Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/Wx2k7qMbWRM6gJTG_VoDwPZSYYQ.roa
File: Wx2k7qMbWRM6gJTG_VoDwPZSYYQ.roa (raw, json)
Hash identifier: PCitoAh9jB/nr/kRjo7/WnM1wtH35v95GYunxxeVNRs=
Subject key identifier: 5B:1D:A4:EE:A3:1B:59:13:3A:80:94:C6:FD:5A:03:C0:F6:52:61:84
Certificate issuer: /CN=5b6d178f13851306b5634df159716319f4d82478
Certificate serial: 01935131ABF2EDA2F5AB9055A32ACDAEE51B
Authority key identifier: 5B:6D:17:8F:13:85:13:06:B5:63:4D:F1:59:71:63:19:F4:D8:24:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W20XjxOFEwa1Y03xWXFjGfTYJHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/Wx2k7qMbWRM6gJTG_VoDwPZSYYQ.roa
Signing time: Fri 22 Nov 2024 00:07:09 +0000
ROA not before: Fri 22 Nov 2024 00:07:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207459
IP address blocks: 80.253.254.0/24 maxlen: 32
80.253.255.0/24 maxlen: 32
91.217.119.0/24 maxlen: 32
193.31.117.0/24 maxlen: 32
213.142.132.0/24 maxlen: 24
213.142.133.0/24 maxlen: 24
213.142.134.0/24 maxlen: 24
213.142.149.0/24 maxlen: 24
213.142.150.0/24 maxlen: 32
213.142.156.0/24 maxlen: 24
2a0e:36c0::/29 maxlen: 32
2a0e:36c0::/32 maxlen: 32
2a0e:36c1::/32 maxlen: 32
2a0e:36c2::/32 maxlen: 32
2a0e:36c3::/32 maxlen: 32
2a0e:36c4::/32 maxlen: 32
2a0e:36c5::/32 maxlen: 32
2a0e:36c6::/32 maxlen: 32
2a0e:36c6:ff80::/48 maxlen: 48
2a0e:36c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:51:31:ab:f2:ed:a2:f5:ab:90:55:a3:2a:cd:ae:e5:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b6d178f13851306b5634df159716319f4d82478
Validity
Not Before: Nov 22 00:07:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b1da4eea31b59133a8094c6fd5a03c0f6526184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8a:36:a6:4d:30:e8:81:67:95:33:43:c1:8b:
c9:ba:3e:95:04:9a:ec:b4:9b:38:99:c8:43:de:14:
79:44:c6:f4:ef:fb:82:55:50:fe:77:21:21:be:f1:
89:78:70:07:a6:e3:4a:4c:59:d7:7a:61:e2:3b:78:
62:b2:f0:36:d2:c6:d7:21:7f:fc:6e:67:49:77:a5:
fc:4e:c7:9a:fc:d3:09:79:2b:34:dd:1c:24:73:10:
af:04:c6:e0:e6:b0:f6:ff:0c:e6:bb:5e:23:7d:d1:
0d:a5:08:28:51:f6:93:96:27:d1:1e:6a:80:d3:9b:
07:4e:60:79:ed:e3:c4:93:52:56:a3:c6:77:53:16:
14:e1:bb:ce:2f:cb:e0:67:ed:a6:ab:79:f4:b8:8a:
5f:8f:2c:95:ae:e6:c2:07:b6:20:28:f1:cd:3c:19:
d3:6f:4d:98:06:2b:e3:6a:f2:83:74:c3:df:7c:d1:
fa:52:7b:94:f0:c7:a8:63:e8:39:84:db:ba:11:22:
cb:cc:03:5a:eb:23:96:e3:44:e5:b2:e6:32:1a:0d:
5c:5b:44:a6:e3:c6:ae:2c:5b:c5:7a:73:b4:e1:8e:
fd:84:27:6e:84:63:35:aa:c1:ab:ac:77:d9:83:97:
bd:31:c2:e3:0e:41:5e:a7:fd:04:ae:ba:14:8a:01:
93:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:1D:A4:EE:A3:1B:59:13:3A:80:94:C6:FD:5A:03:C0:F6:52:61:84
X509v3 Authority Key Identifier:
keyid:5B:6D:17:8F:13:85:13:06:B5:63:4D:F1:59:71:63:19:F4:D8:24:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W20XjxOFEwa1Y03xWXFjGfTYJHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/Wx2k7qMbWRM6gJTG_VoDwPZSYYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/W20XjxOFEwa1Y03xWXFjGfTYJHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.254.0/23
91.217.119.0/24
193.31.117.0/24
213.142.132.0-213.142.134.255
213.142.149.0-213.142.150.255
213.142.156.0/24
IPv6:
2a0e:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
4f:4b:23:5d:e0:86:12:3f:d6:84:09:5d:b1:6d:39:10:fb:c0:
96:16:01:02:9e:4a:78:38:97:7a:37:36:4c:8b:83:fb:bb:87:
9c:35:3d:90:6b:09:04:97:02:e6:53:8e:5e:23:0a:4b:4e:51:
57:09:e9:90:78:b4:dd:df:e8:79:c2:27:13:b1:ba:b0:77:66:
a7:11:e9:03:45:75:6b:56:ef:7b:54:d4:dd:c4:86:39:91:67:
be:15:72:56:52:0a:9c:fd:07:2d:3f:14:98:5b:14:10:37:51:
f6:0c:ec:a2:1f:19:58:c6:75:3b:d6:42:1d:45:59:ae:d8:e1:
0c:8d:ad:5d:17:f9:ad:f0:e6:89:52:eb:4a:9d:7c:2b:cf:b9:
7a:ef:cc:7f:d4:73:e3:15:fa:9a:73:90:1d:9e:a8:dd:a5:a9:
71:36:b8:ae:37:a6:8a:5b:0c:b7:46:b1:76:a7:18:47:e7:79:
30:d0:ca:88:bf:8e:33:c9:51:b1:e5:32:91:99:9d:df:fd:77:
43:3c:f8:0b:b4:32:1d:c5:fb:2d:b0:da:9f:9f:96:fd:5c:49:
ca:43:49:d0:c1:18:7e:5f:53:d1:d7:b4:2a:be:46:5e:e1:07:
fa:36:cf:58:10:fe:36:43:8b:99:be:49:a9:e7:04:e2:66:77:
8f:2c:04:be
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZNRMavy7aL1q5BVoyrNruUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNmQxNzhmMTM4NTEzMDZiNTYzNGRmMTU5NzE2MzE5ZjRk
ODI0NzgwHhcNMjQxMTIyMDAwNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjFkYTRlZWEzMWI1OTEzM2E4MDk0YzZmZDVhMDNjMGY2NTI2MTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoo2pk0w6IFnlTNDwYvJuj6VBJrs
tJs4mchD3hR5RMb07/uCVVD+dyEhvvGJeHAHpuNKTFnXemHiO3hisvA20sbXIX/8
bmdJd6X8Tsea/NMJeSs03RwkcxCvBMbg5rD2/wzmu14jfdENpQgoUfaTlifRHmqA
05sHTmB57ePEk1JWo8Z3UxYU4bvOL8vgZ+2mq3n0uIpfjyyVrubCB7YgKPHNPBnT
b02YBivjavKDdMPffNH6UnuU8MeoY+g5hNu6ESLLzANa6yOW40TlsuYyGg1cW0Sm
48auLFvFenO04Y79hCduhGM1qsGrrHfZg5e9McLjDkFep/0ErroUigGTqQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFFsdpO6jG1kTOoCUxv1aA8D2UmGEMB8GA1UdIwQY
MBaAFFttF48ThRMGtWNN8VlxYxn02CR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzIwWGp4T0ZFd2ExWTAzeFdYRmpHZlRZSkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hMWM2ZWMtYzI2MC00Y2EyLTg4N2It
NGJiOTRjYmMyZTczLzEvV3gyazdxTWJXUk02Z0pUR19Wb0R3UFpTWVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hMWM2ZWMtYzI2MC00Y2EyLTg4N2ItNGJiOTRjYmMyZTcz
LzEvVzIwWGp4T0ZFd2ExWTAzeFdYRmpHZlRZSkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0AwQBUP3+AwQA
W9l3AwQAwR91MAwDBALVjoQDBADVjoYwDAMEANWOlQMEANWOlgMEANWOnDANBAIA
AjAHAwUDKg42wDANBgkqhkiG9w0BAQsFAAOCAQEAT0sjXeCGEj/WhAldsW05EPvA
lhYBAp5KeDiXejc2TIuD+7uHnDU9kGsJBJcC5lOOXiMKS05RVwnpkHi03d/oecIn
E7G6sHdmpxHpA0V1a1bve1TU3cSGOZFnvhVyVlIKnP0HLT8UmFsUEDdR9gzsoh8Z
WMZ1O9ZCHUVZrtjhDI2tXRf5rfDmiVLrSp18K8+5eu/Mf9Rz4xX6mnOQHZ6o3aWp
cTa4rjemilsMt0axdqcYR+d5MNDKiL+OM8lRseUykZmd3/13Qzz4C7QyHcX7LbDa
n5+W/VxJykNJ0MEYfl9T0de0Kr5GXuEH+jbPWBD+NkOLmb5JqecE4mZ3jywEvg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:26 2025 by rpki-client