Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WbqP1dkQqysxnPQFvyA2ebLeO6c.roa
File: WbqP1dkQqysxnPQFvyA2ebLeO6c.roa (raw, json)
Hash identifier: ocsCl0AIZI4wS/31k0ltkfd4wsTek5KGtxrqyUoRy1k=
Subject key identifier: 59:BA:8F:D5:D9:10:AB:2B:31:9C:F4:05:BF:20:36:79:B2:DE:3B:A7
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CC9BC1EA07B6AC3482F7929E31B9DACA0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WbqP1dkQqysxnPQFvyA2ebLeO6c.roa
Signing time: Tue 02 Jan 2024 10:33:18 +0000
ROA not before: Tue 02 Jan 2024 10:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
2a06:b5c0::/29 maxlen: 29
2a0f:e840::/32 maxlen: 32
2a13:fd00::/29 maxlen: 29
2a07:95c0::/29 maxlen: 29
2a0f:2f80::/29 maxlen: 29
2a13:18c4::/32 maxlen: 32
2a06:bf40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 04 Jan 2024 07:44:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:1e:a0:7b:6a:c3:48:2f:79:29:e3:1b:9d:ac:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 10:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59ba8fd5d910ab2b319cf405bf203679b2de3ba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b5:29:ec:52:93:5e:18:47:e1:4e:78:46:b4:
f4:e9:fc:39:b8:e6:fc:ec:ea:b0:7a:87:55:7f:7f:
67:1f:5a:f8:94:38:d4:26:03:80:43:c3:87:16:5d:
47:ac:bd:81:7b:d7:de:8e:57:76:f7:17:41:08:80:
52:58:76:9c:8a:8a:a2:ca:09:0f:68:b5:78:d2:c8:
ae:d4:2e:5f:85:db:df:0a:82:12:65:2b:13:c3:b2:
77:8c:52:02:60:b5:48:ce:1a:7e:fe:1a:b1:cb:00:
93:de:91:59:0e:cf:79:d0:a8:e8:c2:ae:d7:67:d1:
ff:25:3d:82:ac:05:f0:90:d8:cb:80:32:cd:7d:fe:
d4:ad:ef:09:5b:88:55:af:43:e4:70:d4:28:42:73:
ac:f5:ed:a0:4a:ee:f2:fc:8e:fc:0f:e4:59:0f:82:
a9:86:0c:34:80:9c:45:25:24:ab:dd:e0:83:76:0b:
42:6d:e8:f3:c2:c5:1d:68:8c:45:a4:5d:64:9c:5c:
81:68:32:3c:13:47:49:d0:2c:fd:19:ae:4f:89:2f:
ac:6f:6f:6f:05:6e:86:15:a7:50:41:ff:38:20:f0:
30:0f:a7:67:c9:a0:f4:11:1c:24:06:7c:1d:23:be:
1d:eb:14:ea:f8:1c:20:09:c5:a7:cd:79:9a:e1:06:
d7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:BA:8F:D5:D9:10:AB:2B:31:9C:F4:05:BF:20:36:79:B2:DE:3B:A7
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WbqP1dkQqysxnPQFvyA2ebLeO6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
45.129.127.0/24
93.190.246.0/23
IPv6:
2a06:b5c0::/29
2a06:bf40::/29
2a07:95c0::/29
2a0f:2f80::/29
2a0f:e840::/32
2a13:18c4::/32
2a13:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
73:07:79:81:42:0d:99:cf:08:0e:b0:8c:66:31:ab:3e:39:1b:
ce:3e:5c:5b:f8:fc:a8:d3:d3:b1:5f:27:ff:f7:fc:e1:8e:b8:
ab:63:5a:a5:6c:59:4e:02:93:17:73:d6:d1:ac:8a:e4:9b:ad:
54:c3:35:cf:10:45:22:77:c9:f5:3b:4d:c2:f5:6d:c4:a2:96:
8c:6c:2d:b1:77:0d:52:d1:5a:86:dd:cc:bc:ac:35:a4:9e:da:
fb:c9:2d:cb:fa:78:e6:6f:3a:1c:d0:17:ad:bf:c4:6a:b7:41:
25:3d:68:2d:82:b1:73:aa:26:b6:66:0d:0f:bd:c2:2b:12:19:
d5:4d:e7:18:2d:38:84:77:b5:2b:b2:5b:20:e3:3e:43:7a:06:
d3:5d:f2:8b:6a:6a:3a:b2:b9:ce:50:c9:10:de:02:c8:90:a2:
a5:6e:1f:d1:33:71:59:89:b8:57:43:17:4a:cb:08:ec:88:f2:
66:da:e7:ef:d4:3d:c4:5a:ab:a3:f2:06:a4:ce:4b:1e:44:90:
da:51:a7:c3:b8:78:98:40:85:b9:32:b4:69:4f:0e:6e:48:06:
d8:96:a5:9e:e8:bf:08:92:59:41:6a:de:d8:58:2a:0b:b0:ef:
63:99:a7:e5:60:b6:d5:78:8f:c6:14:c5:0e:40:b5:40:f1:7a:
ad:03:83:20
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYzJvB6ge2rDSC95KeMbnaygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTAyMTAzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWJhOGZkNWQ5MTBhYjJiMzE5Y2Y0MDViZjIwMzY3OWIyZGUzYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLUp7FKTXhhH4U54RrT06fw5uOb8
7OqweodVf39nH1r4lDjUJgOAQ8OHFl1HrL2Be9fejld29xdBCIBSWHacioqiygkP
aLV40siu1C5fhdvfCoISZSsTw7J3jFICYLVIzhp+/hqxywCT3pFZDs950Kjowq7X
Z9H/JT2CrAXwkNjLgDLNff7Ure8JW4hVr0PkcNQoQnOs9e2gSu7y/I78D+RZD4Kp
hgw0gJxFJSSr3eCDdgtCbejzwsUdaIxFpF1knFyBaDI8E0dJ0Cz9Ga5PiS+sb29v
BW6GFadQQf84IPAwD6dnyaD0ERwkBnwdI74d6xTq+BwgCcWnzXma4QbXowIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFFm6j9XZEKsrMZz0Bb8gNnmy3junMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvV2JxUDFka1FxeXN4blBRRnZ5QTJlYkxlTzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAYBAIAATASAwQALYAaAwQA
LYF/AwQBXb72MDcEAgACMDEDBQMqBrXAAwUDKga/QAMFAyoHlcADBQMqDy+AAwUA
Kg/oQAMFACoTGMQDBQMqE/0AMA0GCSqGSIb3DQEBCwUAA4IBAQBzB3mBQg2ZzwgO
sIxmMas+ORvOPlxb+Pyo09OxXyf/9/zhjrirY1qlbFlOApMXc9bRrIrkm61UwzXP
EEUid8n1O03C9W3EopaMbC2xdw1S0VqG3cy8rDWkntr7yS3L+njmbzoc0Betv8Rq
t0ElPWgtgrFzqia2Zg0PvcIrEhnVTecYLTiEd7Urslsg4z5DegbTXfKLamo6srnO
UMkQ3gLIkKKlbh/RM3FZibhXQxdKywjsiPJm2ufv1D3EWquj8gakzkseRJDaUafD
uHiYQIW5MrRpTw5uSAbYlqWe6L8IkllBat7YWCoLsO9jmaflYLbVeI/GFMUOQLVA
8XqtA4Mg
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:14:46 2025 by rpki-client