Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/WV4erdaX9D5Y7Cas_Xg3gS0mf_s.roa
File: WV4erdaX9D5Y7Cas_Xg3gS0mf_s.roa (raw, json)
Hash identifier: Azxy1VCXTigXF4a9Y+gXbVstL71zqIVNMTXd54jbZ28=
Subject key identifier: 59:5E:1E:AD:D6:97:F4:3E:58:EC:26:AC:FD:78:37:81:2D:26:7F:FB
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0194C1B8E1A6D74CA175B4BBD2740FE3FBBE
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/WV4erdaX9D5Y7Cas_Xg3gS0mf_s.roa
Signing time: Sat 01 Feb 2025 13:35:06 +0000
ROA not before: Sat 01 Feb 2025 13:35:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 88.209.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Mar 2025 07:14:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c1:b8:e1:a6:d7:4c:a1:75:b4:bb:d2:74:0f:e3:fb:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 1 13:35:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=595e1eadd697f43e58ec26acfd7837812d267ffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8d:f5:2f:d0:84:da:df:ad:fa:5e:52:65:00:
de:79:a6:7d:46:1e:4e:f8:4f:4c:9b:06:d5:7f:d2:
7e:f1:3b:9e:74:b8:78:7f:8c:a8:a0:91:4e:92:f5:
7a:66:f4:66:ac:ae:97:53:92:5a:e8:31:ba:4d:05:
d6:45:e3:0d:eb:df:4c:6b:c8:3a:4d:f5:84:47:37:
f6:d7:b6:89:46:0b:15:d9:41:a3:09:3a:f6:d0:1e:
d1:0d:79:6d:96:41:82:69:ee:3e:ce:12:cc:10:97:
be:01:d9:59:44:50:00:9a:0f:de:c8:f5:83:fe:e9:
a7:25:90:70:5e:ff:54:c3:01:57:ff:21:ef:c8:73:
95:fc:5a:e0:c5:6e:95:a4:34:46:2e:0a:42:ec:e4:
94:57:9d:77:99:1b:70:ed:c1:47:c1:a6:6d:29:21:
e7:28:56:86:74:17:da:a8:12:82:9c:b3:ca:ae:8c:
52:9d:c2:8a:d6:f6:d1:95:14:ff:8b:f5:7a:b1:d4:
b4:ca:1b:c8:cb:98:3f:8f:fb:dc:9f:55:94:48:5a:
55:de:69:96:51:9f:18:c6:38:e4:9b:3c:f2:7a:2d:
37:be:fc:8d:66:21:65:be:0e:14:9c:53:e0:4d:5d:
0b:c5:59:51:a6:91:d7:a0:7d:a1:3a:30:fc:75:47:
3c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:5E:1E:AD:D6:97:F4:3E:58:EC:26:AC:FD:78:37:81:2D:26:7F:FB
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/WV4erdaX9D5Y7Cas_Xg3gS0mf_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.244.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:5d:54:f2:71:4f:c0:47:fb:5a:7b:d9:40:e0:81:b0:83:7e:
3a:75:dc:fc:d0:78:95:b1:ed:73:8c:8a:dd:39:83:b9:2b:ed:
f7:df:de:b5:9c:77:2f:27:fa:b4:53:94:4f:b4:34:96:3d:58:
80:bd:1f:61:c7:8d:29:7b:a6:d1:80:d4:4d:09:02:7a:4a:0a:
9e:3e:4f:61:47:51:82:8e:0d:03:32:16:03:6c:3c:7a:44:be:
05:42:e4:a0:c9:25:17:08:07:6c:90:4a:d1:e8:56:b3:6e:ca:
f3:ce:65:85:96:a0:e1:3e:60:f9:4f:58:cb:94:58:ca:79:25:
57:d6:fa:d9:52:aa:e7:8f:ec:c9:47:41:2b:90:ee:76:0b:aa:
58:2a:e1:75:8c:70:e9:ba:db:95:c0:36:48:8b:21:78:44:b2:
ef:e1:ff:08:ef:c3:c5:68:44:43:4c:b5:85:86:05:18:dc:c5:
76:ce:9f:7d:65:c6:1d:64:27:ab:8e:5d:c6:e0:fc:ef:be:ed:
40:2f:6f:a4:62:17:2f:16:b4:e6:62:4f:41:fb:df:80:09:fc:
23:a5:36:3b:5d:50:c5:2c:f6:74:5b:1e:29:ba:04:9f:10:de:
80:2f:96:3b:f6:ca:73:3e:7d:29:1d:bb:5d:81:16:41:02:f4:
91:a5:17:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTBuOGm10yhdbS70nQP4/u+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMjAxMTMzNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTVlMWVhZGQ2OTdmNDNlNThlYzI2YWNmZDc4Mzc4MTJkMjY3ZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvo31L9CE2t+t+l5SZQDeeaZ9Rh5O
+E9MmwbVf9J+8TuedLh4f4yooJFOkvV6ZvRmrK6XU5Ja6DG6TQXWReMN699Ma8g6
TfWERzf217aJRgsV2UGjCTr20B7RDXltlkGCae4+zhLMEJe+AdlZRFAAmg/eyPWD
/umnJZBwXv9UwwFX/yHvyHOV/FrgxW6VpDRGLgpC7OSUV513mRtw7cFHwaZtKSHn
KFaGdBfaqBKCnLPKroxSncKK1vbRlRT/i/V6sdS0yhvIy5g/j/vcn1WUSFpV3mmW
UZ8Yxjjkmzzyei03vvyNZiFlvg4UnFPgTV0LxVlRppHXoH2hOjD8dUc8mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFleHq3Wl/Q+WOwmrP14N4EtJn/7MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvV1Y0ZXJkYVg5RDVZN0Nhc19YZzNnUzBtZl9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNH0MA0G
CSqGSIb3DQEBCwUAA4IBAQC7XVTycU/AR/tae9lA4IGwg346ddz80HiVse1zjIrd
OYO5K+333961nHcvJ/q0U5RPtDSWPViAvR9hx40pe6bRgNRNCQJ6SgqePk9hR1GC
jg0DMhYDbDx6RL4FQuSgySUXCAdskErR6FazbsrzzmWFlqDhPmD5T1jLlFjKeSVX
1vrZUqrnj+zJR0ErkO52C6pYKuF1jHDputuVwDZIiyF4RLLv4f8I78PFaERDTLWF
hgUY3MV2zp99ZcYdZCerjl3G4Pzvvu1AL2+kYhcvFrTmYk9B+9+ACfwjpTY7XVDF
LPZ0Wx4pugSfEN6AL5Y79spzPn0pHbtdgRZBAvSRpRfK
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:21:27 2025 by rpki-client