Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/WU49IE_7GcOYNYwRw3RP3mN1H3Q.roa
File: WU49IE_7GcOYNYwRw3RP3mN1H3Q.roa (raw, json)
Hash identifier: YHH8Jth9g+JM0DsX4aa0KhMxLXNyRppab/vddrDAjIE=
Subject key identifier: 59:4E:3D:20:4F:FB:19:C3:98:35:8C:11:C3:74:4F:DE:63:75:1F:74
Certificate issuer: /CN=d922d8d45f985dc3896c9176a7d48d7658cb4f68
Certificate serial: 018CC94D7EF805D472B1B68330665EE8EECF
Authority key identifier: D9:22:D8:D4:5F:98:5D:C3:89:6C:91:76:A7:D4:8D:76:58:CB:4F:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2SLY1F-YXcOJbJF2p9SNdljLT2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/WU49IE_7GcOYNYwRw3RP3mN1H3Q.roa
Signing time: Tue 02 Jan 2024 08:32:28 +0000
ROA not before: Tue 02 Jan 2024 08:32:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43790
IP address blocks: 185.154.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:7e:f8:05:d4:72:b1:b6:83:30:66:5e:e8:ee:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d922d8d45f985dc3896c9176a7d48d7658cb4f68
Validity
Not Before: Jan 2 08:32:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=594e3d204ffb19c398358c11c3744fde63751f74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ec:43:03:a9:fe:b7:31:0a:45:b3:60:74:70:
b1:97:69:6f:11:ec:a4:9a:0f:68:f9:ac:0f:08:f7:
a4:21:96:d4:86:26:f0:7c:b0:3d:ed:81:a2:b3:d5:
eb:3d:ec:5c:50:3d:cb:8e:f7:dd:ba:e6:c3:00:c1:
fd:58:91:6c:c4:48:04:6e:19:e6:36:55:03:42:e0:
38:20:59:b1:c9:37:88:fc:76:39:17:c1:6e:3c:eb:
1e:ad:72:fd:89:af:c5:ea:d6:71:e0:93:f0:3f:5f:
c9:b7:3b:57:24:8a:59:7f:2c:37:82:5a:e5:a1:bc:
a9:5a:8d:fd:81:94:39:80:ec:f9:74:67:3d:7b:87:
66:29:a5:c6:80:25:ae:95:ed:43:1d:98:3b:8b:6c:
62:2f:4d:a1:87:fe:68:6c:a3:28:90:52:ee:4d:e1:
f7:d9:52:1e:d0:a2:00:da:e5:88:f6:12:35:2b:6e:
ef:af:cd:4c:fc:12:7a:58:02:22:c8:5b:b0:a8:44:
21:23:10:d3:4e:8f:d5:24:d7:07:01:22:f5:f8:8f:
b2:b1:1f:f6:ec:d8:46:ee:68:74:b8:54:cc:87:6d:
09:54:f2:a2:4e:eb:4c:8d:72:fc:af:ca:1a:22:18:
42:c4:fc:94:1f:a2:e6:61:af:5c:d6:71:00:80:e2:
8b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:4E:3D:20:4F:FB:19:C3:98:35:8C:11:C3:74:4F:DE:63:75:1F:74
X509v3 Authority Key Identifier:
keyid:D9:22:D8:D4:5F:98:5D:C3:89:6C:91:76:A7:D4:8D:76:58:CB:4F:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2SLY1F-YXcOJbJF2p9SNdljLT2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/WU49IE_7GcOYNYwRw3RP3mN1H3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/2SLY1F-YXcOJbJF2p9SNdljLT2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.71.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:89:a3:e3:87:39:57:a1:1e:99:0e:46:98:bb:1b:6b:78:9b:
5d:ce:a3:5f:13:ea:4b:b4:cb:bd:3a:14:94:77:61:db:bb:ca:
80:9d:54:23:5c:f3:fe:61:35:6b:6f:93:cf:5d:1c:c0:b4:36:
ff:4f:f4:63:52:ad:db:9c:08:08:1f:60:71:b1:7e:cb:44:c0:
2b:e0:c1:c9:6a:d1:06:ab:6d:ff:19:d5:2e:8a:e9:eb:e0:d5:
50:7d:b1:77:d0:a5:36:a4:99:97:3f:03:80:35:3a:eb:73:c9:
87:c4:9c:2f:92:60:99:5b:00:27:f3:08:1d:9c:5b:18:ac:20:
36:ca:9a:b2:38:73:b6:c6:b8:16:ea:34:78:d0:53:57:45:77:
54:90:9e:b8:08:33:df:af:11:97:ff:09:9a:08:92:7d:b7:0e:
7d:6d:f4:4a:97:6b:0e:ac:a7:7f:82:b5:8d:b9:d0:01:06:e8:
ca:a1:17:13:6d:4e:48:cb:d8:0b:4a:25:f8:20:e1:06:3e:59:
e8:89:3d:65:ad:08:63:88:b1:b3:7f:13:27:5a:43:75:00:45:
59:ae:db:06:39:85:ae:2d:bf:85:b6:d8:07:f5:aa:72:f2:d6:
be:58:5b:83:20:59:6c:3c:e5:55:e7:8b:ab:21:34:b6:63:ca:
44:f8:14:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTX74BdRysbaDMGZe6O7PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MjJkOGQ0NWY5ODVkYzM4OTZjOTE3NmE3ZDQ4ZDc2NThj
YjRmNjgwHhcNMjQwMTAyMDgzMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTRlM2QyMDRmZmIxOWMzOTgzNThjMTFjMzc0NGZkZTYzNzUxZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+xDA6n+tzEKRbNgdHCxl2lvEeyk
mg9o+awPCPekIZbUhibwfLA97YGis9XrPexcUD3LjvfduubDAMH9WJFsxEgEbhnm
NlUDQuA4IFmxyTeI/HY5F8FuPOserXL9ia/F6tZx4JPwP1/JtztXJIpZfyw3glrl
obypWo39gZQ5gOz5dGc9e4dmKaXGgCWule1DHZg7i2xiL02hh/5obKMokFLuTeH3
2VIe0KIA2uWI9hI1K27vr81M/BJ6WAIiyFuwqEQhIxDTTo/VJNcHASL1+I+ysR/2
7NhG7mh0uFTMh20JVPKiTutMjXL8r8oaIhhCxPyUH6LmYa9c1nEAgOKLdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFlOPSBP+xnDmDWMEcN0T95jdR90MB8GA1UdIwQY
MBaAFNki2NRfmF3DiWyRdqfUjXZYy09oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlNMWTFGLVlYY09KYkpGMnA5U05kbGpMVDJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC85MDAyZTItZGMwNC00YzM5LTkyMzUt
NTRkNWQwNGUzNDZkLzEvV1U0OUlFXzdHY09ZTll3UnczUlAzbU4xSDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC85MDAyZTItZGMwNC00YzM5LTkyMzUtNTRkNWQwNGUzNDZk
LzEvMlNMWTFGLVlYY09KYkpGMnA5U05kbGpMVDJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZpHMA0G
CSqGSIb3DQEBCwUAA4IBAQAOiaPjhzlXoR6ZDkaYuxtreJtdzqNfE+pLtMu9OhSU
d2Hbu8qAnVQjXPP+YTVrb5PPXRzAtDb/T/RjUq3bnAgIH2BxsX7LRMAr4MHJatEG
q23/GdUuiunr4NVQfbF30KU2pJmXPwOANTrrc8mHxJwvkmCZWwAn8wgdnFsYrCA2
ypqyOHO2xrgW6jR40FNXRXdUkJ64CDPfrxGX/wmaCJJ9tw59bfRKl2sOrKd/grWN
udABBujKoRcTbU5Iy9gLSiX4IOEGPlnoiT1lrQhjiLGzfxMnWkN1AEVZrtsGOYWu
Lb+FttgH9apy8ta+WFuDIFlsPOVV54urITS2Y8pE+BRg
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:02:22 2025 by rpki-client