Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/wKZqgZuUcSl_s5V2MWfah-w86v0.roa
File: wKZqgZuUcSl_s5V2MWfah-w86v0.roa (raw, json)
Hash identifier: hRjt77McpuMGNpun+zZFbQl+rcYJ2scwFmBQ5+j+AeQ=
Subject key identifier: C0:A6:6A:81:9B:94:71:29:7F:B3:95:76:31:67:DA:87:EC:3C:EA:FD
Certificate issuer: /CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Certificate serial: 01944202AC9C7FBB490097EC115E9905180F
Authority key identifier: 43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/wKZqgZuUcSl_s5V2MWfah-w86v0.roa
Signing time: Tue 07 Jan 2025 18:24:19 +0000
ROA not before: Tue 07 Jan 2025 18:24:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206947
IP address blocks: 185.198.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 08:27:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:42:02:ac:9c:7f:bb:49:00:97:ec:11:5e:99:05:18:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Validity
Not Before: Jan 7 18:24:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0a66a819b9471297fb395763167da87ec3ceafd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2f:e0:22:02:43:31:c3:e2:ee:42:11:6b:95:
ee:57:ae:8d:1e:c1:d5:ab:fb:51:f8:96:df:6e:48:
fe:c9:da:9c:a7:dd:67:3b:4b:3f:4b:2c:bb:76:26:
d7:cf:1a:dd:56:b1:77:9d:03:d3:f7:cb:ff:ff:51:
ae:61:27:2c:99:39:6e:0a:ab:5a:9d:b9:d2:6c:e3:
0a:a8:50:ff:35:1d:69:c1:2a:2e:e8:52:65:89:4d:
23:db:1a:63:c2:17:d5:b1:63:4c:51:b1:0a:a1:9d:
0b:dd:28:31:c7:4d:14:cf:42:88:db:f8:0c:78:bc:
aa:88:af:2f:6e:ef:49:1c:be:d0:b0:a5:00:eb:1b:
7f:bc:dc:e5:a2:6a:81:5f:f6:95:a4:96:e0:b4:39:
c3:63:e2:d7:50:a9:4f:7c:6b:74:c7:82:7e:21:e8:
1b:a9:7d:53:61:0b:ed:13:02:57:97:5e:10:59:6c:
0c:ac:a2:7b:36:1a:3c:73:b9:84:a6:8e:70:26:7f:
37:72:b3:77:67:67:bd:ad:6c:db:f4:ff:35:d2:15:
83:ad:ea:7c:cf:f2:e4:03:66:85:fc:37:1a:64:0c:
96:51:35:fe:40:10:6e:c6:b0:5f:82:97:4a:45:6f:
82:bd:c1:4d:cf:59:2b:46:f3:b0:fe:8c:13:03:a0:
d0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:A6:6A:81:9B:94:71:29:7F:B3:95:76:31:67:DA:87:EC:3C:EA:FD
X509v3 Authority Key Identifier:
keyid:43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/wKZqgZuUcSl_s5V2MWfah-w86v0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/Q4T2-m3sztVXioWlHgvWVwHqNOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.211.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:36:c2:f3:ca:3f:40:54:c7:3d:eb:5f:cc:c4:9d:17:74:57:
36:ae:64:d0:80:c9:4e:f5:6b:d4:9a:08:06:0a:2f:d6:db:aa:
02:f2:da:d6:15:08:61:1f:f8:e4:3d:18:1b:0f:33:a1:61:65:
5b:da:b9:39:f8:18:27:11:fe:8e:eb:d8:ec:b8:2e:83:ea:32:
98:ec:80:74:6f:16:b5:f2:89:72:9f:ad:1e:31:07:3a:b3:bd:
2b:1a:a0:46:3e:f1:cb:cc:53:63:97:4d:51:3b:a7:a7:cd:1a:
fb:bf:7d:1b:af:ed:56:b5:03:97:63:37:cb:3f:68:d0:d9:cf:
8e:d4:a6:51:b1:63:42:43:a2:c6:99:f5:5a:0f:95:86:31:d2:
d2:07:90:0c:71:dd:7b:68:4a:7c:fd:43:a9:5d:9f:50:34:57:
3b:d3:7c:b5:b9:d8:4c:29:c2:de:da:6e:a5:03:2e:27:e4:0c:
46:d3:2e:a2:15:6c:ba:9d:da:4a:6b:83:b5:85:c0:60:9b:9c:
a4:e7:85:f3:db:fe:7b:5b:0b:4c:37:15:96:59:ac:b8:d0:6e:
4f:09:d8:f2:af:ff:0e:13:1d:98:f7:b6:f5:51:17:09:52:01:
d3:31:d7:05:c1:01:f4:b4:a1:24:f7:e3:de:18:82:a9:cf:e5:
b5:eb:e7:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRCAqycf7tJAJfsEV6ZBRgPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzODRmNmZhNmRlY2NlZDU1NzhhODVhNTFlMGJkNjU3MDFl
YTM0ZWMwHhcNMjUwMTA3MTgyNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGE2NmE4MTliOTQ3MTI5N2ZiMzk1NzYzMTY3ZGE4N2VjM2NlYWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS/gIgJDMcPi7kIRa5XuV66NHsHV
q/tR+Jbfbkj+ydqcp91nO0s/Syy7dibXzxrdVrF3nQPT98v//1GuYScsmTluCqta
nbnSbOMKqFD/NR1pwSou6FJliU0j2xpjwhfVsWNMUbEKoZ0L3Sgxx00Uz0KI2/gM
eLyqiK8vbu9JHL7QsKUA6xt/vNzlomqBX/aVpJbgtDnDY+LXUKlPfGt0x4J+Iegb
qX1TYQvtEwJXl14QWWwMrKJ7Nho8c7mEpo5wJn83crN3Z2e9rWzb9P810hWDrep8
z/LkA2aF/DcaZAyWUTX+QBBuxrBfgpdKRW+CvcFNz1krRvOw/owTA6DQvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMCmaoGblHEpf7OVdjFn2ofsPOr9MB8GA1UdIwQY
MBaAFEOE9vpt7M7VV4qFpR4L1lcB6jTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTRUMi1tM3N6dFZYaW9XbEhndldWd0hxTk93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iNjk4YmQtOGRkMi00MGJlLTgyYTMt
MWIxM2JkNDU2NmE1LzEvd0tacWdadVVjU2xfczVWMk1XZmFoLXc4NnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9iNjk4YmQtOGRkMi00MGJlLTgyYTMtMWIxM2JkNDU2NmE1
LzEvUTRUMi1tM3N6dFZYaW9XbEhndldWd0hxTk93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucbTMA0G
CSqGSIb3DQEBCwUAA4IBAQBKNsLzyj9AVMc961/MxJ0XdFc2rmTQgMlO9WvUmggG
Ci/W26oC8trWFQhhH/jkPRgbDzOhYWVb2rk5+BgnEf6O69jsuC6D6jKY7IB0bxa1
8olyn60eMQc6s70rGqBGPvHLzFNjl01RO6enzRr7v30br+1WtQOXYzfLP2jQ2c+O
1KZRsWNCQ6LGmfVaD5WGMdLSB5AMcd17aEp8/UOpXZ9QNFc703y1udhMKcLe2m6l
Ay4n5AxG0y6iFWy6ndpKa4O1hcBgm5yk54Xz2/57WwtMNxWWWay40G5PCdjyr/8O
Ex2Y97b1URcJUgHTMdcFwQH0tKEk9+PeGIKpz+W16+eL
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:42:38 2025 by rpki-client