Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/WDCvcDpshaw0WV7kn2vgTAmY3C8.roa
File: WDCvcDpshaw0WV7kn2vgTAmY3C8.roa (raw, json)
Hash identifier: nyoTgd1s0O30JeNALuzNYMZRF/GioOuB/bW+rLKBFos=
Subject key identifier: 58:30:AF:70:3A:6C:85:AC:34:59:5E:E4:9F:6B:E0:4C:09:98:DC:2F
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 018F530F845D7EDFCB2CAAF460E5184DA56D
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/WDCvcDpshaw0WV7kn2vgTAmY3C8.roa
Signing time: Tue 07 May 2024 12:37:56 +0000
ROA not before: Tue 07 May 2024 12:37:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199404
IP address blocks: 69.57.172.0/24 maxlen: 24
190.92.174.0/24 maxlen: 24
190.92.175.0/24 maxlen: 24
195.250.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 May 2024 11:57:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:0f:84:5d:7e:df:cb:2c:aa:f4:60:e5:18:4d:a5:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: May 7 12:37:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5830af703a6c85ac34595ee49f6be04c0998dc2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f3:e1:5c:6e:d6:42:de:96:0f:ec:ce:9d:1f:
e3:f9:e9:3d:83:37:34:f6:7d:97:85:36:e2:3b:c2:
3a:8e:d3:b2:69:96:14:dc:a3:97:b8:d0:13:26:f5:
8a:2b:6d:30:e8:48:e2:8d:91:48:92:8c:ac:b2:f2:
ed:52:de:81:7b:98:b7:8d:94:59:1a:b7:6f:d3:42:
7c:4a:6d:f2:81:44:99:a6:12:eb:bb:1a:86:a6:25:
b5:6a:d7:77:29:31:43:a9:11:f9:ed:56:90:ed:4f:
c4:42:04:73:13:1b:f0:b8:c5:7a:c4:81:31:47:7c:
f7:6b:53:54:db:68:dd:a3:29:0e:e6:6d:3b:21:00:
9c:81:2f:89:8e:8a:13:f6:0e:a9:9e:f2:cd:b4:db:
a2:e3:58:17:f8:25:be:68:2b:61:e9:5c:cf:dc:7c:
db:c8:e7:85:2c:70:41:0e:45:49:47:94:fc:5d:8a:
90:a1:02:eb:f4:ff:54:49:9d:13:0f:5a:b1:2e:d3:
a3:3c:e3:b8:b2:11:f2:be:4a:d1:89:24:be:d7:f2:
63:92:78:80:fe:00:dd:88:a3:a0:b0:ec:bc:b2:b9:
a0:a5:11:2f:b6:ad:88:6c:54:68:9a:8d:de:03:bd:
c4:f5:fa:4a:f7:62:6a:67:fc:e3:d7:b4:3e:e5:c2:
83:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:30:AF:70:3A:6C:85:AC:34:59:5E:E4:9F:6B:E0:4C:09:98:DC:2F
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/WDCvcDpshaw0WV7kn2vgTAmY3C8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.57.172.0/24
190.92.174.0/23
195.250.20.0/24
Signature Algorithm: sha256WithRSAEncryption
66:78:a1:65:f9:32:ae:cf:8f:cf:8c:0e:3d:97:bf:0e:a7:df:
88:35:6c:3c:98:be:45:92:8b:2b:06:c8:13:ba:3d:e9:e9:41:
0f:a6:8f:67:6c:6c:fe:8b:7c:2f:ec:74:d9:5b:0c:31:23:52:
1e:37:20:3d:e2:1b:17:61:f0:e0:42:76:eb:da:ef:f6:c0:c5:
78:e2:19:d7:f5:77:ea:1d:82:39:d1:2e:76:43:fa:9b:df:d1:
76:4a:c0:f8:47:3c:e8:fa:c0:60:a9:4a:08:97:32:f2:7c:af:
44:ec:79:7e:47:64:60:19:d2:f6:d3:5e:57:94:bf:c8:8f:6a:
45:d5:8b:c7:4f:3c:eb:91:e6:d1:91:57:b7:15:76:82:e2:15:
19:02:2b:a0:1c:59:30:c4:d3:a5:3e:07:12:4a:48:39:55:ce:
29:3d:11:6d:8c:87:2c:ed:34:12:2c:58:65:d2:10:b0:b2:ef:
7a:ef:66:62:58:41:3d:6c:1c:ca:19:20:38:67:fe:00:f5:e1:
3d:78:fc:7e:7b:d0:93:5a:2d:89:16:7e:c2:50:91:83:50:5b:
b9:ac:bc:95:76:0c:11:9e:20:af:53:9d:0d:a8:70:e1:48:b3:
be:c9:4a:14:89:c3:8f:33:18:88:39:30:e1:49:ca:f3:c2:b8:
b3:a3:0f:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY9TD4Rdft/LLKr0YOUYTaVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQwNTA3MTIzNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODMwYWY3MDNhNmM4NWFjMzQ1OTVlZTQ5ZjZiZTA0YzA5OThkYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/PhXG7WQt6WD+zOnR/j+ek9gzc0
9n2XhTbiO8I6jtOyaZYU3KOXuNATJvWKK20w6EjijZFIkoyssvLtUt6Be5i3jZRZ
Grdv00J8Sm3ygUSZphLruxqGpiW1atd3KTFDqRH57VaQ7U/EQgRzExvwuMV6xIEx
R3z3a1NU22jdoykO5m07IQCcgS+JjooT9g6pnvLNtNui41gX+CW+aCth6VzP3Hzb
yOeFLHBBDkVJR5T8XYqQoQLr9P9USZ0TD1qxLtOjPOO4shHyvkrRiSS+1/JjkniA
/gDdiKOgsOy8srmgpREvtq2IbFRomo3eA73E9fpK92JqZ/zj17Q+5cKDyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFgwr3A6bIWsNFle5J9r4EwJmNwvMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvV0RDdmNEcHNoYXcwV1Y3a24ydmdUQW1ZM0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQARTmsAwQB
vlyuAwQAw/oUMA0GCSqGSIb3DQEBCwUAA4IBAQBmeKFl+TKuz4/PjA49l78Op9+I
NWw8mL5FkosrBsgTuj3p6UEPpo9nbGz+i3wv7HTZWwwxI1IeNyA94hsXYfDgQnbr
2u/2wMV44hnX9XfqHYI50S52Q/qb39F2SsD4Rzzo+sBgqUoIlzLyfK9E7Hl+R2Rg
GdL2015XlL/Ij2pF1YvHTzzrkebRkVe3FXaC4hUZAiugHFkwxNOlPgcSSkg5Vc4p
PRFtjIcs7TQSLFhl0hCwsu9672ZiWEE9bBzKGSA4Z/4A9eE9ePx+e9CTWi2JFn7C
UJGDUFu5rLyVdgwRniCvU50NqHDhSLO+yUoUicOPMxiIOTDhScrzwrizow/M
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:32:21 2025 by rpki-client