Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/t6YANhKi7QiNaW-OmYa5b7MDSqI.roa
File: t6YANhKi7QiNaW-OmYa5b7MDSqI.roa (raw, json)
Hash identifier: lrOV+nFDazUHWJlLpKx3AR3ylyF8mYBlymbJxuR/IUg=
Subject key identifier: B7:A6:00:36:12:A2:ED:08:8D:69:6F:8E:99:86:B9:6F:B3:03:4A:A2
Certificate issuer: /CN=59e4d6fab77ac779f49bf6fc8ab81e23ad467576
Certificate serial: 0194F730DFE545A35195E1AF2FA1E1ACDE6D
Authority key identifier: 59:E4:D6:FA:B7:7A:C7:79:F4:9B:F6:FC:8A:B8:1E:23:AD:46:75:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WeTW-rd6x3n0m_b8irgeI61GdXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/t6YANhKi7QiNaW-OmYa5b7MDSqI.roa
Signing time: Tue 11 Feb 2025 22:46:02 +0000
ROA not before: Tue 11 Feb 2025 22:46:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59787
IP address blocks: 62.233.41.0/24 maxlen: 24
185.31.156.0/22 maxlen: 22
185.31.156.0/24 maxlen: 24
185.31.157.0/24 maxlen: 24
185.31.158.0/24 maxlen: 24
185.31.159.0/24 maxlen: 24
185.204.111.0/24 maxlen: 24
185.248.35.0/24 maxlen: 24
2a05:df40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:13:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f7:30:df:e5:45:a3:51:95:e1:af:2f:a1:e1:ac:de:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59e4d6fab77ac779f49bf6fc8ab81e23ad467576
Validity
Not Before: Feb 11 22:46:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7a6003612a2ed088d696f8e9986b96fb3034aa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:31:a7:b6:a9:db:c2:0b:1d:62:41:9d:2d:5a:
ff:0d:4f:ee:68:43:a5:73:e6:4f:82:d0:e3:a1:82:
34:6c:52:37:1b:e9:81:23:3e:ec:ae:8a:4b:8c:cb:
c0:14:37:2e:63:c1:68:1b:98:78:58:d0:57:62:da:
fc:39:58:df:5c:bf:a2:12:6b:64:a3:68:af:52:a6:
b7:cb:29:d2:ac:76:58:0d:3a:fa:e6:33:66:d3:b5:
a1:f5:da:4b:e9:85:f7:e2:71:e2:ac:ea:60:73:26:
04:e4:1a:0c:de:cc:5e:7f:d0:84:41:53:57:e9:fe:
00:b2:63:73:62:92:b6:59:59:6f:05:8a:f3:f3:e2:
d7:24:78:5f:a8:70:91:49:31:52:f3:0d:47:45:bf:
6f:6e:a6:05:88:08:cf:7d:07:23:56:6d:90:0f:14:
c0:dd:d5:64:a7:66:47:4c:6e:5a:49:ae:e4:f0:9f:
23:19:60:29:0a:07:8f:4c:f8:64:97:be:fc:e1:e5:
cc:ac:16:84:cf:fa:e6:ad:fa:90:8b:b7:e1:a6:21:
c4:d8:76:9a:17:fc:7a:bf:c9:29:2e:8b:0f:cb:ba:
d8:55:24:53:14:8b:01:dd:40:b4:80:4b:69:ca:3e:
d2:6c:11:57:ce:f2:78:56:4a:d3:30:32:d9:d2:f5:
54:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:A6:00:36:12:A2:ED:08:8D:69:6F:8E:99:86:B9:6F:B3:03:4A:A2
X509v3 Authority Key Identifier:
keyid:59:E4:D6:FA:B7:7A:C7:79:F4:9B:F6:FC:8A:B8:1E:23:AD:46:75:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WeTW-rd6x3n0m_b8irgeI61GdXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/t6YANhKi7QiNaW-OmYa5b7MDSqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/WeTW-rd6x3n0m_b8irgeI61GdXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.41.0/24
185.31.156.0/22
185.204.111.0/24
185.248.35.0/24
IPv6:
2a05:df40::/29
Signature Algorithm: sha256WithRSAEncryption
54:df:39:21:b1:62:c9:e4:0a:61:e7:c1:af:09:ea:bf:37:20:
25:4a:9f:42:02:89:65:61:a8:2b:b7:fb:64:45:f6:ca:7f:ba:
14:ea:17:7c:3b:5a:d6:8e:1b:e9:06:fa:5e:ef:f8:73:f7:79:
ce:52:d1:82:16:6a:40:d4:66:0d:01:a2:60:62:d8:4f:bc:6e:
1f:e4:7a:36:38:c0:3f:f7:35:bf:77:b2:d8:0c:d7:4b:e6:ff:
fd:d1:b0:7e:02:0f:a7:bf:97:27:02:81:5a:73:53:9c:e3:04:
b8:a9:0e:52:35:dd:c4:48:ea:1e:03:a1:0a:23:b5:00:ee:5c:
42:31:0a:c7:4f:78:66:38:17:25:a0:ab:24:41:77:48:90:d2:
eb:31:a4:ec:11:7a:ca:88:ec:7c:4a:06:30:84:a2:04:53:f7:
e4:a3:61:46:d4:6c:3b:59:b3:c1:ad:55:67:89:7a:67:c6:2f:
57:18:f8:64:a3:3a:dc:4f:cb:15:6e:21:d7:8b:ef:b4:4b:80:
de:d8:78:a0:54:a7:69:c5:90:28:21:38:f8:b9:9a:11:10:08:
99:6e:fb:99:97:d0:9f:3b:0b:43:d2:cc:ae:a6:fd:b3:f8:b2:
6f:07:18:ee:09:51:38:72:24:44:7e:05:c2:b0:32:bd:5e:c2:
5a:96:ca:7e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZT3MN/lRaNRleGvL6HhrN5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZTRkNmZhYjc3YWM3NzlmNDliZjZmYzhhYjgxZTIzYWQ0
Njc1NzYwHhcNMjUwMjExMjI0NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2E2MDAzNjEyYTJlZDA4OGQ2OTZmOGU5OTg2Yjk2ZmIzMDM0YWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzGntqnbwgsdYkGdLVr/DU/uaEOl
c+ZPgtDjoYI0bFI3G+mBIz7sropLjMvAFDcuY8FoG5h4WNBXYtr8OVjfXL+iEmtk
o2ivUqa3yynSrHZYDTr65jNm07Wh9dpL6YX34nHirOpgcyYE5BoM3sxef9CEQVNX
6f4AsmNzYpK2WVlvBYrz8+LXJHhfqHCRSTFS8w1HRb9vbqYFiAjPfQcjVm2QDxTA
3dVkp2ZHTG5aSa7k8J8jGWApCgePTPhkl7784eXMrBaEz/rmrfqQi7fhpiHE2Haa
F/x6v8kpLosPy7rYVSRTFIsB3UC0gEtpyj7SbBFXzvJ4VkrTMDLZ0vVUzQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLemADYSou0IjWlvjpmGuW+zA0qiMB8GA1UdIwQY
MBaAFFnk1vq3esd59Jv2/Iq4HiOtRnV2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2VUVy1yZDZ4M24wbV9iOGlyZ2VJNjFHZFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82NzQyMjUtYWM3Ny00N2EwLWFjZDEt
MjkzZmNhMmQ1MWVhLzEvdDZZQU5oS2k3UWlOYVctT21ZYTViN01EU3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82NzQyMjUtYWM3Ny00N2EwLWFjZDEtMjkzZmNhMmQ1MWVh
LzEvV2VUVy1yZDZ4M24wbV9iOGlyZ2VJNjFHZFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAPukpAwQC
uR+cAwQAucxvAwQAufgjMA0EAgACMAcDBQMqBd9AMA0GCSqGSIb3DQEBCwUAA4IB
AQBU3zkhsWLJ5Aph58GvCeq/NyAlSp9CAollYagrt/tkRfbKf7oU6hd8O1rWjhvp
Bvpe7/hz93nOUtGCFmpA1GYNAaJgYthPvG4f5Ho2OMA/9zW/d7LYDNdL5v/90bB+
Ag+nv5cnAoFac1Oc4wS4qQ5SNd3ESOoeA6EKI7UA7lxCMQrHT3hmOBcloKskQXdI
kNLrMaTsEXrKiOx8SgYwhKIEU/fko2FG1Gw7WbPBrVVniXpnxi9XGPhkozrcT8sV
biHXi++0S4De2HigVKdpxZAoITj4uZoREAiZbvuZl9CfOwtD0syupv2z+LJvBxju
CVE4ciREfgXCsDK9XsJalsp+
-----END CERTIFICATE-----
Generated at Thu May 1 22:29:19 2025 by rpki-client