Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/WnrDoywytSaPAQBWNaGR3G4IOo0.roa
File: WnrDoywytSaPAQBWNaGR3G4IOo0.roa (raw, json)
Hash identifier: edK+15G8Q2TQbY0o9RRcOTSVBnp/+O2AO257L93gDNI=
Subject key identifier: 5A:7A:C3:A3:2C:32:B5:26:8F:01:00:56:35:A1:91:DC:6E:08:3A:8D
Certificate issuer: /CN=8ad47baa9aa6e0a20ad995a79c2a8de604f9aa37
Certificate serial: 018CC9BBC1366CED2F3F7CFDB60EBF4108B5
Authority key identifier: 8A:D4:7B:AA:9A:A6:E0:A2:0A:D9:95:A7:9C:2A:8D:E6:04:F9:AA:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itR7qpqm4KIK2ZWnnCqN5gT5qjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/WnrDoywytSaPAQBWNaGR3G4IOo0.roa
Signing time: Tue 02 Jan 2024 10:32:54 +0000
ROA not before: Tue 02 Jan 2024 10:32:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199143
IP address blocks: 5.158.217.0/24 maxlen: 24
5.158.216.0/24 maxlen: 24
5.158.219.0/24 maxlen: 24
5.158.218.0/24 maxlen: 24
5.158.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:c1:36:6c:ed:2f:3f:7c:fd:b6:0e:bf:41:08:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad47baa9aa6e0a20ad995a79c2a8de604f9aa37
Validity
Not Before: Jan 2 10:32:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a7ac3a32c32b5268f01005635a191dc6e083a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ee:00:41:d3:5a:b4:81:6a:2d:27:2c:3f:a5:
b1:57:37:3f:57:30:63:46:26:18:e7:d4:4f:2d:34:
20:25:cb:30:ca:cb:bc:88:52:88:56:45:3c:c5:3b:
c6:16:19:4f:dd:d4:34:bc:dd:78:4c:82:19:de:f7:
1b:4d:a9:5f:71:1a:a1:ac:05:70:62:e9:d5:90:b0:
52:30:aa:2d:1b:c6:5b:72:18:2d:cc:28:62:0e:03:
ed:00:d2:80:88:10:5b:5c:b9:c4:0f:da:8f:d7:57:
90:b1:44:60:b0:ab:3a:9a:f7:bd:c5:2d:6a:56:a5:
c5:cb:b5:04:ed:c2:12:9c:e3:fa:83:db:f1:c6:a9:
f2:0b:7d:ce:93:80:8e:fc:e1:23:be:ea:cf:93:13:
82:19:30:17:ec:d8:80:ac:17:15:81:8c:df:95:7b:
9f:7d:56:1a:64:1d:27:26:ab:f3:77:41:fd:c0:66:
60:0c:25:27:1e:fc:1e:73:7c:6f:40:1d:44:ca:cc:
81:be:a8:5e:fd:dc:ce:11:ca:14:0b:30:78:70:0a:
c3:f4:e8:51:a9:e8:08:f8:42:c7:bc:03:3d:65:ed:
ad:5f:72:bc:d2:93:cb:41:ca:b6:5f:0f:63:40:9c:
3f:19:fc:af:93:31:54:dd:2f:24:8c:fb:b9:99:a1:
0a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:7A:C3:A3:2C:32:B5:26:8F:01:00:56:35:A1:91:DC:6E:08:3A:8D
X509v3 Authority Key Identifier:
keyid:8A:D4:7B:AA:9A:A6:E0:A2:0A:D9:95:A7:9C:2A:8D:E6:04:F9:AA:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itR7qpqm4KIK2ZWnnCqN5gT5qjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/WnrDoywytSaPAQBWNaGR3G4IOo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/itR7qpqm4KIK2ZWnnCqN5gT5qjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.216.0-5.158.220.255
Signature Algorithm: sha256WithRSAEncryption
37:bb:83:a1:b0:a9:01:83:56:6b:c9:ce:76:fa:f3:79:06:7f:
cc:dd:6c:85:78:d7:6c:d0:79:31:bb:a2:30:69:5c:64:89:bc:
d6:27:7f:2d:43:71:da:1f:9a:75:f2:5b:81:f6:bc:73:e8:2a:
b5:bd:98:c8:5b:99:82:d8:db:e5:f0:e3:1f:e7:03:2a:ac:b5:
81:c9:ff:18:9f:7a:e8:61:38:9f:5c:44:25:2d:50:59:1e:5c:
ff:aa:43:bf:f9:71:f1:56:a1:ae:aa:b1:15:60:e2:37:59:7b:
5c:45:fa:1b:b3:a5:12:d1:36:b5:f0:55:bb:46:a5:d3:0a:d8:
6e:19:a5:ae:8f:19:12:fa:f5:f5:46:e5:8e:a4:33:55:de:71:
25:b6:0c:46:4f:d8:9b:e7:3f:64:2f:4e:41:22:be:e4:18:07:
a2:9c:82:9c:52:ca:50:96:af:b8:6e:9b:76:c1:5a:03:f1:ca:
ee:0c:2f:d5:71:ac:97:cd:f7:13:77:74:94:69:25:34:bb:43:
10:8c:45:8e:e0:4a:e7:27:8c:51:0b:c9:33:3f:e2:e4:f6:69:
77:7d:e2:b5:af:d9:06:5e:f4:1f:54:b2:17:95:9c:3f:b8:34:
f2:ce:35:f6:50:8a:39:ac:de:5f:c8:8b:f1:22:ab:e2:7d:b7:
5f:ec:ff:58
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJu8E2bO0vP3z9tg6/QQi1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDQ3YmFhOWFhNmUwYTIwYWQ5OTVhNzljMmE4ZGU2MDRm
OWFhMzcwHhcNMjQwMTAyMTAzMjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTdhYzNhMzJjMzJiNTI2OGYwMTAwNTYzNWExOTFkYzZlMDgzYThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhu4AQdNatIFqLScsP6WxVzc/VzBj
RiYY59RPLTQgJcswysu8iFKIVkU8xTvGFhlP3dQ0vN14TIIZ3vcbTalfcRqhrAVw
YunVkLBSMKotG8ZbchgtzChiDgPtANKAiBBbXLnED9qP11eQsURgsKs6mve9xS1q
VqXFy7UE7cISnOP6g9vxxqnyC33Ok4CO/OEjvurPkxOCGTAX7NiArBcVgYzflXuf
fVYaZB0nJqvzd0H9wGZgDCUnHvwec3xvQB1EysyBvqhe/dzOEcoUCzB4cArD9OhR
qegI+ELHvAM9Ze2tX3K80pPLQcq2Xw9jQJw/GfyvkzFU3S8kjPu5maEKxQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFp6w6MsMrUmjwEAVjWhkdxuCDqNMB8GA1UdIwQY
MBaAFIrUe6qapuCiCtmVp5wqjeYE+ao3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRSN3FwcW00S0lLMlpXbm5DcU41Z1Q1cWpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MzU1YjktNzNkNC00YzRjLTk2MDEt
ZjAxYTJmNThlZjg4LzEvV25yRG95d3l0U2FQQVFCV05hR1IzRzRJT28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85MzU1YjktNzNkNC00YzRjLTk2MDEtZjAxYTJmNThlZjg4
LzEvaXRSN3FwcW00S0lLMlpXbm5DcU41Z1Q1cWpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMFntgD
BAAFntwwDQYJKoZIhvcNAQELBQADggEBADe7g6GwqQGDVmvJznb683kGf8zdbIV4
12zQeTG7ojBpXGSJvNYnfy1DcdofmnXyW4H2vHPoKrW9mMhbmYLY2+Xw4x/nAyqs
tYHJ/xifeuhhOJ9cRCUtUFkeXP+qQ7/5cfFWoa6qsRVg4jdZe1xF+huzpRLRNrXw
VbtGpdMK2G4Zpa6PGRL69fVG5Y6kM1XecSW2DEZP2JvnP2QvTkEivuQYB6KcgpxS
ylCWr7hum3bBWgPxyu4ML9VxrJfN9xN3dJRpJTS7QxCMRY7gSucnjFELyTM/4uT2
aXd94rWv2QZe9B9UsheVnD+4NPLONfZQijms3l/Ii/Eiq+J9t1/s/1g=
-----END CERTIFICATE-----
Generated at Wed Apr 16 14:56:36 2025 by rpki-client