Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/WU9La3gtDzbYELLK8QrU8M1LZ0c.roa
File: WU9La3gtDzbYELLK8QrU8M1LZ0c.roa (raw, json)
Hash identifier: 5dURrWYkWgU7NAXTK6199K3njWEhcNrOP00m3Sk81eY=
Subject key identifier: 59:4F:4B:6B:78:2D:0F:36:D8:10:B2:CA:F1:0A:D4:F0:CD:4B:67:47
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 018CC26D7F41E4EAFEE35A4A98326D181EA7
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/WU9La3gtDzbYELLK8QrU8M1LZ0c.roa
Signing time: Mon 01 Jan 2024 00:30:04 +0000
ROA not before: Mon 01 Jan 2024 00:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201744
IP address blocks: 91.149.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:7f:41:e4:ea:fe:e3:5a:4a:98:32:6d:18:1e:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Jan 1 00:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=594f4b6b782d0f36d810b2caf10ad4f0cd4b6747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:40:b6:08:3e:2a:73:5d:eb:5f:65:c2:ad:61:
42:58:e3:1f:b6:7d:c9:de:42:81:25:69:ff:e2:cc:
d8:74:18:1a:d6:3a:f2:7b:17:50:9b:07:48:2d:7e:
62:38:80:c5:cb:b5:3b:34:b0:a5:aa:69:a8:f8:fe:
76:ef:ac:27:94:a7:c2:6f:fe:5e:7a:1e:15:00:19:
6c:c1:72:11:25:e2:71:9e:89:e8:1c:1a:e3:52:9c:
1b:fd:f6:a2:7d:85:db:dd:89:51:7c:48:8d:4d:18:
e6:05:dc:b6:24:8c:58:2d:1c:b2:71:08:4f:99:f5:
1b:f9:d3:44:71:2b:35:50:43:06:18:ad:8e:45:7d:
9e:90:05:a9:41:40:f7:2c:a6:98:87:79:5e:fa:7f:
f5:c3:2c:0b:0d:22:8b:5d:a1:e9:a8:05:69:0f:e0:
61:e9:33:01:8b:43:41:77:f5:3b:8c:60:ec:de:20:
f8:72:82:72:ee:e9:f3:22:05:98:48:3a:e7:a3:32:
fe:13:4a:d3:bc:e1:8b:c0:63:4d:ad:1a:0a:45:8f:
68:d7:43:95:ee:91:94:17:41:c3:b2:dc:8c:75:0f:
2f:a3:07:07:e1:50:ca:9a:ce:2c:57:8a:3f:b4:5a:
79:16:95:b7:1f:65:b0:98:d4:3b:82:e8:75:b9:cc:
cf:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:4F:4B:6B:78:2D:0F:36:D8:10:B2:CA:F1:0A:D4:F0:CD:4B:67:47
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/WU9La3gtDzbYELLK8QrU8M1LZ0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.235.0/24
Signature Algorithm: sha256WithRSAEncryption
53:d4:e4:7c:7f:85:a3:32:fe:cd:ac:2c:05:a9:05:4d:59:30:
6a:dc:8d:b5:65:16:40:96:f5:16:3c:52:60:24:93:78:25:03:
38:a2:26:c0:57:35:a0:a6:e2:5f:57:04:ec:ab:93:77:2e:42:
9f:f3:4d:2d:e9:46:48:93:67:2f:19:d1:06:c3:05:69:d1:8d:
0a:5f:65:5c:f5:9a:67:aa:a4:95:d8:f7:fe:99:2e:55:e2:0d:
73:aa:4b:6d:73:b5:e9:7c:c5:cc:70:7d:37:78:6c:10:0b:56:
59:81:01:cc:50:e7:b2:bf:21:45:12:4b:77:65:f2:af:d8:3c:
a5:ba:3c:4a:2a:fa:46:f1:cd:36:7f:5b:d8:dd:b0:c5:37:10:
8f:cf:35:00:57:6f:7a:02:d0:f1:00:ee:9e:70:75:94:b6:b6:
de:52:b2:0b:ce:a3:97:66:c3:9b:58:80:a8:fd:99:f1:ef:0a:
a9:8e:95:21:97:d3:2f:23:23:5f:ee:00:6a:9c:90:8f:7d:30:
cf:44:ca:65:fb:3f:45:89:86:f4:25:e0:55:38:28:e3:f0:a5:
50:9c:b0:a5:29:61:13:36:b5:e2:60:3d:39:13:00:85:b8:01:
f7:0f:86:ea:b5:66:69:90:cf:bf:9b:2d:ec:5f:8c:8a:35:85:
41:e8:08:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbX9B5Or+41pKmDJtGB6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjQwMTAxMDAzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTRmNGI2Yjc4MmQwZjM2ZDgxMGIyY2FmMTBhZDRmMGNkNGI2NzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00C2CD4qc13rX2XCrWFCWOMftn3J
3kKBJWn/4szYdBga1jryexdQmwdILX5iOIDFy7U7NLClqmmo+P5276wnlKfCb/5e
eh4VABlswXIRJeJxnonoHBrjUpwb/faifYXb3YlRfEiNTRjmBdy2JIxYLRyycQhP
mfUb+dNEcSs1UEMGGK2ORX2ekAWpQUD3LKaYh3le+n/1wywLDSKLXaHpqAVpD+Bh
6TMBi0NBd/U7jGDs3iD4coJy7unzIgWYSDrnozL+E0rTvOGLwGNNrRoKRY9o10OV
7pGUF0HDstyMdQ8vowcH4VDKms4sV4o/tFp5FpW3H2WwmNQ7guh1uczP4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFlPS2t4LQ822BCyyvEK1PDNS2dHMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvV1U5TGEzZ3REemJZRUxMSzhRclU4TTFMWjBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5XrMA0G
CSqGSIb3DQEBCwUAA4IBAQBT1OR8f4WjMv7NrCwFqQVNWTBq3I21ZRZAlvUWPFJg
JJN4JQM4oibAVzWgpuJfVwTsq5N3LkKf800t6UZIk2cvGdEGwwVp0Y0KX2Vc9Zpn
qqSV2Pf+mS5V4g1zqkttc7XpfMXMcH03eGwQC1ZZgQHMUOeyvyFFEkt3ZfKv2Dyl
ujxKKvpG8c02f1vY3bDFNxCPzzUAV296AtDxAO6ecHWUtrbeUrILzqOXZsObWICo
/Znx7wqpjpUhl9MvIyNf7gBqnJCPfTDPRMpl+z9FiYb0JeBVOCjj8KVQnLClKWET
NrXiYD05EwCFuAH3D4bqtWZpkM+/my3sX4yKNYVB6Aif
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:13:46 2025 by rpki-client