Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/WCd1Ev1e9Nofz4kLVtDG3PtwYDM.roa
File: WCd1Ev1e9Nofz4kLVtDG3PtwYDM.roa (raw, json)
Hash identifier: DWZ4bxuNeMTbx5mspJAFy1NOqcx0YA3RpGq3Hv69Qd4=
Subject key identifier: 58:27:75:12:FD:5E:F4:DA:1F:CF:89:0B:56:D0:C6:DC:FB:70:60:33
Certificate issuer: /CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e
Certificate serial: 018CC4251A2883D9DD9A24A75CC8F795EC6C
Authority key identifier: B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/WCd1Ev1e9Nofz4kLVtDG3PtwYDM.roa
Signing time: Mon 01 Jan 2024 08:30:14 +0000
ROA not before: Mon 01 Jan 2024 08:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 91.228.74.0/24 maxlen: 24
91.228.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:1a:28:83:d9:dd:9a:24:a7:5c:c8:f7:95:ec:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e
Validity
Not Before: Jan 1 08:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58277512fd5ef4da1fcf890b56d0c6dcfb706033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:74:13:be:3b:2c:01:db:28:59:0c:b1:e8:0f:
2b:21:25:03:0b:26:a6:90:eb:83:0b:54:83:64:d8:
6f:a6:ae:7e:64:cc:c6:5e:22:ec:c0:99:16:9a:df:
15:40:ad:33:8f:0b:4b:c8:38:ea:e2:32:1e:e1:48:
22:e4:d0:c2:bd:14:5c:a2:21:b1:46:1a:7e:1a:89:
0c:f5:80:c2:96:48:7f:2d:11:0f:dc:20:e5:a0:62:
86:f0:96:fb:e2:0f:1b:99:13:ae:cc:23:b6:8b:18:
d3:b2:cd:f3:21:96:6c:23:8b:e4:3e:75:55:5f:46:
11:5b:eb:b0:79:2a:ea:ca:5f:d6:5d:96:9c:f5:64:
ef:34:68:26:fd:35:61:ab:d7:dd:62:df:d8:69:c0:
42:a2:5f:2c:65:d3:d5:0f:73:31:d5:f9:00:33:90:
a8:55:83:f7:b3:c4:dd:77:c8:83:2a:9d:40:5c:b6:
f7:87:00:23:1a:7f:a1:86:26:60:44:95:34:b3:ab:
60:cf:e2:9e:ba:ab:2b:a6:bb:6e:9d:03:eb:65:7b:
e1:de:cf:c4:07:4f:e6:fc:3f:16:9b:1d:39:c1:e3:
bf:9c:ff:c5:f0:dd:21:7e:9f:de:fb:c7:58:98:13:
13:b8:e4:c1:e4:9d:4f:c3:ce:ba:9d:a6:3a:bb:39:
a2:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:27:75:12:FD:5E:F4:DA:1F:CF:89:0B:56:D0:C6:DC:FB:70:60:33
X509v3 Authority Key Identifier:
keyid:B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/WCd1Ev1e9Nofz4kLVtDG3PtwYDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/sbyFDRfKbTx7TQDlAeLTVvCKWF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.72.0/24
91.228.74.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:f5:67:bd:65:fa:f4:1f:46:43:03:94:9d:f7:9c:24:ec:93:
ad:49:ca:e6:d3:a4:33:ba:b3:eb:10:04:f3:a1:b6:6f:2c:47:
0f:db:77:3f:81:29:de:62:54:55:0b:c4:bf:83:6d:f9:32:12:
9c:2d:69:07:b7:fd:90:0d:ca:db:a3:74:78:e0:08:d6:d5:62:
9a:78:d4:81:c6:75:c0:0a:bd:5a:ee:b5:5f:98:f9:90:f6:d1:
03:c8:66:5a:20:ca:f4:83:4a:d0:10:0c:cd:bf:9f:8b:18:73:
de:2d:f8:88:d1:f9:29:7f:69:1d:e8:ad:be:94:25:7e:0e:09:
d2:50:69:90:5d:bf:f2:d0:a7:42:46:00:4e:af:00:cf:41:16:
f0:f2:43:9e:63:81:6f:5b:b3:be:a2:27:59:a1:0b:30:af:7e:
43:53:18:02:24:12:a0:8f:52:c8:eb:fe:40:da:56:a3:a0:68:
f1:9d:d4:ec:10:a0:22:53:cb:5a:fb:d8:a9:2d:29:0d:6c:ec:
60:ad:e9:13:d3:12:8e:0e:a4:77:23:b6:be:48:1f:b7:c0:32:
45:f6:28:34:99:29:25:fe:53:69:ba:49:c1:4f:65:96:8e:5c:
25:26:08:cc:1b:d8:76:41:89:d2:12:33:fd:81:da:f4:c3:55:
d5:89:cc:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJRoog9ndmiSnXMj3lexsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYmM4NTBkMTdjYTZkM2M3YjRkMDBlNTAxZTJkMzU2ZjA4
YTU4NWUwHhcNMjQwMTAxMDgzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODI3NzUxMmZkNWVmNGRhMWZjZjg5MGI1NmQwYzZkY2ZiNzA2MDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXQTvjssAdsoWQyx6A8rISUDCyam
kOuDC1SDZNhvpq5+ZMzGXiLswJkWmt8VQK0zjwtLyDjq4jIe4Ugi5NDCvRRcoiGx
Rhp+GokM9YDClkh/LREP3CDloGKG8Jb74g8bmROuzCO2ixjTss3zIZZsI4vkPnVV
X0YRW+uweSrqyl/WXZac9WTvNGgm/TVhq9fdYt/YacBCol8sZdPVD3Mx1fkAM5Co
VYP3s8Tdd8iDKp1AXLb3hwAjGn+hhiZgRJU0s6tgz+KeuqsrprtunQPrZXvh3s/E
B0/m/D8Wmx05weO/nP/F8N0hfp/e+8dYmBMTuOTB5J1Pw866naY6uzmiLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFgndRL9XvTaH8+JC1bQxtz7cGAzMB8GA1UdIwQY
MBaAFLG8hQ0Xym08e00A5QHi01bwilheMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2J5RkRSZktiVHg3VFFEbEFlTFRWdkNLV0Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC84YWEwMmQtOTRjOC00Njc4LTkyYWMt
MTdmYjRmZmI5ZmFkLzEvV0NkMUV2MWU5Tm9mejRrTFZ0REczUHR3WURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC84YWEwMmQtOTRjOC00Njc4LTkyYWMtMTdmYjRmZmI5ZmFk
LzEvc2J5RkRSZktiVHg3VFFEbEFlTFRWdkNLV0Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+RIAwQA
W+RKMA0GCSqGSIb3DQEBCwUAA4IBAQBr9We9Zfr0H0ZDA5Sd95wk7JOtScrm06Qz
urPrEATzobZvLEcP23c/gSneYlRVC8S/g235MhKcLWkHt/2QDcrbo3R44AjW1WKa
eNSBxnXACr1a7rVfmPmQ9tEDyGZaIMr0g0rQEAzNv5+LGHPeLfiI0fkpf2kd6K2+
lCV+DgnSUGmQXb/y0KdCRgBOrwDPQRbw8kOeY4FvW7O+oidZoQswr35DUxgCJBKg
j1LI6/5A2lajoGjxndTsEKAiU8ta+9ipLSkNbOxgrekT0xKODqR3I7a+SB+3wDJF
9ig0mSkl/lNpuknBT2WWjlwlJgjMG9h2QYnSEjP9gdr0w1XVicy8
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:02:15 2025 by rpki-client