Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6256b6-36a1-4f2f-a0b9-411f5837fefa/1/wIMaul9hBG7ig-nqFFlk3jjHLGw.roa
File: wIMaul9hBG7ig-nqFFlk3jjHLGw.roa (raw, json)
Hash identifier: B2MZbuA78Bm24pJMwb+ebY71joVAztTJJsUNqM/HyGc=
Subject key identifier: C0:83:1A:BA:5F:61:04:6E:E2:83:E9:EA:14:59:64:DE:38:C7:2C:6C
Certificate issuer: /CN=a8e75802e7efb8653e3af59cbf1bc06538bca671
Certificate serial: 018CCA2BE7E98E575AE6FF4B00C70B0B4855
Authority key identifier: A8:E7:58:02:E7:EF:B8:65:3E:3A:F5:9C:BF:1B:C0:65:38:BC:A6:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qOdYAufvuGU-OvWcvxvAZTi8pnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6256b6-36a1-4f2f-a0b9-411f5837fefa/1/wIMaul9hBG7ig-nqFFlk3jjHLGw.roa
Signing time: Tue 02 Jan 2024 12:35:24 +0000
ROA not before: Tue 02 Jan 2024 12:35:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212866
IP address blocks: 185.111.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:e7:e9:8e:57:5a:e6:ff:4b:00:c7:0b:0b:48:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8e75802e7efb8653e3af59cbf1bc06538bca671
Validity
Not Before: Jan 2 12:35:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0831aba5f61046ee283e9ea145964de38c72c6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0a:82:56:e6:a2:cc:7f:e5:da:4a:86:42:88:
30:43:9f:ce:de:e7:04:ab:4c:66:78:3e:6e:c4:2c:
af:b6:48:f6:13:2c:00:60:14:04:df:bb:d6:f2:f2:
9f:b5:d8:0f:cd:9e:e7:f7:9d:8a:b2:7e:47:b8:85:
a9:18:3e:95:25:18:8e:35:e7:a5:09:69:88:97:a6:
5a:ca:7a:97:01:fc:24:38:f7:7b:3a:56:f4:13:b2:
1b:f0:03:3b:cd:23:db:87:a7:0f:a6:48:d8:79:fd:
46:9d:72:9d:00:73:3d:37:6f:00:1f:c3:6c:35:b1:
e4:dc:31:ca:06:40:68:ab:7f:59:21:05:e8:a0:0a:
0d:f7:20:de:dd:2c:71:83:c8:25:4e:37:be:9b:09:
2a:c9:42:48:20:6e:48:aa:2f:0c:45:17:74:4b:14:
66:6e:66:bf:28:55:08:f7:ba:22:64:76:68:ee:d2:
9b:c4:6a:c9:18:4a:49:94:3e:0d:c4:5f:fe:1e:73:
58:cb:5d:92:5f:9d:d7:1e:40:fa:85:e3:f6:e6:3d:
80:28:d7:ef:d1:e3:01:5c:20:5e:00:4f:be:97:f8:
cd:d1:56:b0:d8:e9:04:2f:39:a0:61:c3:0e:19:70:
69:c1:2e:c6:15:09:5f:30:06:c7:ea:d3:00:db:99:
6b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:83:1A:BA:5F:61:04:6E:E2:83:E9:EA:14:59:64:DE:38:C7:2C:6C
X509v3 Authority Key Identifier:
keyid:A8:E7:58:02:E7:EF:B8:65:3E:3A:F5:9C:BF:1B:C0:65:38:BC:A6:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qOdYAufvuGU-OvWcvxvAZTi8pnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6256b6-36a1-4f2f-a0b9-411f5837fefa/1/wIMaul9hBG7ig-nqFFlk3jjHLGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6256b6-36a1-4f2f-a0b9-411f5837fefa/1/qOdYAufvuGU-OvWcvxvAZTi8pnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.252.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:67:cf:0b:06:84:b5:d0:c1:67:71:cd:48:37:be:e5:78:48:
cb:46:ff:a6:54:64:20:ea:f7:98:02:fa:14:93:5d:bd:ee:39:
af:52:cb:14:a8:4b:fb:bf:ca:67:3e:78:34:07:f7:5f:72:90:
bb:e3:09:0e:9b:fd:8e:07:14:60:b3:15:67:ca:3a:76:6e:76:
a4:01:f8:96:c5:70:4c:35:fb:50:5a:3c:75:df:f2:00:09:5b:
62:7d:b0:ee:7e:de:0a:66:22:e6:d0:d8:03:2a:4f:00:6a:24:
81:2b:d2:2b:05:15:53:45:9a:96:bb:ff:d2:8e:c0:73:1a:04:
d1:cc:b1:0d:12:9d:52:67:a4:49:75:c2:79:ff:1c:9e:0e:f5:
67:b1:a1:00:db:79:28:89:94:46:04:38:fc:b1:69:43:a0:91:
b2:d5:68:7a:de:19:e0:b5:a6:25:07:03:e5:80:a1:cd:0c:20:
29:e6:88:a7:ed:9c:53:46:0b:cb:31:9e:9b:4b:fb:fe:de:fc:
29:53:ee:21:38:d6:2d:fe:9e:c0:c8:7d:68:23:85:b0:70:98:
de:17:3c:cb:4c:44:c5:5e:15:c1:c5:98:b7:16:dd:fc:01:d6:
39:85:8c:82:ee:db:83:b7:a5:80:e5:38:eb:9e:67:68:31:a2:
ee:90:99:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK+fpjlda5v9LAMcLC0hVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ZTc1ODAyZTdlZmI4NjUzZTNhZjU5Y2JmMWJjMDY1Mzhi
Y2E2NzEwHhcNMjQwMTAyMTIzNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDgzMWFiYTVmNjEwNDZlZTI4M2U5ZWExNDU5NjRkZTM4YzcyYzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgqCVuaizH/l2kqGQogwQ5/O3ucE
q0xmeD5uxCyvtkj2EywAYBQE37vW8vKftdgPzZ7n952Ksn5HuIWpGD6VJRiONeel
CWmIl6ZaynqXAfwkOPd7Olb0E7Ib8AM7zSPbh6cPpkjYef1GnXKdAHM9N28AH8Ns
NbHk3DHKBkBoq39ZIQXooAoN9yDe3Sxxg8glTje+mwkqyUJIIG5Iqi8MRRd0SxRm
bma/KFUI97oiZHZo7tKbxGrJGEpJlD4NxF/+HnNYy12SX53XHkD6heP25j2AKNfv
0eMBXCBeAE++l/jN0Vaw2OkELzmgYcMOGXBpwS7GFQlfMAbH6tMA25lrxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMCDGrpfYQRu4oPp6hRZZN44xyxsMB8GA1UdIwQY
MBaAFKjnWALn77hlPjr1nL8bwGU4vKZxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU9kWUF1ZnZ1R1UtT3ZXY3Z4dkFaVGk4cG5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82MjU2YjYtMzZhMS00ZjJmLWEwYjkt
NDExZjU4MzdmZWZhLzEvd0lNYXVsOWhCRzdpZy1ucUZGbGszampITEd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82MjU2YjYtMzZhMS00ZjJmLWEwYjktNDExZjU4MzdmZWZh
LzEvcU9kWUF1ZnZ1R1UtT3ZXY3Z4dkFaVGk4cG5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW/8MA0G
CSqGSIb3DQEBCwUAA4IBAQCKZ88LBoS10MFncc1IN77leEjLRv+mVGQg6veYAvoU
k1297jmvUssUqEv7v8pnPng0B/dfcpC74wkOm/2OBxRgsxVnyjp2bnakAfiWxXBM
NftQWjx13/IACVtifbDuft4KZiLm0NgDKk8AaiSBK9IrBRVTRZqWu//SjsBzGgTR
zLENEp1SZ6RJdcJ5/xyeDvVnsaEA23koiZRGBDj8sWlDoJGy1Wh63hngtaYlBwPl
gKHNDCAp5oin7ZxTRgvLMZ6bS/v+3vwpU+4hONYt/p7AyH1oI4WwcJjeFzzLTETF
XhXBxZi3Ft38AdY5hYyC7tuDt6WA5TjrnmdoMaLukJlK
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:04 2025 by rpki-client