Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wclRdvqUH7-aoeuMj31cUvkvlg0.roa
File: wclRdvqUH7-aoeuMj31cUvkvlg0.roa (raw, json)
Hash identifier: aPrPtErGPg+A3n8qerWe+dHNnuNNf/uBqVpc1BxVTGw=
Subject key identifier: C1:C9:51:76:FA:94:1F:BF:9A:A1:EB:8C:8F:7D:5C:52:F9:2F:96:0D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FE57F2AF6F56FE340A6F5253211BA8FF5
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wclRdvqUH7-aoeuMj31cUvkvlg0.roa
Signing time: Tue 04 Jun 2024 23:04:27 +0000
ROA not before: Tue 04 Jun 2024 23:04:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:e57f:82a/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 04 Jun 2024 23:11:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e5:7f:2a:f6:f5:6f:e3:40:a6:f5:25:32:11:ba:8f:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 4 23:04:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1c95176fa941fbf9aa1eb8c8f7d5c52f92f960d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:31:93:62:ac:6f:ce:7c:38:0d:13:14:9d:62:
e6:3c:fd:d5:f3:ed:b1:00:da:b6:4a:22:75:de:9e:
9a:fb:95:de:83:c4:b1:66:5a:58:da:71:bd:d4:da:
ea:37:b7:91:3f:1c:2a:62:cf:02:c8:01:f5:4e:c9:
09:1a:d6:a9:22:80:d7:fb:8d:65:b4:16:c3:fa:87:
2c:60:7d:cd:a6:2f:aa:e6:21:d2:cd:16:05:9d:7e:
8f:bf:76:44:26:7b:cb:95:3c:3e:00:39:a7:72:51:
54:cc:53:48:75:43:78:8e:ae:68:c8:e2:f8:6f:7e:
42:c3:5d:50:88:7a:c6:82:7c:54:1a:6c:75:b3:23:
ef:0a:4f:e7:43:32:98:d3:3d:78:d2:9e:8f:ae:1a:
a4:a5:d9:f6:bd:18:ab:03:ad:9e:96:91:e5:46:94:
7a:d6:04:26:a8:27:90:17:a1:3c:c1:4e:8e:e6:70:
35:da:9e:ea:57:f7:e1:8b:5d:c8:29:58:93:b3:a1:
b5:dd:5a:f1:17:f2:72:fc:89:90:9a:4c:6c:5a:9c:
4b:a6:e1:75:bd:1a:0b:5f:33:86:77:fb:5b:e8:9f:
d2:83:16:d2:5d:c3:4a:f4:7a:88:e2:32:27:de:7e:
f0:d5:10:c1:81:46:fb:fc:dd:9a:78:df:5d:0c:ce:
1a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C9:51:76:FA:94:1F:BF:9A:A1:EB:8C:8F:7D:5C:52:F9:2F:96:0D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wclRdvqUH7-aoeuMj31cUvkvlg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:9b:a8:6d:65:89:37:f9:8f:7d:34:2f:88:db:2e:60:1f:5d:
b4:58:06:07:14:3c:58:48:10:04:ce:38:c7:ce:01:f2:59:37:
9a:49:f0:eb:63:77:a6:79:f2:11:26:be:b2:8e:0c:5a:9d:5e:
65:bb:59:ae:7e:46:af:b6:5a:48:2e:50:bb:6b:3d:98:70:30:
47:33:75:17:2b:83:95:7a:81:0b:01:9b:0e:8a:8d:d2:95:57:
de:94:ba:0e:32:a8:45:24:a4:8f:a7:75:d3:6a:7f:3d:88:60:
9b:b8:33:91:c2:56:09:dd:a8:e4:45:01:d9:65:9c:b8:51:78:
05:3d:ea:6f:62:30:a0:25:11:0f:34:61:00:e1:f1:b0:e2:af:
c1:2a:28:fb:d9:7d:a5:c6:39:38:96:38:da:c2:e9:4c:56:2f:
c4:7b:ad:8e:2a:14:f1:de:7c:f6:83:8d:92:1a:6c:f0:ed:f2:
d0:91:ef:1e:06:fb:f9:c4:b7:55:0d:b0:73:5e:05:22:f0:d8:
ec:c1:d6:b4:34:4a:93:73:22:bf:f6:8d:54:67:b8:ba:73:07:
06:2f:d5:0a:1e:48:3d:b0:1b:7e:1e:9b:79:0e:0d:f4:cb:d9:
6c:0f:57:89:61:9d:c5:d5:de:e5:34:69:d6:d7:3c:03:17:0f:
22:be:d3:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/lfyr29W/jQKb1JTIRuo/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA0MjMwNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWM5NTE3NmZhOTQxZmJmOWFhMWViOGM4ZjdkNWM1MmY5MmY5NjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzGTYqxvznw4DRMUnWLmPP3V8+2x
ANq2SiJ13p6a+5Xeg8SxZlpY2nG91NrqN7eRPxwqYs8CyAH1TskJGtapIoDX+41l
tBbD+ocsYH3Npi+q5iHSzRYFnX6Pv3ZEJnvLlTw+ADmnclFUzFNIdUN4jq5oyOL4
b35Cw11QiHrGgnxUGmx1syPvCk/nQzKY0z140p6Prhqkpdn2vRirA62elpHlRpR6
1gQmqCeQF6E8wU6O5nA12p7qV/fhi13IKViTs6G13VrxF/Jy/ImQmkxsWpxLpuF1
vRoLXzOGd/tb6J/SgxbSXcNK9HqI4jIn3n7w1RDBgUb7/N2aeN9dDM4aBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMHJUXb6lB+/mqHrjI99XFL5L5YNMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvd2NsUmR2cVVINy1hb2V1TWozMWNVdmt2bGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABObqG1liTf5j300L4jb
LmAfXbRYBgcUPFhIEATOOMfOAfJZN5pJ8Otjd6Z58hEmvrKODFqdXmW7Wa5+Rq+2
WkguULtrPZhwMEczdRcrg5V6gQsBmw6KjdKVV96Uug4yqEUkpI+nddNqfz2IYJu4
M5HCVgndqORFAdllnLhReAU96m9iMKAlEQ80YQDh8bDir8EqKPvZfaXGOTiWONrC
6UxWL8R7rY4qFPHefPaDjZIabPDt8tCR7x4G+/nEt1UNsHNeBSLw2OzB1rQ0SpNz
Ir/2jVRnuLpzBwYv1QoeSD2wG34em3kODfTL2WwPV4lhncXV3uU0adbXPAMXDyK+
06E=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:38 2025 by rpki-client