Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WBQ1BX-u9wxq7qA7wCoZdqUjT1M.roa
File: WBQ1BX-u9wxq7qA7wCoZdqUjT1M.roa (raw, json)
Hash identifier: LU99h6xW44zgpE/pL23wjBJ3VSr3LnmKCnFi4+edCmg=
Subject key identifier: 58:14:35:05:7F:AE:F7:0C:6A:EE:A0:3B:C0:2A:19:76:A5:23:4F:53
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194DBB9AEFC92C1B87554CACA4311EE9552
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WBQ1BX-u9wxq7qA7wCoZdqUjT1M.roa
Signing time: Thu 06 Feb 2025 14:46:06 +0000
ROA not before: Thu 06 Feb 2025 14:46:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.126.82.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.78.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.144.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 09 Feb 2025 18:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:db:b9:ae:fc:92:c1:b8:75:54:ca:ca:43:11:ee:95:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 6 14:46:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=581435057faef70c6aeea03bc02a1976a5234f53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7a:2a:8f:4f:6e:ff:56:f6:c4:bb:dc:69:e4:
ca:23:ba:b2:0a:c4:9e:9f:c0:1d:4a:07:bd:8d:90:
53:c6:db:0f:b8:a3:26:1d:93:51:dd:f7:63:90:70:
44:27:63:99:d3:40:21:5a:86:5b:c4:bc:ec:db:7a:
e5:3f:0d:7a:cd:43:a9:ab:58:95:8f:b0:8f:57:01:
3e:97:40:59:44:d4:1b:6d:da:f8:32:fe:af:73:df:
1a:74:a0:74:60:2d:a7:eb:e1:f5:e3:e3:90:67:13:
73:b8:21:e3:3f:c2:7a:08:80:13:db:8f:39:fc:0b:
33:fe:e0:7c:c2:e8:76:c8:f9:99:5f:86:46:3f:b4:
1c:18:a3:ea:03:cf:07:af:31:82:6b:40:01:c9:a2:
c4:4a:11:ea:6f:f7:ea:05:b6:67:31:15:f9:35:d3:
73:d0:2a:ad:c4:6a:e5:ea:42:28:9a:03:1b:2b:6c:
de:df:81:b8:b6:57:6d:b0:9f:d0:f3:1c:d8:59:04:
b5:dd:75:a6:50:df:00:af:73:d9:d3:8d:b7:a7:0d:
c4:73:bb:09:49:8a:12:6c:8c:04:7d:40:7b:6b:b2:
88:18:0d:5f:8b:67:0e:ab:99:7d:c5:50:8c:05:62:
e3:63:6a:3f:cc:5c:db:cc:b4:e1:e9:bb:50:a1:39:
e1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:14:35:05:7F:AE:F7:0C:6A:EE:A0:3B:C0:2A:19:76:A5:23:4F:53
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WBQ1BX-u9wxq7qA7wCoZdqUjT1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.82.0/24
185.209.75.0/24
185.218.20.0/24
185.220.248.0/24
185.220.250.0/23
185.223.78.0/24
185.223.80.0/24
185.225.0.0/23
185.227.144.0/24
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
71:b0:1a:74:1e:85:69:10:4d:26:58:c4:4b:8c:db:6e:ca:15:
71:55:60:9a:b8:d2:91:93:64:25:53:11:34:19:46:d3:d1:11:
50:c0:e6:49:eb:21:e5:44:58:b4:8b:2c:9c:5b:5d:b5:8f:61:
93:c3:e5:4c:be:57:9c:ec:88:69:14:d7:24:d4:b7:1e:51:ae:
d0:ac:bf:64:b5:b2:7a:6d:b3:84:41:13:25:60:4a:4b:fa:bd:
b4:f1:c7:97:f9:80:08:fc:fc:62:7b:53:72:7a:42:06:a4:cd:
d8:f0:d5:ad:22:3c:37:b4:d5:5b:c0:43:64:03:3f:76:67:3c:
2d:5c:7b:b3:ee:3e:8a:17:fd:bb:e5:45:17:95:d4:42:8e:68:
77:ae:35:e4:47:ff:8a:bb:a4:d3:21:be:42:aa:c3:51:db:17:
60:3d:68:09:44:57:c8:20:59:0c:7e:9f:db:c5:a0:b8:4d:9c:
6a:dd:30:c5:98:c8:67:2b:56:b9:8c:bc:50:54:48:1e:8a:ef:
52:a4:0d:e5:80:97:8f:24:eb:1c:87:b7:b1:19:a1:57:fb:30:
3b:a6:82:10:e7:b7:2f:9c:08:cd:a2:e0:d1:d4:3b:7d:41:c5:
56:19:08:cc:77:81:e1:8e:92:a8:da:dd:ea:24:09:0a:8c:3b:
0f:61:ca:22
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZTbua78ksG4dVTKykMR7pVSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMjA2MTQ0NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODE0MzUwNTdmYWVmNzBjNmFlZWEwM2JjMDJhMTk3NmE1MjM0ZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHoqj09u/1b2xLvcaeTKI7qyCsSe
n8AdSge9jZBTxtsPuKMmHZNR3fdjkHBEJ2OZ00AhWoZbxLzs23rlPw16zUOpq1iV
j7CPVwE+l0BZRNQbbdr4Mv6vc98adKB0YC2n6+H14+OQZxNzuCHjP8J6CIAT2485
/Asz/uB8wuh2yPmZX4ZGP7QcGKPqA88HrzGCa0AByaLEShHqb/fqBbZnMRX5NdNz
0CqtxGrl6kIomgMbK2ze34G4tldtsJ/Q8xzYWQS13XWmUN8Ar3PZ0423pw3Ec7sJ
SYoSbIwEfUB7a7KIGA1fi2cOq5l9xVCMBWLjY2o/zFzbzLTh6btQoTnhmQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFFgUNQV/rvcMau6gO8AqGXalI09TMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvV0JRMUJYLXU5d3hxN3FBN3dDb1pkcVVqVDFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAuX5SAwQA
udFLAwQAudoUAwQAudz4AwQBudz6AwQAud9OAwQAud9QAwQBueEAAwQAueOQAwQB
ueOSAwQBwQhwAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQBxsBp0HoVpEE0mWMRL
jNtuyhVxVWCauNKRk2QlUxE0GUbT0RFQwOZJ6yHlRFi0iyycW121j2GTw+VMvlec
7IhpFNck1LceUa7QrL9ktbJ6bbOEQRMlYEpL+r208ceX+YAI/Pxie1NyekIGpM3Y
8NWtIjw3tNVbwENkAz92ZzwtXHuz7j6KF/275UUXldRCjmh3rjXkR/+Ku6TTIb5C
qsNR2xdgPWgJRFfIIFkMfp/bxaC4TZxq3TDFmMhnK1a5jLxQVEgeiu9SpA3lgJeP
JOsch7exGaFX+zA7poIQ57cvnAjNouDR1Dt9QcVWGQjMd4HhjpKo2t3qJAkKjDsP
Ycoi
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:37:37 2025 by rpki-client