Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/wfABsmJX2H74O9wwzI-h9cLzSmM.roa
File: wfABsmJX2H74O9wwzI-h9cLzSmM.roa (raw, json)
Hash identifier: gA9juxbUSICeym0JZ0qNUzJFt0elw0tGmzitM1xIrYw=
Subject key identifier: C1:F0:01:B2:62:57:D8:7E:F8:3B:DC:30:CC:8F:A1:F5:C2:F3:4A:63
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018F2EE9DA609B08D5E9998C278C217CF001
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/wfABsmJX2H74O9wwzI-h9cLzSmM.roa
Signing time: Tue 30 Apr 2024 12:10:28 +0000
ROA not before: Tue 30 Apr 2024 12:10:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52053
IP address blocks: 85.117.241.0/24 maxlen: 24
185.255.112.0/24 maxlen: 24
193.38.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 17:51:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:e9:da:60:9b:08:d5:e9:99:8c:27:8c:21:7c:f0:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Apr 30 12:10:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1f001b26257d87ef83bdc30cc8fa1f5c2f34a63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:64:f3:0a:33:bc:34:8d:61:2e:65:b4:11:01:
ed:11:1c:6a:8f:e7:61:9f:fa:2f:d0:39:cf:a8:f7:
53:8d:75:0d:92:99:84:cd:a6:23:0f:ed:c3:5e:d3:
62:51:4a:13:d3:a1:a7:6f:2c:27:0b:7e:aa:6a:16:
47:cf:8b:9e:f8:2a:3c:e4:bd:cd:22:ed:2d:d1:8e:
b1:90:75:f4:6a:d7:c6:53:f2:1f:16:65:51:24:b2:
ce:25:a4:38:c8:7c:26:ff:96:ea:31:a4:df:c3:7b:
3e:8c:cc:c5:ed:d5:6f:f5:b1:33:4d:9e:98:f6:af:
53:eb:4f:88:21:a1:28:06:a4:a4:a5:0c:9a:0c:fe:
26:f3:f1:05:e6:45:8c:72:44:ef:d9:91:85:c1:4b:
0f:8b:0f:ff:d3:97:22:1b:54:b6:8a:74:13:29:ec:
fd:57:11:fd:c2:37:03:83:f5:cb:8e:8a:10:28:74:
d7:e4:e3:75:5b:5c:3e:9d:77:70:c2:08:af:f0:f9:
46:39:9f:38:73:7a:9c:66:5c:40:01:0e:fa:4c:82:
41:8c:cc:cf:0e:b1:5a:91:98:68:e9:ab:ce:50:d0:
04:05:13:b8:6c:9e:5c:3a:61:9a:07:9c:35:ee:7c:
c6:d5:d6:ec:b3:d6:b4:3f:45:70:c4:b4:a1:43:6a:
88:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F0:01:B2:62:57:D8:7E:F8:3B:DC:30:CC:8F:A1:F5:C2:F3:4A:63
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/wfABsmJX2H74O9wwzI-h9cLzSmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.241.0/24
185.255.112.0/24
193.38.250.0/24
Signature Algorithm: sha256WithRSAEncryption
61:76:2a:3d:5e:1d:fe:b0:83:ca:7b:1a:b8:fb:55:ca:fe:35:
60:df:53:dd:d3:12:9e:af:05:06:32:ad:ad:6a:76:a4:bc:30:
42:22:84:d7:26:65:ac:c1:ac:9e:12:1e:e9:4b:59:2e:b5:e7:
d0:37:a2:76:a3:a9:c0:f5:bb:4b:53:f5:64:a0:53:4b:80:c6:
ac:ac:ae:43:bf:c8:aa:5a:53:cb:98:89:47:8e:fb:10:4a:63:
54:3f:6c:8c:ae:d7:9a:15:20:5d:96:42:aa:9f:25:98:2d:39:
54:8e:5c:d1:4b:d5:38:e2:41:9b:82:7b:03:23:bc:07:92:07:
09:d5:f9:f2:a9:bb:12:7b:55:23:38:49:37:c2:9e:bc:31:4f:
24:21:2e:61:61:05:61:ea:d5:f1:7b:b8:a1:f3:1c:fd:35:ad:
7a:43:44:9d:04:f4:a0:1c:ee:9c:c0:fb:89:69:9a:e2:58:be:
ad:60:39:f4:66:96:a9:bd:fa:90:14:60:cc:81:ee:ba:43:34:
ed:f5:5a:72:92:5f:c3:53:9c:9a:0c:5a:36:fc:23:d6:c0:99:
9d:f3:29:80:26:8b:8f:1d:ab:04:96:e1:d7:f1:35:03:c0:65:
1a:9f:63:f9:ad:db:5d:94:8c:73:62:10:02:14:d5:96:f3:c9:
9b:7f:35:e8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8u6dpgmwjV6ZmMJ4whfPABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwNDMwMTIxMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWYwMDFiMjYyNTdkODdlZjgzYmRjMzBjYzhmYTFmNWMyZjM0YTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmTzCjO8NI1hLmW0EQHtERxqj+dh
n/ov0DnPqPdTjXUNkpmEzaYjD+3DXtNiUUoT06GnbywnC36qahZHz4ue+Co85L3N
Iu0t0Y6xkHX0atfGU/IfFmVRJLLOJaQ4yHwm/5bqMaTfw3s+jMzF7dVv9bEzTZ6Y
9q9T60+IIaEoBqSkpQyaDP4m8/EF5kWMckTv2ZGFwUsPiw//05ciG1S2inQTKez9
VxH9wjcDg/XLjooQKHTX5ON1W1w+nXdwwgiv8PlGOZ84c3qcZlxAAQ76TIJBjMzP
DrFakZho6avOUNAEBRO4bJ5cOmGaB5w17nzG1dbss9a0P0VwxLShQ2qItwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMHwAbJiV9h++DvcMMyPofXC80pjMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvd2ZBQnNtSlgySDc0Tzl3d3pJLWg5Y0x6U21NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVXXxAwQA
uf9wAwQAwSb6MA0GCSqGSIb3DQEBCwUAA4IBAQBhdio9Xh3+sIPKexq4+1XK/jVg
31Pd0xKerwUGMq2tanakvDBCIoTXJmWswayeEh7pS1kutefQN6J2o6nA9btLU/Vk
oFNLgMasrK5Dv8iqWlPLmIlHjvsQSmNUP2yMrteaFSBdlkKqnyWYLTlUjlzRS9U4
4kGbgnsDI7wHkgcJ1fnyqbsSe1UjOEk3wp68MU8kIS5hYQVh6tXxe7ih8xz9Na16
Q0SdBPSgHO6cwPuJaZriWL6tYDn0ZpapvfqQFGDMge66QzTt9Vpykl/DU5yaDFo2
/CPWwJmd8ymAJouPHasEluHX8TUDwGUan2P5rdtdlIxzYhACFNWW88mbfzXo
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:23 2025 by rpki-client