Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/Wy7W8HTr_QJiY_reE0-4LYFNBMI.roa
File: Wy7W8HTr_QJiY_reE0-4LYFNBMI.roa (raw, json)
Hash identifier: d8RUhQ9zU6ou3c1Fn5XXn4SRpzN5PhuRf+aYWQeILUc=
Subject key identifier: 5B:2E:D6:F0:74:EB:FD:02:62:63:FA:DE:13:4F:B8:2D:81:4D:04:C2
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 018F9F6A257A6202630BC83EDED0ACC7AE37
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/Wy7W8HTr_QJiY_reE0-4LYFNBMI.roa
Signing time: Wed 22 May 2024 08:28:04 +0000
ROA not before: Wed 22 May 2024 08:28:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 152.89.193.0/24 maxlen: 24
152.89.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Nov 2024 15:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:6a:25:7a:62:02:63:0b:c8:3e:de:d0:ac:c7:ae:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: May 22 08:28:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b2ed6f074ebfd026263fade134fb82d814d04c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a8:18:ec:41:82:03:fc:e9:db:b6:85:31:2c:
71:64:8c:31:fa:04:0b:b2:dc:11:c8:f4:ef:3a:ef:
13:de:1d:28:df:f8:1c:be:2e:65:60:f0:a9:3a:96:
c7:31:b4:57:94:57:a6:24:3d:11:53:42:56:b3:3d:
94:af:9c:a8:65:a4:11:63:47:d4:46:7b:a3:66:ec:
15:94:cd:10:8c:0c:42:49:56:0e:f9:3f:0b:8e:8b:
9f:c8:46:52:ed:18:88:33:6d:41:c5:e6:b2:be:11:
05:ae:7f:ea:0c:35:8d:08:00:d2:07:86:ef:43:2e:
7c:1a:2c:49:88:c3:ba:7f:8d:91:cd:86:a0:24:70:
c7:36:62:fd:65:6d:65:c1:1f:fc:8b:74:e3:26:03:
12:29:46:39:cd:72:01:66:12:cb:24:e7:bc:61:e2:
01:10:2f:93:0c:5e:72:93:b6:5d:2a:39:73:5a:26:
89:d7:bc:f0:15:63:a8:8f:10:65:62:2f:72:14:a2:
3f:4f:65:54:6d:42:20:99:75:98:41:39:d5:ed:7f:
50:d3:47:39:a3:02:7b:cf:a2:fb:b1:5b:df:c8:9a:
94:b2:59:ed:d4:ae:32:5d:f5:a6:72:e9:1f:b6:27:
d8:f9:c9:6c:44:46:db:a3:b7:c9:bb:a4:0c:1c:c3:
94:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:2E:D6:F0:74:EB:FD:02:62:63:FA:DE:13:4F:B8:2D:81:4D:04:C2
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/Wy7W8HTr_QJiY_reE0-4LYFNBMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.193.0-152.89.194.255
Signature Algorithm: sha256WithRSAEncryption
37:46:61:1f:51:7c:bd:e7:d5:fd:bb:2f:6f:60:68:ad:4d:9f:
56:e7:b3:24:59:b0:73:de:e7:3c:b7:b8:4e:21:67:f6:8c:37:
e9:95:8f:2a:8c:86:f4:a4:d3:1a:19:73:76:c4:bb:92:0a:f5:
51:dc:cd:c0:f9:5e:0d:a7:fa:94:b9:ac:16:b0:79:a8:e7:d6:
be:e8:b8:c3:1d:8e:3d:c6:5e:a5:de:3a:79:bb:dd:c1:f1:6d:
ad:01:68:17:8a:f9:20:34:d7:84:0b:f5:89:ca:64:a5:1d:d7:
28:81:84:0d:07:d9:de:71:91:3d:6a:5a:84:0b:6a:b2:49:8d:
82:88:a7:58:a1:4e:cf:0f:ea:11:b4:a9:e0:26:51:1e:44:db:
74:e3:34:41:7e:1c:27:c9:d6:1d:b4:67:42:c9:a9:34:0f:e1:
85:8e:48:e4:3c:48:2f:ac:b9:1a:93:b4:94:99:ad:4c:b6:d9:
a2:c2:c8:af:dd:11:62:d2:78:dd:65:26:83:a8:3f:11:ff:9f:
e6:6e:ac:04:52:77:50:aa:ba:f6:36:8f:33:e2:8e:84:ad:5b:
aa:76:9a:28:33:e7:fa:be:c5:38:ee:8c:62:e4:9e:4c:69:f7:
64:9b:27:aa:c2:d4:77:5f:13:3a:a6:11:43:7a:3b:77:1c:18:
47:c0:72:96
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY+faiV6YgJjC8g+3tCsx643MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjQwNTIyMDgyODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjJlZDZmMDc0ZWJmZDAyNjI2M2ZhZGUxMzRmYjgyZDgxNGQwNGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqgY7EGCA/zp27aFMSxxZIwx+gQL
stwRyPTvOu8T3h0o3/gcvi5lYPCpOpbHMbRXlFemJD0RU0JWsz2Ur5yoZaQRY0fU
RnujZuwVlM0QjAxCSVYO+T8LjoufyEZS7RiIM21BxeayvhEFrn/qDDWNCADSB4bv
Qy58GixJiMO6f42RzYagJHDHNmL9ZW1lwR/8i3TjJgMSKUY5zXIBZhLLJOe8YeIB
EC+TDF5yk7ZdKjlzWiaJ17zwFWOojxBlYi9yFKI/T2VUbUIgmXWYQTnV7X9Q00c5
owJ7z6L7sVvfyJqUslnt1K4yXfWmcukftifY+clsREbbo7fJu6QMHMOUoQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFsu1vB06/0CYmP63hNPuC2BTQTCMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvV3k3VzhIVHJfUUppWV9yZUUwLTRMWUZOQk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACYWcED
BACYWcIwDQYJKoZIhvcNAQELBQADggEBADdGYR9RfL3n1f27L29gaK1Nn1bnsyRZ
sHPe5zy3uE4hZ/aMN+mVjyqMhvSk0xoZc3bEu5IK9VHczcD5Xg2n+pS5rBaweajn
1r7ouMMdjj3GXqXeOnm73cHxba0BaBeK+SA014QL9YnKZKUd1yiBhA0H2d5xkT1q
WoQLarJJjYKIp1ihTs8P6hG0qeAmUR5E23TjNEF+HCfJ1h20Z0LJqTQP4YWOSOQ8
SC+suRqTtJSZrUy22aLCyK/dEWLSeN1lJoOoPxH/n+ZurARSd1CquvY2jzPijoSt
W6p2migz5/q+xTjujGLknkxp92SbJ6rC1HdfEzqmEUN6O3ccGEfAcpY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:14:49 2025 by rpki-client