Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/0d6b47-8191-41e2-8113-6e56212cdf5c/1/WALQec2eoXJ2_ogQxXifpVc7htA.roa
File: WALQec2eoXJ2_ogQxXifpVc7htA.roa (raw, json)
Hash identifier: dIcLkqprq+wtZBqel/ZxYLMurBFaD6QT37Sv344I6Ow=
Subject key identifier: 58:02:D0:79:CD:9E:A1:72:76:FE:88:10:C5:78:9F:A5:57:3B:86:D0
Certificate issuer: /CN=2ea7626d600daf759376a6507e1d684386992d31
Certificate serial: 018CC6B92DDE0CB96AEA11A3FF4B9C4AE044
Authority key identifier: 2E:A7:62:6D:60:0D:AF:75:93:76:A6:50:7E:1D:68:43:86:99:2D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LqdibWANr3WTdqZQfh1oQ4aZLTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/0d6b47-8191-41e2-8113-6e56212cdf5c/1/WALQec2eoXJ2_ogQxXifpVc7htA.roa
Signing time: Mon 01 Jan 2024 20:31:13 +0000
ROA not before: Mon 01 Jan 2024 20:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57022
IP address blocks: 185.70.171.0/24 maxlen: 24
185.70.170.0/24 maxlen: 24
185.70.169.0/24 maxlen: 24
185.70.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:2d:de:0c:b9:6a:ea:11:a3:ff:4b:9c:4a:e0:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ea7626d600daf759376a6507e1d684386992d31
Validity
Not Before: Jan 1 20:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5802d079cd9ea17276fe8810c5789fa5573b86d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:af:5c:90:77:15:0e:d6:81:74:44:c1:b6:78:
bd:b2:c1:d4:5a:51:fb:b8:11:1e:d6:20:36:cc:fd:
5b:63:8f:b1:b5:f0:97:02:e7:17:f6:b8:14:34:41:
33:21:72:54:6d:11:cc:f7:e9:55:b7:97:ef:73:06:
90:84:d1:3b:1e:e0:dc:2d:c5:be:8c:c1:df:91:8f:
73:ef:d7:e1:8d:4a:d2:1e:5a:fe:c4:32:17:60:bd:
c3:9b:70:44:3d:7f:b4:a1:5d:d4:45:df:24:1f:f9:
b9:50:07:a0:2c:61:11:c5:98:c8:0b:20:65:f4:ae:
66:32:cf:d8:13:04:53:8e:6e:76:dd:ee:6a:89:95:
f2:c0:3f:fb:f1:37:f5:f4:12:16:ba:57:a4:a8:91:
33:88:45:64:4b:1b:9f:c4:7c:3c:6e:25:02:42:cf:
b4:c2:50:03:37:f6:8d:54:62:f6:85:29:db:97:3c:
e5:74:19:83:b2:29:f8:4d:7c:85:9c:e4:96:b5:89:
0f:92:fd:c1:b0:1b:94:1f:bf:d6:45:3d:25:ce:f9:
07:6a:ef:b9:87:3f:2a:bd:0c:8e:d7:f8:e2:6c:22:
d7:34:9d:e4:5c:d3:21:f0:a7:1c:b5:31:dc:25:7c:
96:72:ac:ef:0c:71:e8:99:99:18:68:99:67:c0:1e:
dc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:02:D0:79:CD:9E:A1:72:76:FE:88:10:C5:78:9F:A5:57:3B:86:D0
X509v3 Authority Key Identifier:
keyid:2E:A7:62:6D:60:0D:AF:75:93:76:A6:50:7E:1D:68:43:86:99:2D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LqdibWANr3WTdqZQfh1oQ4aZLTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/0d6b47-8191-41e2-8113-6e56212cdf5c/1/WALQec2eoXJ2_ogQxXifpVc7htA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/0d6b47-8191-41e2-8113-6e56212cdf5c/1/LqdibWANr3WTdqZQfh1oQ4aZLTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.168.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:0e:1d:17:61:0b:c3:ea:6f:6e:37:bb:fc:0a:25:a2:f0:52:
b2:44:55:e0:01:88:7c:cf:cb:83:7b:c4:6e:3a:a1:97:59:d0:
70:e8:17:8d:ac:0e:79:39:b0:88:f8:40:68:c1:e9:d7:ec:35:
22:0d:88:ad:c9:58:96:27:2c:71:d3:e3:48:ed:28:5b:fc:8c:
e5:9c:7c:d4:c4:7c:e6:3e:22:6d:87:b9:8b:68:1f:bc:fc:11:
ac:b8:45:33:9c:1b:5a:54:50:1d:b7:23:01:32:bb:52:5e:11:
b8:fd:2f:fe:55:f1:48:5c:be:b8:72:35:77:37:df:88:92:8b:
d3:3d:c2:3d:b4:22:9e:89:46:c7:fb:80:ca:76:4a:d7:a2:6b:
e1:2f:73:18:08:fb:d7:77:cb:8f:e9:9a:ee:69:4b:5e:09:e5:
8e:83:bf:c7:8a:58:aa:38:4f:eb:e8:0d:d6:17:aa:be:13:5d:
42:6e:b3:dd:d9:4d:1b:f4:0c:0d:24:eb:88:1f:25:31:b8:81:
9a:ba:8e:0c:68:41:4c:e1:85:33:c6:7c:8d:8f:01:03:4d:56:
d4:f2:d4:2f:f2:51:af:b2:6d:b9:5c:6c:95:ba:b6:c6:aa:14:
6e:d6:46:5e:dd:84:79:7e:32:c9:bd:1e:3e:9f:5b:7a:d8:09:
6d:e6:7e:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuS3eDLlq6hGj/0ucSuBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYTc2MjZkNjAwZGFmNzU5Mzc2YTY1MDdlMWQ2ODQzODY5
OTJkMzEwHhcNMjQwMTAxMjAzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODAyZDA3OWNkOWVhMTcyNzZmZTg4MTBjNTc4OWZhNTU3M2I4NmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmK9ckHcVDtaBdETBtni9ssHUWlH7
uBEe1iA2zP1bY4+xtfCXAucX9rgUNEEzIXJUbRHM9+lVt5fvcwaQhNE7HuDcLcW+
jMHfkY9z79fhjUrSHlr+xDIXYL3Dm3BEPX+0oV3URd8kH/m5UAegLGERxZjICyBl
9K5mMs/YEwRTjm523e5qiZXywD/78Tf19BIWulekqJEziEVkSxufxHw8biUCQs+0
wlADN/aNVGL2hSnblzzldBmDsin4TXyFnOSWtYkPkv3BsBuUH7/WRT0lzvkHau+5
hz8qvQyO1/jibCLXNJ3kXNMh8KcctTHcJXyWcqzvDHHomZkYaJlnwB7cRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFgC0HnNnqFydv6IEMV4n6VXO4bQMB8GA1UdIwQY
MBaAFC6nYm1gDa91k3amUH4daEOGmS0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHFkaWJXQU5yM1dUZHFaUWZoMW9RNGFaTFRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8wZDZiNDctODE5MS00MWUyLTgxMTMt
NmU1NjIxMmNkZjVjLzEvV0FMUWVjMmVvWEoyX29nUXhYaWZwVmM3aHRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8wZDZiNDctODE5MS00MWUyLTgxMTMtNmU1NjIxMmNkZjVj
LzEvTHFkaWJXQU5yM1dUZHFaUWZoMW9RNGFaTFRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUaoMA0G
CSqGSIb3DQEBCwUAA4IBAQArDh0XYQvD6m9uN7v8CiWi8FKyRFXgAYh8z8uDe8Ru
OqGXWdBw6BeNrA55ObCI+EBowenX7DUiDYityViWJyxx0+NI7Shb/IzlnHzUxHzm
PiJth7mLaB+8/BGsuEUznBtaVFAdtyMBMrtSXhG4/S/+VfFIXL64cjV3N9+IkovT
PcI9tCKeiUbH+4DKdkrXomvhL3MYCPvXd8uP6ZruaUteCeWOg7/HiliqOE/r6A3W
F6q+E11CbrPd2U0b9AwNJOuIHyUxuIGauo4MaEFM4YUzxnyNjwEDTVbU8tQv8lGv
sm25XGyVurbGqhRu1kZe3YR5fjLJvR4+n1t62Alt5n56
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:31 2025 by rpki-client