Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/WP-8al4uUvjrQoCe3i9O_U4nyzw.roa
File: WP-8al4uUvjrQoCe3i9O_U4nyzw.roa (raw, json)
Hash identifier: 23wXE0fncwNghN/Kx6HswlCML15pyW4HPZ+qxFm+EZc=
Subject key identifier: 58:FF:BC:6A:5E:2E:52:F8:EB:42:80:9E:DE:2F:4E:FD:4E:27:CB:3C
Certificate issuer: /CN=5ab2ba9abf81d6cf8033cdcdebc8df8f7e22c28c
Certificate serial: 01941CF7A448668E621B5B6FBACDF3912271
Authority key identifier: 5A:B2:BA:9A:BF:81:D6:CF:80:33:CD:CD:EB:C8:DF:8F:7E:22:C2:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WrK6mr-B1s-AM83N68jfj34iwow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/WP-8al4uUvjrQoCe3i9O_U4nyzw.roa
Signing time: Tue 31 Dec 2024 13:46:18 +0000
ROA not before: Tue 31 Dec 2024 13:46:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200020
IP address blocks: 185.228.200.0/22 maxlen: 24
2a0b:7180::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1c:f7:a4:48:66:8e:62:1b:5b:6f:ba:cd:f3:91:22:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ab2ba9abf81d6cf8033cdcdebc8df8f7e22c28c
Validity
Not Before: Dec 31 13:46:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58ffbc6a5e2e52f8eb42809ede2f4efd4e27cb3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:05:5d:33:2b:37:5a:1a:91:63:4b:88:06:70:
c2:54:ca:67:b8:34:19:5b:fb:5a:84:b2:cc:ec:32:
72:f0:6f:46:44:5a:52:09:9a:70:2a:4b:cf:5c:93:
13:da:26:a0:76:c2:0d:9a:71:44:96:dc:19:54:75:
dd:e3:af:f0:2a:c7:ef:69:08:b8:72:29:69:aa:0b:
86:a7:ff:9f:a2:01:a5:5a:05:b2:8b:59:32:8c:76:
61:58:f2:01:47:ba:58:e7:25:14:b1:a5:77:51:5c:
4d:d2:e2:04:14:97:a4:fe:a0:d2:65:92:08:33:71:
4e:f7:83:8d:92:1a:4e:2a:05:d6:8c:32:ba:ea:24:
55:9b:5c:cf:da:cb:e9:29:fa:74:82:75:cd:80:38:
44:26:ac:95:d0:01:a3:59:85:7c:e2:c8:94:cf:21:
77:2a:30:f7:06:0a:a5:ed:cb:11:d2:8e:7a:df:23:
c4:e6:aa:04:59:8f:93:44:6a:18:c3:68:bf:ae:2f:
e5:6f:df:71:53:15:d2:6a:7d:39:ac:6f:10:9b:5e:
9d:71:60:b9:66:ae:ca:66:d9:af:47:b9:27:b0:a2:
93:be:b6:bd:c2:8d:75:14:65:ff:75:bb:d6:c2:44:
3c:2f:5c:09:7c:6f:06:72:e6:49:8e:19:48:47:1e:
54:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:FF:BC:6A:5E:2E:52:F8:EB:42:80:9E:DE:2F:4E:FD:4E:27:CB:3C
X509v3 Authority Key Identifier:
keyid:5A:B2:BA:9A:BF:81:D6:CF:80:33:CD:CD:EB:C8:DF:8F:7E:22:C2:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrK6mr-B1s-AM83N68jfj34iwow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/WP-8al4uUvjrQoCe3i9O_U4nyzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/WrK6mr-B1s-AM83N68jfj34iwow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.200.0/22
IPv6:
2a0b:7180::/32
Signature Algorithm: sha256WithRSAEncryption
7e:a8:62:cf:f8:a3:62:8e:5f:3c:93:ea:8e:20:da:bb:50:04:
a6:be:6f:ea:08:26:13:14:26:4e:ff:67:98:bf:38:c4:3a:42:
9f:ec:fe:2d:0c:d6:e4:b2:ce:b9:94:d0:ca:c0:62:75:50:1e:
d9:2b:fb:51:1a:b0:4f:5c:63:5b:f7:22:5a:6b:92:f3:54:2a:
e6:46:e9:90:59:e9:f5:d5:9a:61:a4:08:ec:c7:c3:aa:13:a7:
1a:3a:4c:22:15:0e:c2:96:0b:d5:fc:c8:cf:24:32:d3:17:df:
fd:ea:5e:bd:c7:44:17:e4:74:8f:85:d9:53:81:d4:80:8d:96:
9c:5a:42:ec:96:19:b6:fe:c3:59:70:81:56:d7:fb:4d:09:85:
fe:92:05:91:31:aa:9c:ff:2f:39:13:bd:03:7d:b4:4c:6a:16:
3e:9a:4f:8f:0f:79:74:df:a3:ab:fb:4e:b8:d6:e9:ca:51:35:
cf:2a:6e:d9:d6:b0:09:db:51:62:cd:ca:ab:3e:54:c3:39:45:
b2:f4:3a:ad:c4:9f:71:0c:f9:30:3e:2c:e9:63:f8:da:a7:59:
40:d1:33:84:a6:47:93:8d:d8:e9:ed:c6:e4:1e:42:69:4d:50:
62:37:29:12:b7:6f:89:af:eb:a7:cd:6a:cc:1c:fe:bb:51:b9:
c7:9a:5d:ef
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQc96RIZo5iG1tvus3zkSJxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYjJiYTlhYmY4MWQ2Y2Y4MDMzY2RjZGViYzhkZjhmN2Uy
MmMyOGMwHhcNMjQxMjMxMTM0NjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGZmYmM2YTVlMmU1MmY4ZWI0MjgwOWVkZTJmNGVmZDRlMjdjYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgVdMys3WhqRY0uIBnDCVMpnuDQZ
W/tahLLM7DJy8G9GRFpSCZpwKkvPXJMT2iagdsINmnFEltwZVHXd46/wKsfvaQi4
cilpqguGp/+fogGlWgWyi1kyjHZhWPIBR7pY5yUUsaV3UVxN0uIEFJek/qDSZZII
M3FO94ONkhpOKgXWjDK66iRVm1zP2svpKfp0gnXNgDhEJqyV0AGjWYV84siUzyF3
KjD3Bgql7csR0o563yPE5qoEWY+TRGoYw2i/ri/lb99xUxXSan05rG8Qm16dcWC5
Zq7KZtmvR7knsKKTvra9wo11FGX/dbvWwkQ8L1wJfG8GcuZJjhlIRx5UJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFj/vGpeLlL460KAnt4vTv1OJ8s8MB8GA1UdIwQY
MBaAFFqyupq/gdbPgDPNzevI349+IsKMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3JLNm1yLUIxcy1BTTgzTjY4amZqMzRpd293LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hNjA4YzUtNDk2ZC00OTllLWFmNDEt
NmRmYmJkZTUyZGVhLzEvV1AtOGFsNHVVdmpyUW9DZTNpOU9fVTRueXp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9hNjA4YzUtNDk2ZC00OTllLWFmNDEtNmRmYmJkZTUyZGVh
LzEvV3JLNm1yLUIxcy1BTTgzTjY4amZqMzRpd293LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueTIMA0E
AgACMAcDBQAqC3GAMA0GCSqGSIb3DQEBCwUAA4IBAQB+qGLP+KNijl88k+qOINq7
UASmvm/qCCYTFCZO/2eYvzjEOkKf7P4tDNbkss65lNDKwGJ1UB7ZK/tRGrBPXGNb
9yJaa5LzVCrmRumQWen11ZphpAjsx8OqE6caOkwiFQ7ClgvV/MjPJDLTF9/96l69
x0QX5HSPhdlTgdSAjZacWkLslhm2/sNZcIFW1/tNCYX+kgWRMaqc/y85E70DfbRM
ahY+mk+PD3l036Or+0641unKUTXPKm7Z1rAJ21FizcqrPlTDOUWy9DqtxJ9xDPkw
PizpY/jap1lA0TOEpkeTjdjp7cbkHkJpTVBiNykSt2+Jr+unzWrMHP67UbnHml3v
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:58:31 2025 by rpki-client