Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/WDKJrg-r-YLZBgDdeo9-9FUripQ.roa
File: WDKJrg-r-YLZBgDdeo9-9FUripQ.roa (raw, json)
Hash identifier: aDaS0bswlZA0YEs3tj575Uvt8fjAdHkB26zQ1pZ8Qio=
Subject key identifier: 58:32:89:AE:0F:AB:F9:82:D9:06:00:DD:7A:8F:7E:F4:55:2B:8A:94
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 01907D2D4BD345C4B03888BAB3C2A57DFE71
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/WDKJrg-r-YLZBgDdeo9-9FUripQ.roa
Signing time: Thu 04 Jul 2024 09:57:18 +0000
ROA not before: Thu 04 Jul 2024 09:57:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29612
IP address blocks: 213.99.54.0/23 maxlen: 23
213.99.54.0/24 maxlen: 24
213.99.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7d:2d:4b:d3:45:c4:b0:38:88:ba:b3:c2:a5:7d:fe:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jul 4 09:57:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=583289ae0fabf982d90600dd7a8f7ef4552b8a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f8:fc:07:85:11:41:e1:97:d6:01:10:9c:e1:
9a:e4:8c:2c:a4:9b:ba:86:48:4e:87:2d:68:49:0d:
01:2b:aa:3f:18:e6:03:07:3b:00:af:5f:17:cb:88:
ed:ac:33:30:9a:97:7f:7a:9c:d4:b6:2f:7a:b2:c5:
a6:d9:ab:87:a1:48:8e:7e:42:2d:ba:30:07:22:e7:
c1:bb:7b:a3:25:5c:2a:2f:2c:10:f7:fa:d4:dd:1e:
ab:d9:ac:c2:16:e4:cf:17:71:c8:d8:49:ce:ca:51:
44:ec:df:d0:14:ae:46:75:54:df:c5:99:0b:76:43:
72:08:66:ce:37:5a:79:73:c6:d3:c9:01:45:f0:5a:
75:6b:3b:17:0d:75:ce:4a:8b:f7:82:90:4a:33:50:
fa:a6:2a:4a:85:61:3b:ea:64:52:69:5a:02:02:6a:
de:b7:68:0b:1c:9e:1f:a7:f2:3f:cb:ad:21:f0:a9:
60:4d:60:bd:b9:2c:2b:c0:ec:ee:32:5c:3a:a8:f5:
7c:08:1a:52:23:56:df:fe:6c:39:08:38:a2:35:39:
e2:f3:cf:db:4d:5c:55:c7:93:45:66:0e:00:63:fd:
46:40:e5:85:52:e7:5e:aa:5f:6f:eb:2a:af:5b:f8:
e7:48:46:64:a0:73:e2:a1:8d:a6:60:b2:cc:b5:47:
be:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:32:89:AE:0F:AB:F9:82:D9:06:00:DD:7A:8F:7E:F4:55:2B:8A:94
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/WDKJrg-r-YLZBgDdeo9-9FUripQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.99.54.0/23
Signature Algorithm: sha256WithRSAEncryption
89:c1:e9:57:4d:0f:43:44:d8:89:b0:f9:31:60:fd:17:d6:00:
d9:e9:7c:af:3d:49:d3:78:7c:17:d2:bd:7e:50:5e:f3:62:28:
4a:0a:ed:07:b8:70:3f:60:99:50:26:5b:ec:5d:ee:cf:5d:3f:
77:61:a9:32:1b:42:c2:0c:dc:a4:71:05:b8:90:90:f6:96:97:
75:b8:eb:b9:8b:e7:46:81:a1:3d:55:72:56:a9:0e:d4:89:ca:
b5:87:90:8e:b6:75:e7:41:5a:9e:c7:71:fa:4c:d1:9b:f0:b3:
fd:0b:b5:91:04:6e:ef:1a:9c:92:43:da:a2:d1:22:cd:0c:96:
4a:d1:6a:9c:f5:a6:43:08:98:95:07:41:de:84:3b:ba:5c:92:
01:42:5c:1c:67:4e:79:76:5c:6d:bc:6a:f0:c1:c2:33:cd:d2:
44:6c:71:80:5c:3c:dd:88:84:0a:eb:26:10:04:46:4e:81:4f:
4e:aa:ff:0f:50:30:f4:19:66:90:b5:86:f3:94:62:fb:04:98:
57:cf:17:6c:c3:b6:8c:26:00:6d:c3:1d:f6:65:ba:26:03:c9:
2d:63:ec:88:e8:b1:07:e8:f4:9d:87:90:b9:dd:e2:3e:89:43:
1d:70:4b:ab:d7:d7:0e:64:89:f6:67:9c:3c:a9:95:e6:8f:70:
2d:1b:55:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZB9LUvTRcSwOIi6s8Klff5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjQwNzA0MDk1NzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODMyODlhZTBmYWJmOTgyZDkwNjAwZGQ3YThmN2VmNDU1MmI4YTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/j8B4URQeGX1gEQnOGa5IwspJu6
hkhOhy1oSQ0BK6o/GOYDBzsAr18Xy4jtrDMwmpd/epzUti96ssWm2auHoUiOfkIt
ujAHIufBu3ujJVwqLywQ9/rU3R6r2azCFuTPF3HI2EnOylFE7N/QFK5GdVTfxZkL
dkNyCGbON1p5c8bTyQFF8Fp1azsXDXXOSov3gpBKM1D6pipKhWE76mRSaVoCAmre
t2gLHJ4fp/I/y60h8KlgTWC9uSwrwOzuMlw6qPV8CBpSI1bf/mw5CDiiNTni88/b
TVxVx5NFZg4AY/1GQOWFUudeql9v6yqvW/jnSEZkoHPioY2mYLLMtUe+0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFgyia4Pq/mC2QYA3XqPfvRVK4qUMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvV0RLSnJnLXItWUxaQmdEZGVvOS05RlVyaXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1WM2MA0G
CSqGSIb3DQEBCwUAA4IBAQCJwelXTQ9DRNiJsPkxYP0X1gDZ6XyvPUnTeHwX0r1+
UF7zYihKCu0HuHA/YJlQJlvsXe7PXT93YakyG0LCDNykcQW4kJD2lpd1uOu5i+dG
gaE9VXJWqQ7Uicq1h5COtnXnQVqex3H6TNGb8LP9C7WRBG7vGpySQ9qi0SLNDJZK
0Wqc9aZDCJiVB0HehDu6XJIBQlwcZ055dlxtvGrwwcIzzdJEbHGAXDzdiIQK6yYQ
BEZOgU9Oqv8PUDD0GWaQtYbzlGL7BJhXzxdsw7aMJgBtwx32ZbomA8ktY+yI6LEH
6PSdh5C53eI+iUMdcEur19cOZIn2Z5w8qZXmj3AtG1VA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:21 2025 by rpki-client