7f:83:8b:
e3:65:ff:56:96:bd:53:8e:9e:45:36:e4:e9:52:47:
3c:2a:a2:5c:a9:f9:54:9e:78:2b:13:eb:59:08:b7:
b2:ea:a9:39:87:dc:67:41:bd:24:b1:3c:b5:97:41:
0c:4c:a0:8a:3b:84:10:3d:ae:2f:0f:82:fe:b8:f1:
fc:be:cc:49:93:d5:db:75:5b:23:f1:6e:06:39:6c:
51:6a:ca:70:8e:b0:ba:fb:cd:a3:15:57:c3:01:1d:
cc:36:f3:95:e3:97:51:bd:ec:4a:bc:fc:c3:79:c8:
ed:57:20:89:ec:8a:a3:5a:7f:57:41:6a:9a:43:2c:
be:da:89:ba:16:54:83:6e:90:81:58:29:de:5c:d3:
48:e7:9f:a3:f6:7f:33:3c:77:1f:be:30:90:29:e9:
5b:5d:cb:b8:37:00:1f:79:9d:e7:38:a5:4f:86:92:
36:df:10:cf:df:85:f7:08:f2:27:8e:66:c4:ba:32:
b2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:8F:F1:A8:7A:91:C4:59:41:EC:00:65:5D:A4:DC:54:36:26:FD:B5
X509v3 Authority Key Identifier:
keyid:4C:75:94:B0:21:42:64:F0:66:77:60:9B:B4:AA:47:79:EB:1E:EC:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THWUsCFCZPBmd2CbtKpHeese7K0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/w4_xqHqRxFlB7ABlXaTcVDYm_bU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/THWUsCFCZPBmd2CbtKpHeese7K0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.68.48.0/20
IPv6:
2a02:2400::/32
Signature Algorithm: sha256WithRSAEncryption
15:c1:18:5a:19:e1:b2:c8:26:ac:a8:ff:67:f8:51:2d:e3:53:
29:33:f8:5d:b5:81:de:3e:30:10:96:c4:87:7e:dc:a0:23:a7:
6b:5a:5a:51:b6:4c:3c:72:ab:50:92:1c:86:e1:c1:ad:ec:29:
d5:e4:0b:20:29:ba:31:99:7f:08:be:b8:e8:4e:03:ef:c8:30:
7a:c6:ed:65:6e:2e:99:3b:bb:c3:61:ad:98:aa:de:c2:9f:aa:
b1:09:1f:7a:8f:6d:b8:3c:c2:c2:b5:9f:1d:98:0b:e9:b0:da:
72:c4:8a:45:d4:b7:24:03:6b:e1:50:87:0d:ed:e8:46:23:f7:
b4:c0:a9:47:ac:72:3d:30:84:bd:eb:a8:b8:5d:ce:40:11:48:
24:5b:58:32:fa:18:2a:dc:98:ae:d7:ee:86:ec:92:51:67:31:
b4:5c:16:eb:fe:2e:2e:43:1e:ca:be:b3:b4:ab:f8:33:16:1d:
7b:13:99:4e:f4:97:24:37:a4:15:1d:53:e8:17:dd:8f:96:25:
a7:56:58:e3:17:01:76:88:ff:7b:77:a3:12:31:43:8e:68:7d:
1b:c1:69:12:4e:9f:21:4a:86:60:54:81:55:16:a5:58:89:d1:
ce:bf:75:d5:38:d2:df:63:ac:dc:ec:6b:22:80:40:3d:77:cc:
52:37:bb:b5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvBcXLNfoZr6t5r2UOU6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzU5NGIwMjE0MjY0ZjA2Njc3NjA5YmI0YWE0Nzc5ZWIx
ZWVjYWQwHhcNMjQwMTAyMTAzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzhmZjFhODdhOTFjNDU5NDFlYzAwNjU1ZGE0ZGM1NDM2MjZmZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHPyXdbF1yVQEAhsXUEZwLTwzV6w
B74jGcyBp7PEU/GFrW8LbBuAfN2SYaDJi1uA06HC9RpHDNJOP/5FJCMhVTBnFFvW
pEF/g4vjZf9Wlr1Tjp5FNuTpUkc8KqJcqflUnngrE+tZCLey6qk5h9xnQb0ksTy1
l0EMTKCKO4QQPa4vD4L+uPH8vsxJk9XbdVsj8W4GOWxRaspwjrC6+82jFVfDAR3M
NvOV45dRvexKvPzDecjtVyCJ7IqjWn9XQWqaQyy+2om6FlSDbpCBWCneXNNI55+j
9n8zPHcfvjCQKelbXcu4NwAfeZ3nOKVPhpI23xDP34X3CPInjmbEujKyrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMOP8ah6kcRZQewAZV2k3FQ2Jv21MB8GA1UdIwQY
MBaAFEx1lLAhQmTwZndgm7SqR3nrHuytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhXVXNDRkNaUEJtZDJDYnRLcEhlZXNlN0swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9iODBiNDctYTdiYy00ZWI0LThiZTYt
YjEzMGJmNzZmZTEwLzEvdzRfeHFIcVJ4RmxCN0FCbFhhVGNWRFltX2JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9iODBiNDctYTdiYy00ZWI0LThiZTYtYjEzMGJmNzZmZTEw
LzEvVEhXVXNDRkNaUEJtZDJDYnRLcEhlZXNlN0swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UQwMA0E
AgACMAcDBQAqAiQAMA0GCSqGSIb3DQEBCwUAA4IBAQAVwRhaGeGyyCasqP9n+FEt
41MpM/hdtYHePjAQlsSHftygI6drWlpRtkw8cqtQkhyG4cGt7CnV5AsgKboxmX8I
vrjoTgPvyDB6xu1lbi6ZO7vDYa2Yqt7Cn6qxCR96j224PMLCtZ8dmAvpsNpyxIpF
1LckA2vhUIcN7ehGI/e0wKlHrHI9MIS966i4Xc5AEUgkW1gy+hgq3Jiu1+6G7JJR
ZzG0XBbr/i4uQx7KvrO0q/gzFh17E5lO9JckN6QVHVPoF92PliWnVljjFwF2iP97
d6MSMUOOaH0bwWkSTp8hSoZgVIFVFqVYidHOv3XVONLfY6zc7GsigEA9d8xSN7u1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:14 2025 by rpki-client