Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/WbX300Eiu2g_ASzieVYxOTlRA4w.roa
File: WbX300Eiu2g_ASzieVYxOTlRA4w.roa (raw, json)
Hash identifier: P8EF0WwPvSTawVLK93K8hhLz+T+I0HcVykx5DJOCXoo=
Subject key identifier: 59:B5:F7:D3:41:22:BB:68:3F:01:2C:E2:79:56:31:39:39:51:03:8C
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018DA2ACFB65E964331CEA9BD854D83651D3
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/WbX300Eiu2g_ASzieVYxOTlRA4w.roa
Signing time: Tue 13 Feb 2024 13:34:22 +0000
ROA not before: Tue 13 Feb 2024 13:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8434
IP address blocks: 192.71.158.0/24 maxlen: 24
194.68.99.0/24 maxlen: 24
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.248.0/21 maxlen: 21
194.132.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 09:07:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a2:ac:fb:65:e9:64:33:1c:ea:9b:d8:54:d8:36:51:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 13 13:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59b5f7d34122bb683f012ce2795631393951038c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e2:4e:1a:bb:3c:6f:02:42:d8:24:2b:9c:9f:
53:42:3e:d7:e7:b9:c0:7d:95:82:99:66:a4:15:89:
7f:0d:e7:45:e2:5b:c6:f4:a3:ad:a1:65:93:9d:18:
1c:0b:0a:66:ff:1e:ac:66:21:33:5e:14:f4:28:a1:
e2:08:dc:33:78:51:4a:0d:b9:36:98:a4:c4:8b:a0:
5c:ca:c0:53:51:16:73:09:5d:f1:af:d9:6c:3b:d4:
74:01:92:83:01:ac:60:45:6f:c5:b6:5f:30:4b:8f:
f9:de:1d:87:57:ff:4b:b9:c7:ae:e7:33:ed:dc:e1:
b4:6f:08:a5:7d:d4:b6:d7:2e:a2:1b:e7:c7:64:c2:
5c:b1:07:75:6a:0e:55:59:dc:76:04:2f:fa:94:c4:
8f:7b:29:59:3e:35:0c:f4:d8:16:cd:a8:76:94:2e:
19:c0:bd:a5:12:06:7a:cc:0b:df:21:ef:f1:21:ef:
b5:d7:a2:54:5f:92:d5:ec:69:53:8e:a9:4c:e1:25:
55:67:de:26:93:34:85:87:43:94:dd:03:0e:2a:fd:
db:7f:dc:92:ec:e5:76:84:54:78:c3:b6:46:d6:1a:
67:4a:3b:89:b6:30:3c:09:1c:9c:08:90:f3:5e:03:
db:ab:0d:c3:33:3f:43:f8:b3:c9:3b:b5:0f:26:1a:
1c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:B5:F7:D3:41:22:BB:68:3F:01:2C:E2:79:56:31:39:39:51:03:8C
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/WbX300Eiu2g_ASzieVYxOTlRA4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.158.0/24
194.68.99.0/24
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.248.0/21
194.132.174.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:7e:f2:9c:7f:19:dd:39:56:8f:11:06:96:a3:a4:a3:41:89:
9e:e5:56:e8:1d:51:19:8f:f6:90:87:bb:3f:30:d8:cf:e7:9f:
59:40:1d:f1:c3:01:ce:75:0e:b1:bb:3c:d7:3e:a9:fe:00:e2:
b2:37:1c:8f:64:2f:96:be:20:90:3b:e1:da:ba:92:db:18:ef:
06:54:27:4c:02:35:bd:27:c6:21:2a:4b:db:3f:b6:39:af:0a:
72:42:34:10:7f:b1:40:b4:9e:b4:6c:21:0e:84:de:0a:c3:78:
aa:bb:ae:29:9d:40:48:3e:af:53:70:47:d5:aa:cb:d7:3f:4e:
e3:ba:6c:d3:42:19:2f:54:61:34:81:41:74:4c:e2:92:4e:fc:
ae:55:44:3a:e4:9d:fc:26:53:24:59:c2:07:8b:95:64:b1:9d:
33:41:cf:06:2b:0e:16:f5:ca:01:26:02:9e:1d:b5:d6:4e:99:
65:98:4d:6a:08:ab:46:4b:65:be:c3:17:70:42:30:c3:da:8c:
c7:09:a2:f0:2c:45:28:aa:84:e9:b9:52:8f:8f:d5:fb:55:8e:
25:a1:5d:84:ef:29:8c:d0:dc:b4:80:b6:d0:6b:26:a9:c9:d1:
ac:fc:4f:d5:a0:78:9f:5c:b6:7f:82:06:a5:bf:18:d4:46:de:
dd:2c:8a:38
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY2irPtl6WQzHOqb2FTYNlHTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMjEzMTMzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWI1ZjdkMzQxMjJiYjY4M2YwMTJjZTI3OTU2MzEzOTM5NTEwMzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOJOGrs8bwJC2CQrnJ9TQj7X57nA
fZWCmWakFYl/DedF4lvG9KOtoWWTnRgcCwpm/x6sZiEzXhT0KKHiCNwzeFFKDbk2
mKTEi6BcysBTURZzCV3xr9lsO9R0AZKDAaxgRW/Ftl8wS4/53h2HV/9Luceu5zPt
3OG0bwilfdS21y6iG+fHZMJcsQd1ag5VWdx2BC/6lMSPeylZPjUM9NgWzah2lC4Z
wL2lEgZ6zAvfIe/xIe+116JUX5LV7GlTjqlM4SVVZ94mkzSFh0OU3QMOKv3bf9yS
7OV2hFR4w7ZG1hpnSjuJtjA8CRycCJDzXgPbqw3DMz9D+LPJO7UPJhocswIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFm199NBIrtoPwEs4nlWMTk5UQOMMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvV2JYMzAwRWl1MmdfQVN6aWVWWXhPVGxSQTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwEeeAwQA
wkRjAwQAwkcbAwQAwkdTAwQBwkeMAwQDwkf4AwQAwoSuMA0GCSqGSIb3DQEBCwUA
A4IBAQC7fvKcfxndOVaPEQaWo6SjQYme5VboHVEZj/aQh7s/MNjP559ZQB3xwwHO
dQ6xuzzXPqn+AOKyNxyPZC+WviCQO+HaupLbGO8GVCdMAjW9J8YhKkvbP7Y5rwpy
QjQQf7FAtJ60bCEOhN4Kw3iqu64pnUBIPq9TcEfVqsvXP07jumzTQhkvVGE0gUF0
TOKSTvyuVUQ65J38JlMkWcIHi5VksZ0zQc8GKw4W9coBJgKeHbXWTpllmE1qCKtG
S2W+wxdwQjDD2ozHCaLwLEUoqoTpuVKPj9X7VY4loV2E7ymM0Ny0gLbQayapydGs
/E/VoHifXLZ/ggalvxjURt7dLIo4
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:26 2025 by rpki-client