Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WB250JOn7q9JPtXiF0qWLouh3qM.roa
File: WB250JOn7q9JPtXiF0qWLouh3qM.roa (raw, json)
Hash identifier: XXjFi8mPUOBtuFR+In0I2hjxAlesu0+TUL9xXNs/788=
Subject key identifier: 58:1D:B9:D0:93:A7:EE:AF:49:3E:D5:E2:17:4A:96:2E:8B:A1:DE:A3
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193A2F40A047492CCE141E69C9F2C357285
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WB250JOn7q9JPtXiF0qWLouh3qM.roa
Signing time: Sat 07 Dec 2024 21:08:42 +0000
ROA not before: Sat 07 Dec 2024 21:08:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a09:17c0:1000::/48 maxlen: 48
2a0a:2d02::/32 maxlen: 48
2a0f:1586::/32 maxlen: 32
2a0f:3d80:123::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 10 Dec 2024 09:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a2:f4:0a:04:74:92:cc:e1:41:e6:9c:9f:2c:35:72:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 7 21:08:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=581db9d093a7eeaf493ed5e2174a962e8ba1dea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b7:50:02:52:5b:e9:7a:d5:4e:ce:21:6f:19:
f0:19:d7:19:9a:6a:ce:28:33:e8:6b:5f:f5:09:41:
c0:e6:0f:ad:3c:91:3d:4d:ec:93:2a:35:28:e3:dc:
99:30:a9:73:46:a4:12:81:9a:9b:1f:7a:13:c1:bd:
3a:fe:03:d3:54:cd:dc:4f:d5:73:73:b1:35:7b:34:
87:05:39:01:ce:0b:d0:04:01:ab:8d:04:21:b7:74:
85:29:7e:92:83:18:9d:53:b5:aa:21:53:4c:95:c0:
00:5b:05:39:61:52:95:38:79:a3:f8:a5:1e:9c:a1:
cb:8d:12:1b:b8:8b:68:71:70:9a:8c:96:e3:dc:57:
d2:3d:d1:cd:16:3b:c2:12:ed:15:3f:c0:d5:38:fe:
9a:ae:07:47:63:fb:5a:6c:fc:ae:92:6e:22:0d:c3:
cc:86:1d:f4:7b:dd:41:9a:ca:35:7f:0e:8c:c3:37:
78:5d:ed:0e:77:ce:6f:a4:fc:18:8e:f0:bd:6b:e2:
a7:ad:55:22:44:5b:c6:eb:54:c6:f4:ea:40:2a:d9:
5e:79:a1:5c:9d:e5:3d:fd:d4:c7:9e:92:4b:87:c5:
2b:3d:4b:96:63:b0:0f:4b:70:61:8b:2b:1a:b2:52:
74:06:1a:95:9b:95:e1:00:c2:db:f8:c5:9a:0f:1c:
e8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:1D:B9:D0:93:A7:EE:AF:49:3E:D5:E2:17:4A:96:2E:8B:A1:DE:A3
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WB250JOn7q9JPtXiF0qWLouh3qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:17c0:1000::/48
2a0a:2d02::/32
2a0f:1586::/32
2a0f:3d80:123::/48
Signature Algorithm: sha256WithRSAEncryption
02:b2:7f:52:a8:20:ad:ed:e1:b2:04:11:9c:b6:a3:0d:5e:ce:
b4:8a:dd:23:be:97:bb:0b:0d:f2:99:41:68:d0:d2:38:b8:96:
75:0b:b2:55:e2:ef:73:4b:ed:ad:ca:e8:f0:b1:c2:dd:9c:83:
c6:63:2f:6f:1c:3f:13:24:9c:23:ac:07:c1:a4:34:44:c1:4e:
84:1c:5e:ed:be:20:c5:ba:b0:74:06:42:24:e9:3b:da:ec:f2:
71:d3:b7:9d:c3:fe:88:c9:54:d9:6a:a8:1c:82:c0:f0:03:ed:
9e:c7:0e:8b:cc:f6:2c:e4:bf:03:b0:ed:5c:30:e4:8b:63:18:
cf:4b:4c:2e:06:8b:28:7a:b1:bf:ce:04:86:bf:48:b6:af:38:
91:15:63:d0:f1:7c:ac:17:1d:92:6f:1c:78:87:36:94:ba:e2:
82:0e:db:7c:f7:74:d6:f3:cf:27:45:af:07:2a:d0:dc:ec:96:
ca:9d:2e:c6:b6:27:bc:8b:45:94:ff:f5:76:bc:3e:1b:91:48:
28:99:d4:97:28:2b:35:79:65:18:2d:64:e1:7c:97:5e:63:55:
5b:53:5f:18:81:e7:b9:aa:4f:b8:ef:7f:e3:bb:14:38:f6:1e:
06:f4:2d:83:6c:fa:46:e9:2f:88:9e:3b:ee:25:ec:c5:4b:32:
8d:c6:25:d0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZOi9AoEdJLM4UHmnJ8sNXKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMjA3MjEwODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODFkYjlkMDkzYTdlZWFmNDkzZWQ1ZTIxNzRhOTYyZThiYTFkZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bdQAlJb6XrVTs4hbxnwGdcZmmrO
KDPoa1/1CUHA5g+tPJE9TeyTKjUo49yZMKlzRqQSgZqbH3oTwb06/gPTVM3cT9Vz
c7E1ezSHBTkBzgvQBAGrjQQht3SFKX6SgxidU7WqIVNMlcAAWwU5YVKVOHmj+KUe
nKHLjRIbuItocXCajJbj3FfSPdHNFjvCEu0VP8DVOP6argdHY/tabPyukm4iDcPM
hh30e91Bmso1fw6Mwzd4Xe0Od85vpPwYjvC9a+KnrVUiRFvG61TG9OpAKtleeaFc
neU9/dTHnpJLh8UrPUuWY7APS3BhiysaslJ0BhqVm5XhAMLb+MWaDxzoGwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFgdudCTp+6vST7V4hdKli6Lod6jMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvV0IyNTBKT243cTlKUHRYaUYwcVdMb3VoM3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwcAKgkXwBAA
AwUAKgotAgMFACoPFYYDBwAqDz2AASMwDQYJKoZIhvcNAQELBQADggEBAAKyf1Ko
IK3t4bIEEZy2ow1ezrSK3SO+l7sLDfKZQWjQ0ji4lnULslXi73NL7a3K6PCxwt2c
g8ZjL28cPxMknCOsB8GkNETBToQcXu2+IMW6sHQGQiTpO9rs8nHTt53D/ojJVNlq
qByCwPAD7Z7HDovM9izkvwOw7Vww5ItjGM9LTC4Giyh6sb/OBIa/SLavOJEVY9Dx
fKwXHZJvHHiHNpS64oIO23z3dNbzzydFrwcq0NzslsqdLsa2J7yLRZT/9Xa8PhuR
SCiZ1JcoKzV5ZRgtZOF8l15jVVtTXxiB57mqT7jvf+O7FDj2Hgb0LYNs+kbpL4ie
O+4l7MVLMo3GJdA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:06:45 2025 by rpki-client