Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/wxyrrDLlFbcq3MDOBn-S3rcw4YU.roa
File: wxyrrDLlFbcq3MDOBn-S3rcw4YU.roa (raw, json)
Hash identifier: lJ5R6h7CLpjAvpvOiTl4qamM3pxkRbRi1moWghkIPtQ=
Subject key identifier: C3:1C:AB:AC:32:E5:15:B7:2A:DC:C0:CE:06:7F:92:DE:B7:30:E1:85
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 01970B4A67F3A961937E84B1E79A2421BD2C
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/wxyrrDLlFbcq3MDOBn-S3rcw4YU.roa
Signing time: Mon 26 May 2025 06:31:54 +0000
ROA not before: Mon 26 May 2025 06:31:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209341
IP address blocks: 65.181.113.0/24 maxlen: 24
192.250.229.0/24 maxlen: 24
192.250.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jun 2025 11:06:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0b:4a:67:f3:a9:61:93:7e:84:b1:e7:9a:24:21:bd:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: May 26 06:31:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c31cabac32e515b72adcc0ce067f92deb730e185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7d:64:cf:89:94:66:cd:e9:9f:c3:ba:e4:7a:
84:49:05:8e:ef:22:d7:e5:04:34:25:12:89:3a:34:
ef:a0:1f:98:b2:9e:1b:c0:4e:30:b4:be:22:0a:ad:
c1:ba:8c:56:e6:e7:c3:3b:48:16:54:ab:01:bf:b6:
89:c5:df:bc:1b:ba:7d:c3:27:56:56:9a:64:d7:62:
9d:c2:69:43:ae:d8:23:e3:bc:b2:b3:62:22:3b:1d:
c5:2c:fb:57:13:17:e8:7b:d3:2f:4f:4a:f3:2c:79:
df:15:1e:ed:8a:3a:53:a2:d3:e4:4c:c4:db:a2:e0:
95:90:9d:ab:ca:c7:e5:2b:ec:42:3b:85:b3:33:98:
05:4e:30:4b:18:00:4e:69:1f:40:bd:12:bd:58:e4:
d0:3c:cd:1d:55:46:2d:cc:af:20:16:9e:e2:80:f1:
27:77:0c:39:ac:77:ae:b9:d1:0c:26:16:71:72:92:
e1:4a:0d:c8:67:da:6c:0e:c0:0f:98:35:05:de:64:
40:cf:37:d6:13:0a:91:d3:d8:c6:be:3f:84:58:16:
08:5c:70:05:f3:b2:cc:dd:be:11:69:0c:bd:72:98:
f1:18:e5:61:ef:5a:df:c1:5c:5f:cc:0f:9e:ba:fd:
f9:48:4a:c3:b0:fe:71:0f:5b:bc:47:d2:82:ae:d9:
85:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:1C:AB:AC:32:E5:15:B7:2A:DC:C0:CE:06:7F:92:DE:B7:30:E1:85
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/wxyrrDLlFbcq3MDOBn-S3rcw4YU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.181.113.0/24
192.250.229.0-192.250.230.255
Signature Algorithm: sha256WithRSAEncryption
02:54:b6:97:92:dd:6a:47:c9:16:02:c6:c7:32:1b:17:cf:58:
7b:d7:b3:84:5b:8d:2a:18:ca:eb:91:26:4f:b5:21:85:8b:14:
b7:fa:a8:dc:9f:26:7c:78:79:ff:e4:26:a5:01:15:62:7a:ab:
48:23:bd:9a:cc:0d:aa:0b:da:f4:34:8e:dc:27:b2:65:38:b0:
a9:f4:85:31:a1:8a:9e:b1:81:5d:a9:e0:20:8e:e7:90:5a:2a:
47:25:ed:d2:e9:0b:23:7f:6e:dd:39:23:77:97:30:b8:4e:9b:
2e:fe:d4:b6:5f:b0:73:88:96:49:e5:d9:01:f3:a5:37:06:6f:
8c:3d:a3:14:e9:3a:0a:cb:ba:60:39:5d:c0:5c:c9:a8:90:b9:
b4:74:f4:77:93:a4:f2:6d:7c:a3:09:d0:00:41:6e:7f:11:ff:
c7:f7:e9:33:79:b7:6a:5d:d5:7b:dc:f3:16:b3:52:94:cb:b4:
93:29:24:82:ae:05:12:c6:fa:41:e9:79:ae:89:79:95:1c:a9:
81:32:52:7d:8b:c2:16:c9:de:ed:c7:bc:a9:1f:c8:10:a1:32:
5b:1e:39:7b:be:b1:bf:39:9d:41:22:09:5b:74:7e:19:3a:a9:
b2:51:b1:8d:6b:b2:67:ee:cc:62:1f:bc:15:7b:3e:3e:a6:f2:
29:40:58:fb
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZcLSmfzqWGTfoSx55okIb0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwNTI2MDYzMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzFjYWJhYzMyZTUxNWI3MmFkY2MwY2UwNjdmOTJkZWI3MzBlMTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsX1kz4mUZs3pn8O65HqESQWO7yLX
5QQ0JRKJOjTvoB+Ysp4bwE4wtL4iCq3BuoxW5ufDO0gWVKsBv7aJxd+8G7p9wydW
Vppk12KdwmlDrtgj47yys2IiOx3FLPtXExfoe9MvT0rzLHnfFR7tijpTotPkTMTb
ouCVkJ2rysflK+xCO4WzM5gFTjBLGABOaR9AvRK9WOTQPM0dVUYtzK8gFp7igPEn
dww5rHeuudEMJhZxcpLhSg3IZ9psDsAPmDUF3mRAzzfWEwqR09jGvj+EWBYIXHAF
87LM3b4RaQy9cpjxGOVh71rfwVxfzA+euv35SErDsP5xD1u8R9KCrtmFjwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMMcq6wy5RW3KtzAzgZ/kt63MOGFMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvd3h5cnJETGxGYmNxM01ET0JuLVMzcmN3NFlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAQbVxMAwD
BADA+uUDBADA+uYwDQYJKoZIhvcNAQELBQADggEBAAJUtpeS3WpHyRYCxscyGxfP
WHvXs4RbjSoYyuuRJk+1IYWLFLf6qNyfJnx4ef/kJqUBFWJ6q0gjvZrMDaoL2vQ0
jtwnsmU4sKn0hTGhip6xgV2p4CCO55BaKkcl7dLpCyN/bt05I3eXMLhOmy7+1LZf
sHOIlknl2QHzpTcGb4w9oxTpOgrLumA5XcBcyaiQubR09HeTpPJtfKMJ0ABBbn8R
/8f36TN5t2pd1Xvc8xazUpTLtJMpJIKuBRLG+kHpea6JeZUcqYEyUn2LwhbJ3u3H
vKkfyBChMlseOXu+sb85nUEiCVt0fhk6qbJRsY1rsmfuzGIfvBV7Pj6m8ilAWPs=
-----END CERTIFICATE-----
Generated at Fri Jun 20 21:20:02 2025 by rpki-client