Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/5e6a8f-0b79-4894-b91c-eecee893c527/1/WPrE-BmhZ1k_zZjElfmBbgbSJVg.roa
File: WPrE-BmhZ1k_zZjElfmBbgbSJVg.roa (raw, json)
Hash identifier: xcrd2//YylLYpXJHG9qz9OiR6JgHj95ywvfqF2gAmkI=
Subject key identifier: 58:FA:C4:F8:19:A1:67:59:3F:CD:98:C4:95:F9:81:6E:06:D2:25:58
Certificate issuer: /CN=1b0bb51a7b532be4d44ba604ae6e063f063f37d4
Certificate serial: 018CC94D5CDF0BB8EDDAB58836DACF2C9B75
Authority key identifier: 1B:0B:B5:1A:7B:53:2B:E4:D4:4B:A6:04:AE:6E:06:3F:06:3F:37:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gwu1GntTK-TUS6YErm4GPwY_N9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/5e6a8f-0b79-4894-b91c-eecee893c527/1/WPrE-BmhZ1k_zZjElfmBbgbSJVg.roa
Signing time: Tue 02 Jan 2024 08:32:19 +0000
ROA not before: Tue 02 Jan 2024 08:32:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206429
IP address blocks: 185.186.196.0/22 maxlen: 22
185.252.152.0/22 maxlen: 22
2a0b:8580::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:5c:df:0b:b8:ed:da:b5:88:36:da:cf:2c:9b:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0bb51a7b532be4d44ba604ae6e063f063f37d4
Validity
Not Before: Jan 2 08:32:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58fac4f819a167593fcd98c495f9816e06d22558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:22:91:7e:3e:6b:b7:bb:cd:b5:e2:96:41:11:
4e:a3:f2:94:21:1a:34:8c:88:5f:b0:b1:1b:ea:bd:
19:dd:d2:ed:58:c1:8b:3c:b8:aa:d8:1e:2d:ec:82:
a2:4c:c2:8a:e3:b0:03:17:7c:67:1e:bd:1a:22:ec:
a1:3c:db:6b:8f:b9:d9:b5:b1:77:e0:a2:6b:8b:ee:
9b:33:88:aa:e5:86:8f:e5:39:93:c5:3d:9f:c5:62:
72:ec:d1:75:c3:3a:e9:9c:33:85:b7:fc:cb:13:05:
01:ff:98:80:de:a5:a7:72:33:42:f6:0d:fa:c1:f5:
d8:72:37:e2:3c:df:1f:54:78:cd:7e:9e:bc:b4:37:
eb:53:54:8c:5e:67:04:88:6b:d7:9a:6d:25:59:02:
b7:e6:19:7c:cb:98:6c:c4:a1:5f:5a:18:09:16:c1:
03:02:81:14:13:c1:ca:5b:8f:0f:74:6c:0b:1a:5e:
2a:85:39:d1:af:56:4e:9a:03:f3:5b:db:c7:f7:5a:
b6:e6:46:bd:ba:e3:9f:05:a1:b1:1a:7c:84:6d:aa:
14:be:1d:4a:21:31:8d:59:6e:01:77:da:92:3b:eb:
ae:92:1e:21:91:9e:70:c4:29:37:96:6e:38:8b:02:
bb:93:c6:65:aa:1e:f3:e2:e5:05:a2:24:62:56:15:
18:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:FA:C4:F8:19:A1:67:59:3F:CD:98:C4:95:F9:81:6E:06:D2:25:58
X509v3 Authority Key Identifier:
keyid:1B:0B:B5:1A:7B:53:2B:E4:D4:4B:A6:04:AE:6E:06:3F:06:3F:37:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gwu1GntTK-TUS6YErm4GPwY_N9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5e6a8f-0b79-4894-b91c-eecee893c527/1/WPrE-BmhZ1k_zZjElfmBbgbSJVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5e6a8f-0b79-4894-b91c-eecee893c527/1/Gwu1GntTK-TUS6YErm4GPwY_N9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.196.0/22
185.252.152.0/22
IPv6:
2a0b:8580::/29
Signature Algorithm: sha256WithRSAEncryption
4d:dd:1f:c1:21:6f:83:88:31:14:18:4b:b1:3b:f4:d3:19:8e:
c1:6e:88:6f:55:0e:63:1f:10:eb:e4:e6:ee:1f:93:66:43:c3:
d3:9b:26:62:c1:29:42:c0:c9:a2:e6:72:50:bc:f7:36:5f:ef:
62:8b:d5:07:56:ce:16:d3:c0:59:06:84:23:b0:a0:16:91:7a:
8d:95:63:e4:fc:18:92:e3:0f:f4:9a:3e:8f:85:14:ff:28:9c:
75:ae:7b:06:56:e0:2c:48:a8:66:f2:3c:d7:bd:57:5f:1e:f6:
74:86:ef:1e:2e:51:6a:66:61:26:61:19:48:19:35:ed:96:b0:
98:33:6c:fa:a1:27:f0:f8:6c:c9:d5:99:8e:94:9b:71:2e:48:
f2:c5:25:8a:ee:fc:33:77:57:2f:97:59:f8:77:4b:5f:39:1e:
9d:ac:e8:50:49:ba:27:95:62:65:88:03:f5:c3:02:3d:82:29:
5d:0b:05:59:c4:ac:17:77:ac:6e:2e:0b:3b:87:fd:5e:b6:f0:
d0:36:33:4e:71:08:f0:d4:89:6d:e2:06:a9:57:db:99:86:aa:
0d:58:76:a1:e0:c9:32:4e:de:dc:d6:91:fa:c6:58:99:a6:8f:
2c:f6:65:a1:af:57:45:f9:8d:82:d2:3a:91:17:a2:eb:07:ad:
f8:e3:fe:b4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJTVzfC7jt2rWINtrPLJt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMGJiNTFhN2I1MzJiZTRkNDRiYTYwNGFlNmUwNjNmMDYz
ZjM3ZDQwHhcNMjQwMTAyMDgzMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGZhYzRmODE5YTE2NzU5M2ZjZDk4YzQ5NWY5ODE2ZTA2ZDIyNTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SKRfj5rt7vNteKWQRFOo/KUIRo0
jIhfsLEb6r0Z3dLtWMGLPLiq2B4t7IKiTMKK47ADF3xnHr0aIuyhPNtrj7nZtbF3
4KJri+6bM4iq5YaP5TmTxT2fxWJy7NF1wzrpnDOFt/zLEwUB/5iA3qWncjNC9g36
wfXYcjfiPN8fVHjNfp68tDfrU1SMXmcEiGvXmm0lWQK35hl8y5hsxKFfWhgJFsED
AoEUE8HKW48PdGwLGl4qhTnRr1ZOmgPzW9vH91q25ka9uuOfBaGxGnyEbaoUvh1K
ITGNWW4Bd9qSO+uukh4hkZ5wxCk3lm44iwK7k8Zlqh7z4uUFoiRiVhUYBQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFj6xPgZoWdZP82YxJX5gW4G0iVYMB8GA1UdIwQY
MBaAFBsLtRp7Uyvk1EumBK5uBj8GPzfUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3d1MUdudFRLLVRVUzZZRXJtNEdQd1lfTjlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi81ZTZhOGYtMGI3OS00ODk0LWI5MWMt
ZWVjZWU4OTNjNTI3LzEvV1ByRS1CbWhaMWtfelpqRWxmbUJiZ2JTSlZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi81ZTZhOGYtMGI3OS00ODk0LWI5MWMtZWVjZWU4OTNjNTI3
LzEvR3d1MUdudFRLLVRVUzZZRXJtNEdQd1lfTjlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCubrEAwQC
ufyYMA0EAgACMAcDBQMqC4WAMA0GCSqGSIb3DQEBCwUAA4IBAQBN3R/BIW+DiDEU
GEuxO/TTGY7BbohvVQ5jHxDr5ObuH5NmQ8PTmyZiwSlCwMmi5nJQvPc2X+9ii9UH
Vs4W08BZBoQjsKAWkXqNlWPk/BiS4w/0mj6PhRT/KJx1rnsGVuAsSKhm8jzXvVdf
HvZ0hu8eLlFqZmEmYRlIGTXtlrCYM2z6oSfw+GzJ1ZmOlJtxLkjyxSWK7vwzd1cv
l1n4d0tfOR6drOhQSbonlWJliAP1wwI9gildCwVZxKwXd6xuLgs7h/1etvDQNjNO
cQjw1Ilt4gapV9uZhqoNWHah4MkyTt7c1pH6xliZpo8s9mWhr1dF+Y2C0jqRF6Lr
B6344/60
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:58:38 2025 by rpki-client