Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/Wr9X5Sv9a4lZWp2SGh7hZI3f0ZU.roa
File: Wr9X5Sv9a4lZWp2SGh7hZI3f0ZU.roa (raw, json)
Hash identifier: br4u1XCxYWIUjk136TbcP3bp8i7IwA3m29GjlFsr0tA=
Subject key identifier: 5A:BF:57:E5:2B:FD:6B:89:59:5A:9D:92:1A:1E:E1:64:8D:DF:D1:95
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 018F99CCC3A63C00D18A371CE0B1BC4F994F
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/Wr9X5Sv9a4lZWp2SGh7hZI3f0ZU.roa
Signing time: Tue 21 May 2024 06:18:04 +0000
ROA not before: Tue 21 May 2024 06:18:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43965
IP address blocks: 94.184.96.0/20 maxlen: 24
94.184.144.0/20 maxlen: 24
194.225.48.0/20 maxlen: 24
194.225.184.0/22 maxlen: 24
194.225.192.0/19 maxlen: 24
2001:14e8:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Sep 2024 06:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:99:cc:c3:a6:3c:00:d1:8a:37:1c:e0:b1:bc:4f:99:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: May 21 06:18:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5abf57e52bfd6b89595a9d921a1ee1648ddfd195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:27:fe:ae:3f:9a:ca:3d:10:c6:bc:ef:49:60:
26:70:da:23:ae:3b:ac:2d:e2:c0:6a:ba:12:66:99:
43:00:ae:6a:60:88:ac:0e:82:bf:f2:cb:d9:40:88:
5b:c8:4b:4b:45:66:1a:63:99:c6:8c:d1:d9:41:73:
be:a4:38:ee:e4:31:f5:0e:4b:94:2b:44:11:f3:1b:
33:fa:7d:dc:a1:e5:e6:4a:bc:35:f5:31:b2:2d:f3:
14:69:5c:d1:b7:5a:80:4d:77:f6:65:63:f8:48:6e:
91:78:e5:56:00:36:b9:04:0b:cf:16:10:31:64:06:
46:0b:c8:36:6c:25:73:9e:5f:bb:79:38:6e:ac:08:
51:87:1e:e2:50:cc:15:81:82:03:8a:87:02:59:7a:
48:a9:af:b9:bb:d2:17:8a:01:3a:be:40:04:6a:13:
21:6f:04:9c:1f:be:f7:04:89:ea:90:c3:c4:60:9a:
9e:52:f2:b7:0a:9b:2d:6f:4f:f4:c9:83:09:36:2f:
a4:ce:0a:8e:3f:fa:84:ea:0d:95:1b:8a:cf:50:5b:
7a:2d:ad:ed:e0:59:63:0f:dd:e3:bd:51:eb:7c:ab:
87:99:54:ec:b9:0f:0f:26:4b:77:54:85:a7:d9:f8:
95:cd:9a:9c:47:3d:9c:2f:14:5d:64:7e:c9:a2:e8:
fa:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:BF:57:E5:2B:FD:6B:89:59:5A:9D:92:1A:1E:E1:64:8D:DF:D1:95
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/Wr9X5Sv9a4lZWp2SGh7hZI3f0ZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.96.0/20
94.184.144.0/20
194.225.48.0/20
194.225.184.0/22
194.225.192.0/19
IPv6:
2001:14e8:2::/48
Signature Algorithm: sha256WithRSAEncryption
60:b1:54:e2:36:f3:7b:5e:76:ae:c2:c3:43:5b:61:d6:38:d9:
1e:5f:71:e0:83:c0:08:0c:66:d9:d2:2a:ef:2d:92:8e:f9:8f:
58:73:26:9e:e3:bf:cc:5d:9f:9b:59:5a:4a:90:26:09:9d:47:
e2:71:0f:02:90:7b:68:b1:dd:1c:74:76:48:0f:c6:c5:95:d7:
2b:aa:53:72:67:00:95:d4:72:9f:4c:5b:48:28:41:6d:0c:8e:
df:7a:0f:b9:07:23:b5:4a:e6:ef:d0:32:fb:81:ce:33:21:a4:
e7:ee:71:8d:12:b8:67:75:95:9b:c3:83:c3:80:29:70:b6:94:
16:31:32:f9:97:2c:99:bd:16:3e:af:1c:13:f7:74:b9:cd:58:
f4:3b:7b:bd:81:12:43:a4:a4:a6:1f:fe:a8:a4:e1:99:3f:2b:
32:cb:b7:41:cc:90:91:b6:f3:2f:ac:34:15:0e:27:d0:d8:78:
f2:05:d6:e6:7d:1d:c1:d4:ac:51:eb:cb:42:57:42:4d:d6:fd:
df:5c:62:d0:27:41:97:62:fa:06:9a:d0:ed:bf:f4:d5:1a:06:
43:3f:a8:be:55:9f:07:15:c4:50:e6:49:dd:73:a6:ec:72:d5:
20:30:ad:c1:1b:e6:a2:43:9e:13:14:ac:2b:df:e9:34:bb:8a:
bf:fb:33:2e
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY+ZzMOmPADRijcc4LG8T5lPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjQwNTIxMDYxODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWJmNTdlNTJiZmQ2Yjg5NTk1YTlkOTIxYTFlZTE2NDhkZGZkMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCf+rj+ayj0QxrzvSWAmcNojrjus
LeLAaroSZplDAK5qYIisDoK/8svZQIhbyEtLRWYaY5nGjNHZQXO+pDju5DH1DkuU
K0QR8xsz+n3coeXmSrw19TGyLfMUaVzRt1qATXf2ZWP4SG6ReOVWADa5BAvPFhAx
ZAZGC8g2bCVznl+7eThurAhRhx7iUMwVgYIDiocCWXpIqa+5u9IXigE6vkAEahMh
bwScH773BInqkMPEYJqeUvK3Cpstb0/0yYMJNi+kzgqOP/qE6g2VG4rPUFt6La3t
4FljD93jvVHrfKuHmVTsuQ8PJkt3VIWn2fiVzZqcRz2cLxRdZH7Jouj6rQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFq/V+Ur/WuJWVqdkhoe4WSN39GVMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvV3I5WDVTdjlhNGxaV3AyU0doN2haSTNmMFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQEXrhgAwQE
XriQAwQEwuEwAwQCwuG4AwQFwuHAMA8EAgACMAkDBwAgARToAAIwDQYJKoZIhvcN
AQELBQADggEBAGCxVOI283tedq7Cw0NbYdY42R5fceCDwAgMZtnSKu8tko75j1hz
Jp7jv8xdn5tZWkqQJgmdR+JxDwKQe2ix3Rx0dkgPxsWV1yuqU3JnAJXUcp9MW0go
QW0Mjt96D7kHI7VK5u/QMvuBzjMhpOfucY0SuGd1lZvDg8OAKXC2lBYxMvmXLJm9
Fj6vHBP3dLnNWPQ7e72BEkOkpKYf/qik4Zk/KzLLt0HMkJG28y+sNBUOJ9DYePIF
1uZ9HcHUrFHry0JXQk3W/d9cYtAnQZdi+gaa0O2/9NUaBkM/qL5VnwcVxFDmSd1z
puxy1SAwrcEb5qJDnhMUrCvf6TS7ir/7My4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:08 2025 by rpki-client