Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/wmSNqteq8utE16gIdUZp7Jf6RWw.roa
File: wmSNqteq8utE16gIdUZp7Jf6RWw.roa (raw, json)
Hash identifier: PI0HIf1HjzKTmRKrV9YZr4WRhBuCHMx+8omATNzBXw8=
Subject key identifier: C2:64:8D:AA:D7:AA:F2:EB:44:D7:A8:08:75:46:69:EC:97:FA:45:6C
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01938DD55B874D5BDF1D2358997211DD0FAB
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/wmSNqteq8utE16gIdUZp7Jf6RWw.roa
Signing time: Tue 03 Dec 2024 18:43:10 +0000
ROA not before: Tue 03 Dec 2024 18:43:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60860
IP address blocks: 89.185.8.0/24 maxlen: 24
89.185.12.0/24 maxlen: 24
93.185.214.0/24 maxlen: 24
109.72.122.0/24 maxlen: 24
185.30.200.0/23 maxlen: 23
185.30.202.0/24 maxlen: 24
185.30.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8d:d5:5b:87:4d:5b:df:1d:23:58:99:72:11:dd:0f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 3 18:43:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2648daad7aaf2eb44d7a808754669ec97fa456c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bd:28:08:b5:9b:ce:55:42:49:c9:94:c5:f2:
f0:b8:cd:6e:e0:82:6d:11:e1:ff:37:df:32:c4:52:
6f:68:89:1e:c1:ea:9c:4a:d8:da:1e:ed:f3:7c:32:
3f:40:06:67:91:52:bb:23:35:c0:f8:8f:97:15:6c:
ae:66:82:59:97:10:59:e0:eb:ae:0d:9d:1a:45:d1:
08:4d:11:37:3f:4c:2b:6f:c8:67:ff:df:a0:e4:27:
74:38:7a:e7:31:9d:bd:e7:e9:2d:d5:fa:38:fd:2c:
6c:0a:a2:c6:ea:00:4b:ab:fd:69:f6:62:8d:08:7c:
49:fd:d0:c2:fd:60:1c:fc:c3:2d:81:ef:f2:c7:34:
f2:c6:57:09:0e:9d:63:0a:dd:77:f4:ab:2a:59:5e:
7e:c9:2d:0f:6b:5a:11:6d:33:78:6b:04:cd:e2:7b:
70:09:fd:1c:43:ed:a8:c0:6a:8a:42:12:53:85:51:
ad:fd:24:41:fc:67:c1:64:1f:5f:82:11:11:9e:fe:
65:ef:6b:eb:2a:20:8c:e1:ae:c7:92:3d:c2:8e:d2:
ea:2d:5d:cd:ce:8e:ed:5b:77:fc:34:b4:24:df:5f:
7e:22:ed:4e:0a:b6:03:38:80:ff:77:dc:0e:a9:63:
02:8a:0d:23:09:c2:63:11:21:07:55:e4:73:fe:d4:
46:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:64:8D:AA:D7:AA:F2:EB:44:D7:A8:08:75:46:69:EC:97:FA:45:6C
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/wmSNqteq8utE16gIdUZp7Jf6RWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.8.0/24
89.185.12.0/24
93.185.214.0/24
109.72.122.0/24
185.30.200.0/22
Signature Algorithm: sha256WithRSAEncryption
00:7e:22:d4:c3:69:f3:22:f4:fa:6e:98:52:c8:fc:d8:a6:6e:
c6:90:71:89:16:8b:5d:7c:8a:5d:60:54:cd:79:44:65:b5:75:
d5:6b:ab:57:6a:4d:61:6f:22:70:5d:f6:f9:e4:fc:10:2b:9c:
bd:6c:cf:8c:7c:91:49:26:8c:e6:f6:55:79:34:a9:41:79:a5:
a5:48:1a:c6:71:5c:ea:ce:ea:d6:8a:cb:fc:7c:91:12:91:f9:
d9:2e:75:ac:58:7e:8f:42:a1:c3:49:d4:d6:32:33:2d:21:1e:
66:0b:4b:1b:2b:46:6a:9d:48:a4:15:22:99:ce:46:b0:2e:87:
d9:2c:3d:4b:b2:77:c2:f4:79:12:53:0d:6d:b8:3a:da:86:06:
a8:fb:bf:0f:e9:a5:62:2b:b9:f4:fe:95:5b:ac:e8:dc:ad:d3:
6d:80:28:de:26:dd:2c:7e:ff:81:e0:88:bb:54:26:3f:c8:9e:
88:b7:be:c5:b7:63:21:25:59:0a:41:35:01:27:7c:67:37:04:
93:c7:34:78:be:c7:f3:ee:82:7f:e2:c0:a7:f8:04:19:8d:36:
47:b4:82:9d:af:65:2f:09:5a:07:e3:88:cc:21:42:dc:89:98:
dd:52:d7:56:3e:05:0a:6d:36:c5:e6:67:e8:11:a1:f2:8b:64:
f0:7a:d8:77
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZON1VuHTVvfHSNYmXIR3Q+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQxMjAzMTg0MzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjY0OGRhYWQ3YWFmMmViNDRkN2E4MDg3NTQ2NjllYzk3ZmE0NTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor0oCLWbzlVCScmUxfLwuM1u4IJt
EeH/N98yxFJvaIkeweqcStjaHu3zfDI/QAZnkVK7IzXA+I+XFWyuZoJZlxBZ4Ouu
DZ0aRdEITRE3P0wrb8hn/9+g5Cd0OHrnMZ295+kt1fo4/SxsCqLG6gBLq/1p9mKN
CHxJ/dDC/WAc/MMtge/yxzTyxlcJDp1jCt139KsqWV5+yS0Pa1oRbTN4awTN4ntw
Cf0cQ+2owGqKQhJThVGt/SRB/GfBZB9fghERnv5l72vrKiCM4a7Hkj3CjtLqLV3N
zo7tW3f8NLQk319+Iu1OCrYDOID/d9wOqWMCig0jCcJjESEHVeRz/tRGPwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMJkjarXqvLrRNeoCHVGaeyX+kVsMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvd21TTnF0ZXE4dXRFMTZnSWRVWnA3SmY2Uld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWbkIAwQA
WbkMAwQAXbnWAwQAbUh6AwQCuR7IMA0GCSqGSIb3DQEBCwUAA4IBAQAAfiLUw2nz
IvT6bphSyPzYpm7GkHGJFotdfIpdYFTNeURltXXVa6tXak1hbyJwXfb55PwQK5y9
bM+MfJFJJozm9lV5NKlBeaWlSBrGcVzqzurWisv8fJESkfnZLnWsWH6PQqHDSdTW
MjMtIR5mC0sbK0ZqnUikFSKZzkawLofZLD1LsnfC9HkSUw1tuDrahgao+78P6aVi
K7n0/pVbrOjcrdNtgCjeJt0sfv+B4Ii7VCY/yJ6It77Ft2MhJVkKQTUBJ3xnNwST
xzR4vsfz7oJ/4sCn+AQZjTZHtIKdr2UvCVoH44jMIULciZjdUtdWPgUKbTbF5mfo
EaHyi2Tweth3
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:29:04 2025 by rpki-client