Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/wgxGNO46RH9-kVgeDy15-j7N6Ww.roa
File: wgxGNO46RH9-kVgeDy15-j7N6Ww.roa (raw, json)
Hash identifier: /VRM/1rwxazgJIglGcNF3HTK480/7UzQ4KG0r8NS94M=
Subject key identifier: C2:0C:46:34:EE:3A:44:7F:7E:91:58:1E:0F:2D:79:FA:3E:CD:E9:6C
Certificate issuer: /CN=d1ca67610286ab738f86ce935fdf5ed620f02d96
Certificate serial: 01942522266B5DF6106F181AED64058FFDF6
Authority key identifier: D1:CA:67:61:02:86:AB:73:8F:86:CE:93:5F:DF:5E:D6:20:F0:2D:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0cpnYQKGq3OPhs6TX99e1iDwLZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/wgxGNO46RH9-kVgeDy15-j7N6Ww.roa
Signing time: Thu 02 Jan 2025 03:49:42 +0000
ROA not before: Thu 02 Jan 2025 03:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207388
IP address blocks: 193.104.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 12 Jan 2025 21:20:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:26:6b:5d:f6:10:6f:18:1a:ed:64:05:8f:fd:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1ca67610286ab738f86ce935fdf5ed620f02d96
Validity
Not Before: Jan 2 03:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c20c4634ee3a447f7e91581e0f2d79fa3ecde96c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2f:f9:b7:ee:1b:1f:20:fd:fe:8a:9d:11:2e:
09:6c:51:b6:83:f2:89:ea:8e:90:59:c1:22:db:0f:
4e:6f:53:e4:b0:2a:2f:0d:a1:d4:77:eb:14:a0:17:
87:31:05:4c:4f:26:4f:f0:c2:b4:e3:d5:f7:e1:7c:
cc:9f:d6:84:49:ac:dd:c1:71:76:8c:6e:2c:2d:e3:
f8:f8:ba:10:0a:08:18:50:e1:c6:9b:b3:47:92:ba:
e1:1c:f1:32:f1:1f:62:20:29:bc:84:37:90:7b:1d:
f6:43:34:08:fd:48:b6:91:88:52:7f:b1:8a:ea:de:
32:f8:da:0c:b1:37:cd:49:c8:47:91:54:88:e2:7a:
2e:17:91:16:4d:5b:a7:ca:d4:4d:43:17:57:d2:d7:
15:50:b7:17:1f:55:ef:fd:fd:15:2c:cb:31:3f:18:
2c:49:ae:28:b5:8c:c2:92:4a:5d:66:bc:9d:da:ff:
30:74:3c:39:9b:95:cb:5f:e4:3f:6e:a1:0a:10:11:
08:41:93:1d:d5:db:db:b3:70:09:e9:2b:31:c5:3d:
03:53:fc:d4:28:18:37:b5:b1:cd:c5:3c:d3:22:33:
07:7d:dc:75:20:e7:97:f4:91:17:5b:2e:6c:74:6e:
5d:2b:1b:fb:94:dd:fa:d9:5e:67:ce:80:4b:75:d1:
b2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:0C:46:34:EE:3A:44:7F:7E:91:58:1E:0F:2D:79:FA:3E:CD:E9:6C
X509v3 Authority Key Identifier:
keyid:D1:CA:67:61:02:86:AB:73:8F:86:CE:93:5F:DF:5E:D6:20:F0:2D:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0cpnYQKGq3OPhs6TX99e1iDwLZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/wgxGNO46RH9-kVgeDy15-j7N6Ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.33.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:a0:7c:2d:4d:b2:72:e5:d8:c5:a7:51:e7:aa:ab:f4:67:4b:
41:4b:3f:4f:cf:5c:62:eb:0c:4c:cb:a1:b4:ab:a1:c7:05:f5:
95:27:3d:9c:2a:4f:19:60:d4:41:4a:0f:36:84:40:c3:e0:5f:
aa:e9:93:6f:fd:5a:4c:37:42:a7:99:4b:2e:54:dc:b8:cc:64:
7c:c9:0c:33:92:e9:74:cb:71:2d:bd:3f:a5:35:be:d5:5b:be:
1e:ca:36:ca:c1:2f:c1:40:96:5d:6c:16:09:25:b2:28:1a:f6:
a5:87:24:36:67:19:b4:e3:f4:20:00:ec:de:d8:2e:41:c6:f0:
89:a8:14:20:0b:e3:fa:ea:65:09:69:6f:23:cd:ec:8e:f3:be:
b2:bd:cb:03:ea:ab:99:a1:77:07:a1:4a:a5:a1:69:50:22:24:
99:23:a1:ec:5a:4e:33:84:13:c3:fb:3e:7a:5d:6d:36:93:54:
ac:9e:52:30:11:3c:74:48:08:13:ed:f2:ef:76:a5:f6:64:95:
a8:26:23:ed:51:4d:db:f1:0c:e2:0c:20:9d:0f:fb:74:44:d1:
52:22:90:b4:2f:dc:09:53:b4:7f:6d:d4:fe:03:7e:13:1b:1f:
fa:61:b5:13:f4:e2:1e:59:b5:2f:0d:16:5f:e8:30:49:c0:e5:
8f:4c:dc:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIiZrXfYQbxga7WQFj/32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2E2NzYxMDI4NmFiNzM4Zjg2Y2U5MzVmZGY1ZWQ2MjBm
MDJkOTYwHhcNMjUwMTAyMDM0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjBjNDYzNGVlM2E0NDdmN2U5MTU4MWUwZjJkNzlmYTNlY2RlOTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwS/5t+4bHyD9/oqdES4JbFG2g/KJ
6o6QWcEi2w9Ob1PksCovDaHUd+sUoBeHMQVMTyZP8MK049X34XzMn9aESazdwXF2
jG4sLeP4+LoQCggYUOHGm7NHkrrhHPEy8R9iICm8hDeQex32QzQI/Ui2kYhSf7GK
6t4y+NoMsTfNSchHkVSI4nouF5EWTVunytRNQxdX0tcVULcXH1Xv/f0VLMsxPxgs
Sa4otYzCkkpdZryd2v8wdDw5m5XLX+Q/bqEKEBEIQZMd1dvbs3AJ6SsxxT0DU/zU
KBg3tbHNxTzTIjMHfdx1IOeX9JEXWy5sdG5dKxv7lN362V5nzoBLddGyBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIMRjTuOkR/fpFYHg8tefo+zelsMB8GA1UdIwQY
MBaAFNHKZ2EChqtzj4bOk1/fXtYg8C2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNwbllRS0dxM09QaHM2VFg5OWUxaUR3TFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YTFhNjItZTQ4MS00YTE0LWFkNmUt
MzViZmY5NmRhNGM1LzEvd2d4R05PNDZSSDkta1ZnZUR5MTUtajdONld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YTFhNjItZTQ4MS00YTE0LWFkNmUtMzViZmY5NmRhNGM1
LzEvMGNwbllRS0dxM09QaHM2VFg5OWUxaUR3TFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWghMA0G
CSqGSIb3DQEBCwUAA4IBAQBeoHwtTbJy5djFp1Hnqqv0Z0tBSz9Pz1xi6wxMy6G0
q6HHBfWVJz2cKk8ZYNRBSg82hEDD4F+q6ZNv/VpMN0KnmUsuVNy4zGR8yQwzkul0
y3EtvT+lNb7VW74eyjbKwS/BQJZdbBYJJbIoGvalhyQ2Zxm04/QgAOze2C5BxvCJ
qBQgC+P66mUJaW8jzeyO876yvcsD6quZoXcHoUqloWlQIiSZI6HsWk4zhBPD+z56
XW02k1SsnlIwETx0SAgT7fLvdqX2ZJWoJiPtUU3b8QziDCCdD/t0RNFSIpC0L9wJ
U7R/bdT+A34TGx/6YbUT9OIeWbUvDRZf6DBJwOWPTNx7
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:26:33 2025 by rpki-client