Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a94dea-2ffc-408d-aa9d-1ae36a4469fd/1/WkH0uGp4HoXZqUyJa4iBbr8yNuo.roa
File: WkH0uGp4HoXZqUyJa4iBbr8yNuo.roa (raw, json)
Hash identifier: J5HOqeq//9Q4GWb0ZhzqqxYT0H8YvIEvm0MVKyPGjnY=
Subject key identifier: 5A:41:F4:B8:6A:78:1E:85:D9:A9:4C:89:6B:88:81:6E:BF:32:36:EA
Certificate issuer: /CN=ab06c8f2247d22041c82e555667881e50f9154ab
Certificate serial: 018CC87137305B5A7EDB72518C361045C2AD
Authority key identifier: AB:06:C8:F2:24:7D:22:04:1C:82:E5:55:66:78:81:E5:0F:91:54:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwbI8iR9IgQcguVVZniB5Q-RVKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/a94dea-2ffc-408d-aa9d-1ae36a4469fd/1/WkH0uGp4HoXZqUyJa4iBbr8yNuo.roa
Signing time: Tue 02 Jan 2024 04:31:52 +0000
ROA not before: Tue 02 Jan 2024 04:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48821
IP address blocks: 185.138.52.0/22 maxlen: 24
2a07:a40::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 28 Jun 2024 05:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:37:30:5b:5a:7e:db:72:51:8c:36:10:45:c2:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab06c8f2247d22041c82e555667881e50f9154ab
Validity
Not Before: Jan 2 04:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a41f4b86a781e85d9a94c896b88816ebf3236ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:25:c9:d3:0e:f9:eb:e1:2c:26:7f:d8:6e:0c:
40:21:44:fb:13:3e:a3:cd:00:65:0a:f3:28:54:7e:
91:49:44:08:45:6f:5a:34:4c:1e:6c:33:b4:c0:f7:
fe:a0:fc:66:5b:c2:9c:ad:9c:69:ec:c5:1f:77:07:
4a:f4:35:89:85:8b:03:4c:12:5d:18:5f:2e:3b:76:
3c:14:43:a1:a4:76:c7:e5:93:7b:16:d0:fd:63:f3:
55:45:4a:10:4a:83:8c:44:bb:47:2e:f9:1d:9a:95:
b6:0d:40:7b:ff:57:55:4a:09:83:7d:d5:19:59:e3:
19:bd:22:92:6d:a5:78:58:ad:4d:0d:05:cc:62:f6:
4d:63:56:6f:ac:4a:d2:9b:c4:ad:ee:56:1a:42:34:
a9:52:88:f4:13:8b:3e:23:9a:6a:45:b8:9f:00:28:
fb:22:52:90:e1:27:e9:a0:b9:9b:98:da:e8:86:ee:
fc:6a:a0:ea:7d:f5:ac:8c:8b:b2:13:b1:00:b9:3a:
55:f6:f8:d6:25:ec:89:2d:72:42:0a:1c:9d:cc:b2:
c8:8a:51:75:6b:49:0b:76:93:a6:77:5f:ca:ef:77:
37:b8:5e:32:52:9c:60:a4:2e:b6:b2:64:b0:f4:38:
bb:53:ec:f4:7b:76:7e:06:6c:11:62:44:3e:54:b7:
f3:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:41:F4:B8:6A:78:1E:85:D9:A9:4C:89:6B:88:81:6E:BF:32:36:EA
X509v3 Authority Key Identifier:
keyid:AB:06:C8:F2:24:7D:22:04:1C:82:E5:55:66:78:81:E5:0F:91:54:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwbI8iR9IgQcguVVZniB5Q-RVKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a94dea-2ffc-408d-aa9d-1ae36a4469fd/1/WkH0uGp4HoXZqUyJa4iBbr8yNuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a94dea-2ffc-408d-aa9d-1ae36a4469fd/1/qwbI8iR9IgQcguVVZniB5Q-RVKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.52.0/22
IPv6:
2a07:a40::/29
Signature Algorithm: sha256WithRSAEncryption
0c:0c:a9:f6:d1:c5:60:a5:6c:f2:32:1b:cd:0c:09:64:1e:7b:
8e:1d:47:4b:9c:88:e4:e8:82:4c:aa:89:e0:e6:97:fc:c4:7f:
a6:a9:30:17:07:58:7d:db:99:2b:43:13:95:3d:e2:58:0f:a6:
8d:f0:5e:63:48:6a:f1:af:d2:88:e3:af:69:9b:62:a3:60:6d:
fa:e9:b5:19:02:9b:9d:f3:4f:6a:86:4e:65:47:e9:29:bf:76:
70:74:ff:7f:2d:55:26:8e:75:b6:d5:e2:6f:c1:0d:e5:6c:47:
77:3b:f7:bb:94:7f:24:ad:ff:19:ea:a6:29:42:5e:42:be:78:
4f:d2:2c:78:21:70:09:fd:5f:79:19:2c:85:13:f3:6d:ca:e3:
ab:e9:4d:4a:8a:0d:68:26:c2:3d:fe:49:7d:39:59:1f:92:ab:
5d:e8:ee:f7:53:13:61:fb:d0:06:f0:2d:d3:fb:f2:b5:50:8e:
6a:0a:bf:92:ef:24:d4:87:fe:0e:b3:1d:98:c4:a3:b5:0f:3d:
15:eb:57:ff:80:6b:f1:7a:f5:60:a3:ee:6b:93:0e:fd:d5:5b:
fe:16:b1:28:d7:fb:b5:8e:e9:a1:08:8e:74:11:5e:60:37:c4:
49:7a:8b:7b:d1:1b:9e:77:52:c3:75:c1:d7:73:b1:00:29:64:
fd:6e:b7:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcTcwW1p+23JRjDYQRcKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDZjOGYyMjQ3ZDIyMDQxYzgyZTU1NTY2Nzg4MWU1MGY5
MTU0YWIwHhcNMjQwMTAyMDQzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTQxZjRiODZhNzgxZTg1ZDlhOTRjODk2Yjg4ODE2ZWJmMzIzNmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyXJ0w756+EsJn/YbgxAIUT7Ez6j
zQBlCvMoVH6RSUQIRW9aNEwebDO0wPf+oPxmW8KcrZxp7MUfdwdK9DWJhYsDTBJd
GF8uO3Y8FEOhpHbH5ZN7FtD9Y/NVRUoQSoOMRLtHLvkdmpW2DUB7/1dVSgmDfdUZ
WeMZvSKSbaV4WK1NDQXMYvZNY1ZvrErSm8St7lYaQjSpUoj0E4s+I5pqRbifACj7
IlKQ4SfpoLmbmNrohu78aqDqffWsjIuyE7EAuTpV9vjWJeyJLXJCChydzLLIilF1
a0kLdpOmd1/K73c3uF4yUpxgpC62smSw9Di7U+z0e3Z+BmwRYkQ+VLfzDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFpB9LhqeB6F2alMiWuIgW6/MjbqMB8GA1UdIwQY
MBaAFKsGyPIkfSIEHILlVWZ4geUPkVSrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdiSThpUjlJZ1FjZ3VWVlpuaUI1US1SVktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hOTRkZWEtMmZmYy00MDhkLWFhOWQt
MWFlMzZhNDQ2OWZkLzEvV2tIMHVHcDRIb1hacVV5SmE0aUJicjh5TnVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hOTRkZWEtMmZmYy00MDhkLWFhOWQtMWFlMzZhNDQ2OWZk
LzEvcXdiSThpUjlJZ1FjZ3VWVlpuaUI1US1SVktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYo0MA0E
AgACMAcDBQMqBwpAMA0GCSqGSIb3DQEBCwUAA4IBAQAMDKn20cVgpWzyMhvNDAlk
HnuOHUdLnIjk6IJMqong5pf8xH+mqTAXB1h925krQxOVPeJYD6aN8F5jSGrxr9KI
469pm2KjYG366bUZApud809qhk5lR+kpv3ZwdP9/LVUmjnW21eJvwQ3lbEd3O/e7
lH8krf8Z6qYpQl5CvnhP0ix4IXAJ/V95GSyFE/NtyuOr6U1Kig1oJsI9/kl9OVkf
kqtd6O73UxNh+9AG8C3T+/K1UI5qCr+S7yTUh/4Osx2YxKO1Dz0V61f/gGvxevVg
o+5rkw791Vv+FrEo1/u1jumhCI50EV5gN8RJeot70Rued1LDdcHXc7EAKWT9brf6
-----END CERTIFICATE-----
Generated at Fri Jun 28 11:23:05 2024 by rpki-client on console-fra.rpki-client.org