Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/wbQu2dug3Anajnt0EaRWvWccGMw.roa
File: wbQu2dug3Anajnt0EaRWvWccGMw.roa (raw, json)
Hash identifier: rTW+uoaJc0WwqrTJSX3gWjS3QlnoRESyetkM99ifefc=
Subject key identifier: C1:B4:2E:D9:DB:A0:DC:09:DA:8E:7B:74:11:A4:56:BD:67:1C:18:CC
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 018CCA993F6C13E061A9539834B83D26FB34
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/wbQu2dug3Anajnt0EaRWvWccGMw.roa
Signing time: Tue 02 Jan 2024 14:34:49 +0000
ROA not before: Tue 02 Jan 2024 14:34:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41175
IP address blocks: 185.114.104.0/22 maxlen: 24
81.201.208.0/20 maxlen: 24
2a00:e900::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:3f:6c:13:e0:61:a9:53:98:34:b8:3d:26:fb:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Jan 2 14:34:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1b42ed9dba0dc09da8e7b7411a456bd671c18cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:35:5c:31:53:51:ac:0c:fa:22:9d:f2:d6:b2:
9a:49:58:99:c2:f3:59:ce:23:11:6e:7b:c0:89:29:
f4:72:a8:eb:9f:db:81:98:3f:a5:02:f9:bc:00:4e:
26:88:d6:e5:0b:36:f5:6e:60:4a:68:85:c1:0b:58:
68:b1:5e:d5:2e:a5:80:9a:60:f6:d6:2b:a0:fe:29:
bf:9b:fe:73:79:a4:69:05:5b:79:07:90:be:f7:2b:
a3:d7:ec:a2:15:3f:5b:c8:4e:61:69:0c:92:17:f5:
f7:21:05:39:b3:90:d9:f8:bc:36:0b:29:0f:eb:a2:
a0:3b:32:ee:a4:df:99:14:e6:ea:cc:eb:2e:cb:53:
07:5c:52:0d:f0:f6:e4:80:d0:c0:7b:6c:e8:fe:49:
b6:78:ae:25:0c:99:7c:c0:1a:31:1e:fd:95:9d:be:
b7:1e:fa:c6:a1:ef:9b:0f:d2:3a:cb:c5:6c:c3:4e:
a8:28:17:dc:6d:48:38:02:48:3e:d0:2c:90:20:c8:
9d:e7:7c:43:8e:e5:3c:22:8e:fd:a4:ca:80:7c:38:
42:e7:6c:c4:70:ab:76:f0:9d:93:b8:60:07:be:d5:
97:96:dc:bd:3a:df:90:ad:f9:fa:56:20:24:8b:e2:
bd:a5:35:55:5a:b8:ef:93:e8:6b:8d:01:3a:46:85:
19:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:B4:2E:D9:DB:A0:DC:09:DA:8E:7B:74:11:A4:56:BD:67:1C:18:CC
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/wbQu2dug3Anajnt0EaRWvWccGMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.201.208.0/20
185.114.104.0/22
IPv6:
2a00:e900::/29
Signature Algorithm: sha256WithRSAEncryption
22:9d:4e:22:a0:69:9c:b3:89:2e:90:af:94:df:59:92:03:4a:
d8:ad:84:41:18:17:49:08:41:4b:a4:fb:66:eb:6d:43:3a:07:
8c:6c:cd:c3:d9:fe:18:bf:94:06:9c:8e:23:54:c7:7e:1b:dd:
51:08:ad:ce:48:63:1b:d4:54:4b:ee:7c:19:45:c1:66:c6:36:
88:d8:29:0f:8e:7a:4d:cb:a2:10:e1:f9:96:c4:70:a9:93:06:
1e:52:5b:f6:c7:6f:c0:e3:a9:c4:e6:cc:a6:a4:1b:b1:dd:de:
e3:89:9e:56:10:48:2f:4f:00:55:18:14:90:bb:1b:0f:0f:37:
b4:f2:43:ff:06:47:16:17:9f:70:36:4c:79:5b:e9:27:71:9c:
b8:aa:d6:5d:c0:00:8c:2e:7b:d3:fc:7c:d3:62:ff:77:22:8a:
5c:c1:bc:49:79:6c:53:85:c4:a9:b6:7d:64:67:e3:4e:50:36:
f7:f1:86:b5:25:21:92:da:e3:80:6d:d3:66:aa:2a:86:47:3e:
c3:13:70:43:d8:4b:fb:51:77:23:ff:28:04:8c:4c:1f:b2:d1:
4a:d0:ae:a4:26:b5:8e:e8:f2:7c:33:57:ba:26:f5:18:e0:d0:
b0:fe:95:3c:d7:04:70:63:74:df:d7:28:58:c1:d1:f6:4d:01:
de:40:3d:9d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKmT9sE+BhqVOYNLg9Jvs0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjQwMTAyMTQzNDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWI0MmVkOWRiYTBkYzA5ZGE4ZTdiNzQxMWE0NTZiZDY3MWMxOGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTVcMVNRrAz6Ip3y1rKaSViZwvNZ
ziMRbnvAiSn0cqjrn9uBmD+lAvm8AE4miNblCzb1bmBKaIXBC1hosV7VLqWAmmD2
1iug/im/m/5zeaRpBVt5B5C+9yuj1+yiFT9byE5haQySF/X3IQU5s5DZ+Lw2CykP
66KgOzLupN+ZFObqzOsuy1MHXFIN8PbkgNDAe2zo/km2eK4lDJl8wBoxHv2Vnb63
HvrGoe+bD9I6y8Vsw06oKBfcbUg4Akg+0CyQIMid53xDjuU8Io79pMqAfDhC52zE
cKt28J2TuGAHvtWXlty9Ot+Qrfn6ViAki+K9pTVVWrjvk+hrjQE6RoUZIwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMG0LtnboNwJ2o57dBGkVr1nHBjMMB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvd2JRdTJkdWczQW5ham50MEVhUld2V2NjR013LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUcnQAwQC
uXJoMA0EAgACMAcDBQMqAOkAMA0GCSqGSIb3DQEBCwUAA4IBAQAinU4ioGmcs4ku
kK+U31mSA0rYrYRBGBdJCEFLpPtm621DOgeMbM3D2f4Yv5QGnI4jVMd+G91RCK3O
SGMb1FRL7nwZRcFmxjaI2CkPjnpNy6IQ4fmWxHCpkwYeUlv2x2/A46nE5sympBux
3d7jiZ5WEEgvTwBVGBSQuxsPDze08kP/BkcWF59wNkx5W+kncZy4qtZdwACMLnvT
/HzTYv93IopcwbxJeWxThcSptn1kZ+NOUDb38Ya1JSGS2uOAbdNmqiqGRz7DE3BD
2Ev7UXcj/ygEjEwfstFK0K6kJrWO6PJ8M1e6JvUY4NCw/pU81wRwY3Tf1yhYwdH2
TQHeQD2d
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:02:24 2025 by rpki-client