Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/WxQyOoTGZq2mXmm4FsgxrF22I0k.roa
File: WxQyOoTGZq2mXmm4FsgxrF22I0k.roa (raw, json)
Hash identifier: U338R5n45h29+1ErFBXFtILPQAGlms+WhyubrqVuXq0=
Subject key identifier: 5B:14:32:3A:84:C6:66:AD:A6:5E:69:B8:16:C8:31:AC:5D:B6:23:49
Certificate issuer: /CN=490b21f79b9ea2f3d042374714867d12401995db
Certificate serial: 018DA2C95CAF36F446E3BC04E9C1DE1CE613
Authority key identifier: 49:0B:21:F7:9B:9E:A2:F3:D0:42:37:47:14:86:7D:12:40:19:95:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SQsh95ueovPQQjdHFIZ9EkAZlds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/WxQyOoTGZq2mXmm4FsgxrF22I0k.roa
Signing time: Tue 13 Feb 2024 14:05:21 +0000
ROA not before: Tue 13 Feb 2024 14:05:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 212.47.86.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a2:c9:5c:af:36:f4:46:e3:bc:04:e9:c1:de:1c:e6:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=490b21f79b9ea2f3d042374714867d12401995db
Validity
Not Before: Feb 13 14:05:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b14323a84c666ada65e69b816c831ac5db62349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7e:47:b1:2a:f1:86:93:9a:68:3a:52:7c:80:
67:f8:f1:15:14:fe:08:f2:38:02:46:1f:de:90:37:
42:ae:28:0f:b1:6a:84:f0:1f:16:12:5c:23:96:29:
a0:5f:41:8c:11:18:33:0e:42:4a:f5:36:20:c9:6a:
40:4f:a0:56:32:28:72:c7:90:6f:41:2b:3c:ae:f4:
43:e5:3a:64:22:d8:8f:ce:68:4e:c8:95:b9:37:b9:
d4:ed:4c:9b:3a:ca:62:4e:83:0c:3f:32:dd:54:3c:
15:3f:5c:48:6a:d9:31:7b:c7:4b:df:e9:74:59:25:
8a:0b:5a:a7:68:f5:f0:c3:21:1e:4a:a5:66:e3:b2:
72:cc:73:a4:bb:a4:28:83:ab:c7:e0:e8:a4:cd:d3:
73:f6:09:50:f9:3e:5a:55:b8:a2:5c:ae:e4:0c:74:
6d:c4:66:47:0d:bd:a1:1b:0b:53:4b:61:ce:13:d9:
44:1b:f3:d9:d4:c9:50:bf:69:f7:be:0c:d1:e8:4b:
1b:86:46:97:81:b3:0b:0d:25:30:ed:86:04:7a:d5:
a3:ac:81:1f:fd:0f:6a:dc:6e:c4:cb:3e:dd:63:fa:
2a:37:87:a5:9a:75:2a:a6:01:ef:94:f5:f5:a0:9b:
81:0e:89:a1:a9:ac:5c:e5:b2:1b:23:d0:7f:89:cb:
72:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:14:32:3A:84:C6:66:AD:A6:5E:69:B8:16:C8:31:AC:5D:B6:23:49
X509v3 Authority Key Identifier:
keyid:49:0B:21:F7:9B:9E:A2:F3:D0:42:37:47:14:86:7D:12:40:19:95:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SQsh95ueovPQQjdHFIZ9EkAZlds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/WxQyOoTGZq2mXmm4FsgxrF22I0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/SQsh95ueovPQQjdHFIZ9EkAZlds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.47.86.0/23
Signature Algorithm: sha256WithRSAEncryption
46:b0:1f:38:31:a6:2d:d2:da:88:94:29:20:82:65:55:34:b2:
a7:6c:d1:df:78:d9:fb:ef:29:e2:7c:94:38:3e:c1:c5:03:d2:
14:10:46:8c:ed:a8:fd:07:56:15:d8:c2:66:bb:0e:fd:3f:6b:
b0:f3:e5:0a:9a:00:c5:19:b2:7b:fa:60:16:a9:c1:68:16:fa:
c5:17:85:bd:9e:6b:a8:59:57:28:18:e2:58:13:4f:90:9e:da:
eb:43:91:fe:dd:2e:0f:09:d4:ab:20:01:53:68:90:7f:e6:b0:
40:6c:76:b8:ff:38:25:e3:3b:e5:1c:43:c4:a1:6f:b7:e3:3e:
47:27:1e:f5:ef:42:9b:c9:11:2c:ab:b2:c9:d5:63:ba:1a:43:
52:69:e3:0e:9b:4c:34:ef:4e:06:6d:08:a4:02:58:b5:66:ac:
ed:64:07:54:92:3b:10:cc:4a:b1:16:c6:06:58:f7:ae:77:84:
c5:8d:11:22:92:84:b8:71:96:31:0a:8d:6b:69:37:bb:05:e7:
c1:52:55:4e:9e:41:60:9b:a1:b7:ea:ad:bc:13:e9:b4:1f:36:
dd:6e:59:46:64:cd:a4:66:a5:2d:fe:76:1f:bb:b9:d4:db:6f:
9d:1c:36:16:4c:11:88:90:9c:38:81:81:a2:07:4f:b7:43:31:
28:1e:c8:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2iyVyvNvRG47wE6cHeHOYTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MGIyMWY3OWI5ZWEyZjNkMDQyMzc0NzE0ODY3ZDEyNDAx
OTk1ZGIwHhcNMjQwMjEzMTQwNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjE0MzIzYTg0YzY2NmFkYTY1ZTY5YjgxNmM4MzFhYzVkYjYyMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk35HsSrxhpOaaDpSfIBn+PEVFP4I
8jgCRh/ekDdCrigPsWqE8B8WElwjlimgX0GMERgzDkJK9TYgyWpAT6BWMihyx5Bv
QSs8rvRD5TpkItiPzmhOyJW5N7nU7UybOspiToMMPzLdVDwVP1xIatkxe8dL3+l0
WSWKC1qnaPXwwyEeSqVm47JyzHOku6Qog6vH4OikzdNz9glQ+T5aVbiiXK7kDHRt
xGZHDb2hGwtTS2HOE9lEG/PZ1MlQv2n3vgzR6EsbhkaXgbMLDSUw7YYEetWjrIEf
/Q9q3G7Eyz7dY/oqN4elmnUqpgHvlPX1oJuBDomhqaxc5bIbI9B/ictynQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFsUMjqExmatpl5puBbIMaxdtiNJMB8GA1UdIwQY
MBaAFEkLIfebnqLz0EI3RxSGfRJAGZXbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1FzaDk1dWVvdlBRUWpkSEZJWjlFa0FabGRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9lMTAxNjUtYjRjZC00MzIxLWJmM2Mt
NDgwYzMyZjQwMGUxLzEvV3hReU9vVEdacTJtWG1tNEZzZ3hyRjIySTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9lMTAxNjUtYjRjZC00MzIxLWJmM2MtNDgwYzMyZjQwMGUx
LzEvU1FzaDk1dWVvdlBRUWpkSEZJWjlFa0FabGRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1C9WMA0G
CSqGSIb3DQEBCwUAA4IBAQBGsB84MaYt0tqIlCkggmVVNLKnbNHfeNn77ynifJQ4
PsHFA9IUEEaM7aj9B1YV2MJmuw79P2uw8+UKmgDFGbJ7+mAWqcFoFvrFF4W9nmuo
WVcoGOJYE0+QntrrQ5H+3S4PCdSrIAFTaJB/5rBAbHa4/zgl4zvlHEPEoW+34z5H
Jx7170KbyREsq7LJ1WO6GkNSaeMOm0w0704GbQikAli1ZqztZAdUkjsQzEqxFsYG
WPeud4TFjREikoS4cZYxCo1raTe7BefBUlVOnkFgm6G36q28E+m0HzbdbllGZM2k
ZqUt/nYfu7nU22+dHDYWTBGIkJw4gYGiB0+3QzEoHsjl
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:40 2025 by rpki-client