Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/WBRUCw7U-K47pW5_v9dV6nfGZrc.roa
File: WBRUCw7U-K47pW5_v9dV6nfGZrc.roa (raw, json)
Hash identifier: +3z6hiUUNehtv0a30bwQCStj0KJ41lko7fCQ2kUQSGw=
Subject key identifier: 58:14:54:0B:0E:D4:F8:AE:3B:A5:6E:7F:BF:D7:55:EA:77:C6:66:B7
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0196E1B9783562589E803FE44C71B2A576F7
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/WBRUCw7U-K47pW5_v9dV6nfGZrc.roa
Signing time: Sun 18 May 2025 04:49:10 +0000
ROA not before: Sun 18 May 2025 04:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51396
IP address blocks: 89.251.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jun 2025 14:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e1:b9:78:35:62:58:9e:80:3f:e4:4c:71:b2:a5:76:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 18 04:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5814540b0ed4f8ae3ba56e7fbfd755ea77c666b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c9:1f:33:4f:47:ea:f0:85:48:16:df:1b:13:
d8:57:e6:16:6a:29:56:59:68:9e:bd:7c:d3:07:2c:
9b:c7:8c:49:75:10:69:45:21:32:ec:72:eb:f5:7f:
41:4d:3f:48:e2:58:b9:76:d9:8d:4b:f1:42:ea:50:
2c:2d:a8:16:e6:dc:fe:cc:5d:87:13:72:5f:a5:5e:
ee:34:22:1c:a3:0f:5c:7f:9b:00:83:e0:fd:c6:a9:
e6:b7:53:f8:4e:73:87:86:8c:25:d5:4b:e2:d3:6e:
af:5c:4b:e4:50:8b:81:86:05:6a:9b:58:4c:d6:e0:
71:10:ea:61:17:60:24:2a:6a:00:4c:93:f3:a5:cf:
6f:5c:40:f1:2d:5d:25:0d:2c:cb:d2:2e:8d:b7:49:
b5:53:6c:eb:8d:d8:d4:aa:12:4b:51:ed:32:86:d3:
2c:40:3b:81:5b:bd:a3:7b:e9:90:a0:b7:8b:96:fd:
05:3e:7a:e8:25:2d:e2:df:42:19:01:ae:75:6f:39:
5d:8e:5d:fd:c4:cf:3f:5f:c4:fc:ed:ac:71:08:54:
09:4c:fb:8a:dc:c7:a4:52:4c:c3:87:31:5e:a7:d0:
c8:f8:8b:c0:80:53:dd:a7:8a:bb:ef:3b:34:25:9c:
95:a0:bb:5d:2b:01:00:df:ba:cb:68:f3:f3:ed:5a:
19:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:14:54:0B:0E:D4:F8:AE:3B:A5:6E:7F:BF:D7:55:EA:77:C6:66:B7
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/WBRUCw7U-K47pW5_v9dV6nfGZrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.10.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:5b:4d:e8:75:5d:de:15:12:dd:fc:c8:81:cf:09:7f:4a:8f:
52:f7:c7:83:86:2f:d7:9c:d5:51:6c:9a:69:33:11:a5:36:3d:
b6:f8:a6:34:d2:d0:3f:f7:d6:0e:5b:e6:f9:c7:d2:3f:59:4c:
ef:64:f1:c2:32:f0:f8:bb:58:22:8d:ed:fe:dc:ea:78:a5:80:
b5:9d:fe:9f:24:6c:0d:77:5d:ec:58:55:f6:22:26:07:11:79:
db:15:5f:63:4d:0e:c2:1a:d2:e6:d9:f5:0c:fa:78:0a:02:77:
1b:55:08:2f:55:ff:31:ea:14:6b:b9:47:85:eb:2a:36:82:25:
dd:c7:3a:55:29:f4:ed:72:a9:06:86:2e:ec:76:21:fa:27:bd:
f1:74:50:58:c8:e1:47:fd:8e:63:aa:09:fb:b4:8d:b7:cf:80:
52:84:22:65:db:68:c9:25:63:74:c3:e4:9b:95:4c:b5:2a:b1:
e2:ce:96:d7:87:70:45:57:a3:f2:17:c1:93:8d:af:b8:02:d3:
05:bd:4a:9a:38:52:cb:84:61:1f:61:67:ba:45:56:2d:fd:5d:
c0:fa:ef:b8:80:7d:0d:f9:33:c3:55:fd:6c:08:df:79:c6:23:
ab:19:77:b7:b0:3a:56:69:c7:e7:48:f4:37:f2:76:c2:1e:72:
b8:cd:cc:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbhuXg1YliegD/kTHGypXb3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNTE4MDQ0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODE0NTQwYjBlZDRmOGFlM2JhNTZlN2ZiZmQ3NTVlYTc3YzY2NmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuckfM09H6vCFSBbfGxPYV+YWailW
WWievXzTByybx4xJdRBpRSEy7HLr9X9BTT9I4li5dtmNS/FC6lAsLagW5tz+zF2H
E3JfpV7uNCIcow9cf5sAg+D9xqnmt1P4TnOHhowl1Uvi026vXEvkUIuBhgVqm1hM
1uBxEOphF2AkKmoATJPzpc9vXEDxLV0lDSzL0i6Nt0m1U2zrjdjUqhJLUe0yhtMs
QDuBW72je+mQoLeLlv0FPnroJS3i30IZAa51bzldjl39xM8/X8T87axxCFQJTPuK
3MekUkzDhzFep9DI+IvAgFPdp4q77zs0JZyVoLtdKwEA37rLaPPz7VoZzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFgUVAsO1PiuO6Vuf7/XVep3xma3MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvV0JSVUN3N1UtSzQ3cFc1X3Y5ZFY2bmZHWnJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfsKMA0G
CSqGSIb3DQEBCwUAA4IBAQC3W03odV3eFRLd/MiBzwl/So9S98eDhi/XnNVRbJpp
MxGlNj22+KY00tA/99YOW+b5x9I/WUzvZPHCMvD4u1gije3+3Op4pYC1nf6fJGwN
d13sWFX2IiYHEXnbFV9jTQ7CGtLm2fUM+ngKAncbVQgvVf8x6hRruUeF6yo2giXd
xzpVKfTtcqkGhi7sdiH6J73xdFBYyOFH/Y5jqgn7tI23z4BShCJl22jJJWN0w+Sb
lUy1KrHizpbXh3BFV6PyF8GTja+4AtMFvUqaOFLLhGEfYWe6RVYt/V3A+u+4gH0N
+TPDVf1sCN95xiOrGXe3sDpWacfnSPQ38nbCHnK4zcwq
-----END CERTIFICATE-----
Generated at Fri Jun 20 12:11:04 2025 by rpki-client