Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5809a5-bbdc-43ea-94c4-9d1a2e0911b9/1/wsdImU5osLDNeTbL75PCA_LQQDE.roa
File: wsdImU5osLDNeTbL75PCA_LQQDE.roa (raw, json)
Hash identifier: wFpytJYQNF2tuPXbciTQ3G0hDteSKky4HDzGvHZjMIk=
Subject key identifier: C2:C7:48:99:4E:68:B0:B0:CD:79:36:CB:EF:93:C2:03:F2:D0:40:31
Certificate issuer: /CN=a4f2e2c7753652c77dbb79cbe069b2bab03f60dd
Certificate serial: 018CC80174E2DE5157A8165A3BDC7853C1FF
Authority key identifier: A4:F2:E2:C7:75:36:52:C7:7D:BB:79:CB:E0:69:B2:BA:B0:3F:60:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPLix3U2Usd9u3nL4GmyurA_YN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5809a5-bbdc-43ea-94c4-9d1a2e0911b9/1/wsdImU5osLDNeTbL75PCA_LQQDE.roa
Signing time: Tue 02 Jan 2024 02:29:47 +0000
ROA not before: Tue 02 Jan 2024 02:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12945
IP address blocks: 194.126.241.0/24 maxlen: 24
91.212.176.0/24 maxlen: 24
2001:67c:2e20::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:74:e2:de:51:57:a8:16:5a:3b:dc:78:53:c1:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f2e2c7753652c77dbb79cbe069b2bab03f60dd
Validity
Not Before: Jan 2 02:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2c748994e68b0b0cd7936cbef93c203f2d04031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fe:7c:ea:03:40:26:39:62:07:22:3a:34:f4:
12:9d:c0:46:0a:f0:88:0e:79:31:13:f5:96:75:36:
9d:12:3a:d3:85:ac:81:cd:f4:53:8d:98:bd:c9:84:
48:77:fa:85:49:7e:d1:2b:46:cd:8b:4f:1e:d5:31:
98:3f:fa:d8:af:12:f6:24:58:d9:3c:97:f6:6f:c0:
66:83:5e:ed:eb:e8:8b:04:af:dd:df:a5:ce:67:b0:
78:26:07:d0:45:2b:f0:33:ce:86:53:71:09:5f:10:
b0:69:29:75:c2:31:f4:9d:0c:fa:fa:9c:44:cb:e0:
2b:0c:3a:5d:9c:e3:1a:2c:9f:67:06:14:81:51:8e:
5a:d1:16:f9:66:40:41:4c:e4:ff:e4:f1:60:de:10:
08:a6:7d:68:a6:87:3e:6d:ca:62:e8:23:8d:99:bf:
e6:f4:89:29:69:f8:86:2a:96:1e:50:75:3b:b0:cc:
73:44:86:13:ae:e3:b5:98:05:d4:a8:1d:fa:f8:15:
c6:c2:0f:5b:af:4d:a8:a4:87:69:01:b5:47:a9:0a:
d8:8f:3d:33:81:32:03:ac:0e:82:91:2f:aa:90:e0:
6a:2a:a5:7f:1a:36:3b:62:13:5b:a7:e4:59:07:62:
5c:59:a2:dc:b3:b8:45:c9:7e:e6:96:58:b6:d6:ba:
79:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:C7:48:99:4E:68:B0:B0:CD:79:36:CB:EF:93:C2:03:F2:D0:40:31
X509v3 Authority Key Identifier:
keyid:A4:F2:E2:C7:75:36:52:C7:7D:BB:79:CB:E0:69:B2:BA:B0:3F:60:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPLix3U2Usd9u3nL4GmyurA_YN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5809a5-bbdc-43ea-94c4-9d1a2e0911b9/1/wsdImU5osLDNeTbL75PCA_LQQDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5809a5-bbdc-43ea-94c4-9d1a2e0911b9/1/pPLix3U2Usd9u3nL4GmyurA_YN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.176.0/24
194.126.241.0/24
IPv6:
2001:67c:2e20::/48
Signature Algorithm: sha256WithRSAEncryption
1e:ea:11:f2:84:6a:9d:cc:f4:cb:32:ab:7c:23:4c:3d:ee:0c:
31:c1:f9:c1:22:e0:a6:e6:6f:ea:5b:bf:04:13:92:bb:e9:c1:
48:ab:ab:55:30:5d:18:8c:1d:92:17:12:1b:2b:7e:82:b7:c0:
db:23:37:43:5a:e6:90:06:25:72:6e:57:5c:8c:31:a6:65:ed:
d9:1a:9a:5a:06:87:f6:41:31:7f:95:fe:c8:57:e9:5a:61:1f:
e2:ce:04:74:c3:f0:85:20:30:c1:66:7e:c0:8e:b7:cf:66:cd:
0f:2b:d3:fa:23:68:d9:ee:bd:93:8a:60:1b:8d:61:2a:84:ac:
1d:fe:51:b3:93:fe:22:45:d3:79:a8:20:d4:a0:e7:d0:d3:e1:
f9:91:9c:d3:89:47:30:dc:c6:52:8b:d4:f6:5c:62:ee:e2:5b:
4f:15:5f:7d:c4:b4:1b:79:38:18:c1:b9:c7:6e:e8:16:1a:93:
9a:b4:3c:04:3e:c4:b7:a7:80:45:a5:8c:b5:08:7a:4e:0f:a2:
8c:76:f3:20:22:70:54:13:b6:c0:28:14:a2:62:02:59:a6:08:
31:7e:3f:72:3d:0c:04:a1:2e:b2:11:8f:d7:bc:34:db:eb:59:
8a:c2:c7:44:e4:22:8e:1a:35:9b:64:7e:43:c2:2f:32:c7:bb:
c6:ab:fd:1c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzIAXTi3lFXqBZaO9x4U8H/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZjJlMmM3NzUzNjUyYzc3ZGJiNzljYmUwNjliMmJhYjAz
ZjYwZGQwHhcNMjQwMTAyMDIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmM3NDg5OTRlNjhiMGIwY2Q3OTM2Y2JlZjkzYzIwM2YyZDA0MDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv586gNAJjliByI6NPQSncBGCvCI
DnkxE/WWdTadEjrThayBzfRTjZi9yYRId/qFSX7RK0bNi08e1TGYP/rYrxL2JFjZ
PJf2b8Bmg17t6+iLBK/d36XOZ7B4JgfQRSvwM86GU3EJXxCwaSl1wjH0nQz6+pxE
y+ArDDpdnOMaLJ9nBhSBUY5a0Rb5ZkBBTOT/5PFg3hAIpn1opoc+bcpi6CONmb/m
9IkpafiGKpYeUHU7sMxzRIYTruO1mAXUqB36+BXGwg9br02opIdpAbVHqQrYjz0z
gTIDrA6CkS+qkOBqKqV/GjY7YhNbp+RZB2JcWaLcs7hFyX7mlli21rp5fwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMLHSJlOaLCwzXk2y++TwgPy0EAxMB8GA1UdIwQY
MBaAFKTy4sd1NlLHfbt5y+BpsrqwP2DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBMaXgzVTJVc2Q5dTNuTDRHbXl1ckFfWU4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81ODA5YTUtYmJkYy00M2VhLTk0YzQt
OWQxYTJlMDkxMWI5LzEvd3NkSW1VNW9zTEROZVRiTDc1UENBX0xRUURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81ODA5YTUtYmJkYy00M2VhLTk0YzQtOWQxYTJlMDkxMWI5
LzEvcFBMaXgzVTJVc2Q5dTNuTDRHbXl1ckFfWU4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW9SwAwQA
wn7xMA8EAgACMAkDBwAgAQZ8LiAwDQYJKoZIhvcNAQELBQADggEBAB7qEfKEap3M
9Msyq3wjTD3uDDHB+cEi4Kbmb+pbvwQTkrvpwUirq1UwXRiMHZIXEhsrfoK3wNsj
N0Na5pAGJXJuV1yMMaZl7dkamloGh/ZBMX+V/shX6VphH+LOBHTD8IUgMMFmfsCO
t89mzQ8r0/ojaNnuvZOKYBuNYSqErB3+UbOT/iJF03moINSg59DT4fmRnNOJRzDc
xlKL1PZcYu7iW08VX33EtBt5OBjBucdu6BYak5q0PAQ+xLengEWljLUIek4Poox2
8yAicFQTtsAoFKJiAlmmCDF+P3I9DAShLrIRj9e8NNvrWYrCx0TkIo4aNZtkfkPC
LzLHu8ar/Rw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:38 2025 by rpki-client