Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/zWla3jZiXWHv7qOqoCL95CQW1Z8.roa
File: zWla3jZiXWHv7qOqoCL95CQW1Z8.roa (raw, json)
Hash identifier: hLWav8Rn6GURl+gtJByK2NeAj5pK0GaoFaVyF0Tgg0U=
Subject key identifier: CD:69:5A:DE:36:62:5D:61:EF:EE:A3:AA:A0:22:FD:E4:24:16:D5:9F
Certificate issuer: /CN=59e4d6fab77ac779f49bf6fc8ab81e23ad467576
Certificate serial: 0195D55BFA79F6D0D60E546CC3028BC0048B
Authority key identifier: 59:E4:D6:FA:B7:7A:C7:79:F4:9B:F6:FC:8A:B8:1E:23:AD:46:75:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WeTW-rd6x3n0m_b8irgeI61GdXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/zWla3jZiXWHv7qOqoCL95CQW1Z8.roa
Signing time: Thu 27 Mar 2025 02:08:49 +0000
ROA not before: Thu 27 Mar 2025 02:08:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9186
IP address blocks: 185.31.156.0/22 maxlen: 22
185.31.157.0/24 maxlen: 24
185.204.111.0/24 maxlen: 24
185.248.35.0/24 maxlen: 24
194.39.124.0/22 maxlen: 22
194.39.125.0/24 maxlen: 24
2a00:bc20::/32 maxlen: 32
2a05:df40::/29 maxlen: 29
2a10:7b40::/29 maxlen: 29
2a10:a4c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 28 Mar 2025 18:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d5:5b:fa:79:f6:d0:d6:0e:54:6c:c3:02:8b:c0:04:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59e4d6fab77ac779f49bf6fc8ab81e23ad467576
Validity
Not Before: Mar 27 02:08:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd695ade36625d61efeea3aaa022fde42416d59f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:52:c7:47:5a:7b:96:8f:a9:e2:05:2b:84:7d:
c7:a3:14:bc:23:b6:e3:b3:e5:8b:1b:ef:b1:e6:f1:
e9:bc:bd:7e:ba:df:de:39:30:5c:28:8f:27:6d:6b:
d4:14:2f:92:86:4a:cd:34:50:9e:2b:7a:b3:70:08:
cb:58:6b:26:b2:b7:cb:aa:8a:86:2d:77:01:63:50:
35:30:b4:60:8f:c0:3a:9e:b3:21:65:01:d6:54:44:
63:79:96:1a:34:fe:23:51:2b:89:f0:e6:25:96:cb:
5f:a4:7a:65:96:9d:87:9d:39:d5:d2:0a:0b:3e:c8:
0f:f4:74:dc:5d:67:c6:73:82:65:69:d3:1d:a4:db:
70:9d:20:f1:f4:f7:d9:e3:92:7f:33:3d:cb:23:83:
98:ed:04:f5:e4:61:b2:eb:78:8d:a2:aa:6e:ec:c4:
a5:a7:3c:c6:95:ff:03:c4:d0:9e:8e:0a:01:c0:67:
c9:e3:5b:85:84:0e:ec:6c:46:02:52:75:74:d6:1e:
4c:40:b8:93:85:6a:d6:34:e1:b4:d4:26:d0:74:c7:
2c:72:59:31:ba:29:01:df:db:bd:a5:c3:3b:3f:13:
51:15:10:16:85:be:55:3b:69:6c:2e:d1:68:cf:cd:
1c:eb:0e:1f:6c:3e:e8:bd:49:51:3d:42:05:fa:cc:
42:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:69:5A:DE:36:62:5D:61:EF:EE:A3:AA:A0:22:FD:E4:24:16:D5:9F
X509v3 Authority Key Identifier:
keyid:59:E4:D6:FA:B7:7A:C7:79:F4:9B:F6:FC:8A:B8:1E:23:AD:46:75:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WeTW-rd6x3n0m_b8irgeI61GdXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/zWla3jZiXWHv7qOqoCL95CQW1Z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/WeTW-rd6x3n0m_b8irgeI61GdXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.156.0/22
185.204.111.0/24
185.248.35.0/24
194.39.124.0/22
IPv6:
2a00:bc20::/32
2a05:df40::/29
2a10:7b40::/29
2a10:a4c0::/29
Signature Algorithm: sha256WithRSAEncryption
46:33:ac:3e:4b:87:9c:35:2d:ed:64:72:fc:fd:68:21:03:b4:
d2:cc:59:1c:be:64:44:6d:5b:9d:f5:28:59:ab:c0:94:8a:3c:
4a:62:fa:a3:85:df:57:fe:a6:be:b2:0a:73:3a:cd:6d:7f:45:
2e:f6:e3:be:93:e2:07:f1:5e:44:13:f4:6b:5e:96:89:77:30:
d1:b8:ac:61:13:cf:e0:f2:51:b9:b1:09:01:96:d6:f9:67:70:
55:9d:71:b1:c5:f5:da:36:b4:a2:ce:f0:65:e9:b4:36:4b:51:
f2:97:5b:bb:b2:b9:a0:fb:e7:b6:31:35:87:87:e7:46:c2:94:
f9:de:22:a6:99:c2:f3:11:60:61:aa:bc:c3:ea:f4:0f:37:ee:
79:60:61:5b:dc:4a:6b:99:9b:18:b6:88:37:5f:35:a7:8f:6f:
86:b2:5e:3a:9c:1e:48:ba:e7:4f:0f:82:22:6a:c1:bb:a3:0f:
0b:06:89:8c:17:3e:12:61:9d:24:36:c0:71:c3:c8:17:fb:8e:
42:27:10:a1:e8:56:10:c8:2d:3b:c0:91:cd:d6:c5:df:b3:4f:
07:59:e9:c7:1b:ef:5b:5b:45:b6:0b:dc:36:08:c7:8d:80:9e:
3d:86:3a:94:0b:25:86:c3:09:73:a9:2a:72:ee:f7:10:86:72:
5f:7d:74:1f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZXVW/p59tDWDlRswwKLwASLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZTRkNmZhYjc3YWM3NzlmNDliZjZmYzhhYjgxZTIzYWQ0
Njc1NzYwHhcNMjUwMzI3MDIwODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDY5NWFkZTM2NjI1ZDYxZWZlZWEzYWFhMDIyZmRlNDI0MTZkNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1LHR1p7lo+p4gUrhH3HoxS8I7bj
s+WLG++x5vHpvL1+ut/eOTBcKI8nbWvUFC+ShkrNNFCeK3qzcAjLWGsmsrfLqoqG
LXcBY1A1MLRgj8A6nrMhZQHWVERjeZYaNP4jUSuJ8OYllstfpHpllp2HnTnV0goL
PsgP9HTcXWfGc4JladMdpNtwnSDx9PfZ45J/Mz3LI4OY7QT15GGy63iNoqpu7MSl
pzzGlf8DxNCejgoBwGfJ41uFhA7sbEYCUnV01h5MQLiThWrWNOG01CbQdMcsclkx
uikB39u9pcM7PxNRFRAWhb5VO2lsLtFoz80c6w4fbD7ovUlRPUIF+sxC8wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFM1pWt42Yl1h7+6jqqAi/eQkFtWfMB8GA1UdIwQY
MBaAFFnk1vq3esd59Jv2/Iq4HiOtRnV2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2VUVy1yZDZ4M24wbV9iOGlyZ2VJNjFHZFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82NzQyMjUtYWM3Ny00N2EwLWFjZDEt
MjkzZmNhMmQ1MWVhLzEveldsYTNqWmlYV0h2N3FPcW9DTDk1Q1FXMVo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82NzQyMjUtYWM3Ny00N2EwLWFjZDEtMjkzZmNhMmQ1MWVh
LzEvV2VUVy1yZDZ4M24wbV9iOGlyZ2VJNjFHZFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAeBAIAATAYAwQCuR+cAwQA
ucxvAwQAufgjAwQCwid8MCIEAgACMBwDBQAqALwgAwUDKgXfQAMFAyoQe0ADBQMq
EKTAMA0GCSqGSIb3DQEBCwUAA4IBAQBGM6w+S4ecNS3tZHL8/WghA7TSzFkcvmRE
bVud9ShZq8CUijxKYvqjhd9X/qa+sgpzOs1tf0Uu9uO+k+IH8V5EE/RrXpaJdzDR
uKxhE8/g8lG5sQkBltb5Z3BVnXGxxfXaNrSizvBl6bQ2S1Hyl1u7srmg++e2MTWH
h+dGwpT53iKmmcLzEWBhqrzD6vQPN+55YGFb3EprmZsYtog3XzWnj2+Gsl46nB5I
uudPD4IiasG7ow8LBomMFz4SYZ0kNsBxw8gX+45CJxCh6FYQyC07wJHN1sXfs08H
WenHG+9bW0W2C9w2CMeNgJ49hjqUCyWGwwlzqSpy7vcQhnJffXQf
-----END CERTIFICATE-----
Generated at Fri May 2 01:50:47 2025 by rpki-client