Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/wy1EWWYgzAAjByqdDTIUTkSUnvc.roa
File: wy1EWWYgzAAjByqdDTIUTkSUnvc.roa (raw, json)
Hash identifier: bT4W2j64n0/E7F0PZI5Fl2jOCHKq6sRlecci1JgKtyo=
Subject key identifier: C3:2D:44:59:66:20:CC:00:23:07:2A:9D:0D:32:14:4E:44:94:9E:F7
Certificate issuer: /CN=c3c61b51ebc84180f0a6b232e87df9d61c90faab
Certificate serial: 0190FF595BC11FA59810972C383EBFE7ADB8
Authority key identifier: C3:C6:1B:51:EB:C8:41:80:F0:A6:B2:32:E8:7D:F9:D6:1C:90:FA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8YbUevIQYDwprIy6H351hyQ-qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/wy1EWWYgzAAjByqdDTIUTkSUnvc.roa
Signing time: Mon 29 Jul 2024 16:36:04 +0000
ROA not before: Mon 29 Jul 2024 16:36:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52142
IP address blocks: 46.174.176.0/24 maxlen: 24
46.174.177.0/24 maxlen: 24
46.174.178.0/24 maxlen: 24
46.174.179.0/24 maxlen: 24
46.174.180.0/24 maxlen: 24
46.174.181.0/24 maxlen: 24
46.174.182.0/24 maxlen: 24
46.174.183.0/24 maxlen: 24
91.210.128.0/24 maxlen: 24
91.210.129.0/24 maxlen: 24
185.16.144.0/24 maxlen: 24
185.16.145.0/24 maxlen: 24
185.16.146.0/24 maxlen: 24
195.69.80.0/22 maxlen: 22
2a03:c940::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 30 Jul 2024 14:08:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ff:59:5b:c1:1f:a5:98:10:97:2c:38:3e:bf:e7:ad:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c61b51ebc84180f0a6b232e87df9d61c90faab
Validity
Not Before: Jul 29 16:36:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c32d44596620cc0023072a9d0d32144e44949ef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f1:35:e9:9b:97:d0:30:80:92:2c:b2:b0:47:
f6:ca:b8:df:72:af:74:c0:78:09:cb:3e:37:f9:ac:
f4:44:9e:99:a7:de:9c:ea:6e:6e:fa:45:ad:62:de:
fd:9b:cc:18:d6:77:f5:5e:a0:47:18:b6:87:7e:bf:
94:39:8d:c7:84:fe:7c:f6:f3:87:ec:80:bc:2c:5d:
4b:40:46:eb:00:b9:94:2d:32:67:0b:b1:75:e4:6f:
5e:72:38:a0:7a:cb:59:7a:42:8c:cb:0d:c4:b5:c0:
cf:75:e8:56:e4:dd:b8:99:eb:de:9c:1e:d7:6c:c4:
3a:28:4a:e8:bf:c6:db:6d:9c:49:d7:b7:b0:ab:4e:
6d:44:28:78:36:59:84:33:7b:d8:da:97:bb:7e:9d:
1c:03:00:0b:28:a4:a6:11:46:c9:5f:23:29:79:60:
d5:4a:a4:01:de:40:41:6e:d0:4a:48:82:1c:eb:42:
13:38:0d:9d:dc:13:6c:2d:c8:8b:67:81:7f:b6:d4:
37:a1:27:cf:7d:1a:ac:c8:f8:d2:47:2b:a1:2e:50:
7b:2e:9f:69:bc:ee:c7:39:e3:61:c3:2c:7c:96:cb:
2e:c4:79:d7:3c:cb:cc:cc:e8:95:77:43:c5:73:52:
d4:a3:96:72:6f:bb:7d:67:4c:a5:9f:52:74:83:dc:
e2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:2D:44:59:66:20:CC:00:23:07:2A:9D:0D:32:14:4E:44:94:9E:F7
X509v3 Authority Key Identifier:
keyid:C3:C6:1B:51:EB:C8:41:80:F0:A6:B2:32:E8:7D:F9:D6:1C:90:FA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8YbUevIQYDwprIy6H351hyQ-qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/wy1EWWYgzAAjByqdDTIUTkSUnvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/w8YbUevIQYDwprIy6H351hyQ-qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.176.0/21
91.210.128.0/23
185.16.144.0-185.16.146.255
195.69.80.0/22
IPv6:
2a03:c940::/32
Signature Algorithm: sha256WithRSAEncryption
8b:d9:51:11:ee:66:23:fa:0d:08:59:5a:7c:47:f3:2b:b9:ca:
32:ea:49:d7:2d:9a:1e:cb:8f:9f:77:05:d4:fc:16:a2:a8:f5:
fa:7b:8b:82:8a:5a:14:48:b8:56:65:59:2c:dd:50:74:e2:86:
73:22:71:9b:22:31:ff:d5:0c:c3:ec:af:57:4d:58:50:21:ac:
47:7b:ae:e3:5a:44:e5:f4:a0:41:43:d8:f0:63:13:46:1c:6a:
90:1c:6f:a3:1d:86:31:e9:ad:37:94:77:8c:c0:a6:1e:7d:75:
31:1b:f3:95:9a:00:ed:16:85:60:46:ab:bc:5d:84:1e:15:16:
cb:34:c3:d7:ac:87:9a:c2:9d:50:70:25:b3:c7:c0:93:6e:de:
77:c6:c1:a8:d2:93:58:3d:96:72:0d:b7:d4:d6:ef:cb:b0:f1:
00:9b:ac:fc:4c:ef:c6:40:04:0f:41:f8:a0:6a:7a:fd:aa:37:
f7:f3:11:fc:99:fa:ab:55:c3:a7:7a:f3:59:56:e3:d0:3d:19:
32:f0:5a:7d:a3:9e:d1:7d:b5:7b:46:d5:f7:80:a9:8a:60:7e:
81:42:91:4d:cf:b7:32:0e:81:03:8b:f2:85:d2:72:6c:ff:b5:
a6:a7:82:e7:41:56:3e:51:bb:01:18:3d:76:ba:38:81:5f:bc:
1e:9f:d5:ed
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZD/WVvBH6WYEJcsOD6/5624MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzYxYjUxZWJjODQxODBmMGE2YjIzMmU4N2RmOWQ2MWM5
MGZhYWIwHhcNMjQwNzI5MTYzNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzJkNDQ1OTY2MjBjYzAwMjMwNzJhOWQwZDMyMTQ0ZTQ0OTQ5ZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/E16ZuX0DCAkiyysEf2yrjfcq90
wHgJyz43+az0RJ6Zp96c6m5u+kWtYt79m8wY1nf1XqBHGLaHfr+UOY3HhP589vOH
7IC8LF1LQEbrALmULTJnC7F15G9ecjigestZekKMyw3EtcDPdehW5N24mevenB7X
bMQ6KErov8bbbZxJ17ewq05tRCh4NlmEM3vY2pe7fp0cAwALKKSmEUbJXyMpeWDV
SqQB3kBBbtBKSIIc60ITOA2d3BNsLciLZ4F/ttQ3oSfPfRqsyPjSRyuhLlB7Lp9p
vO7HOeNhwyx8lssuxHnXPMvMzOiVd0PFc1LUo5Zyb7t9Z0yln1J0g9ziTQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFMMtRFlmIMwAIwcqnQ0yFE5ElJ73MB8GA1UdIwQY
MBaAFMPGG1HryEGA8KayMuh9+dYckPqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhZYlVldklRWUR3cHJJeTZIMzUxaHlRLXFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS83YWFkYWItOTU5YS00NjYzLWI5MzUt
OGY5ODI3MzQ0NzkwLzEvd3kxRVdXWWd6QUFqQnlxZERUSVVUa1NVbnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS83YWFkYWItOTU5YS00NjYzLWI5MzUtOGY5ODI3MzQ0Nzkw
LzEvdzhZYlVldklRWUR3cHJJeTZIMzUxaHlRLXFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQDLq6wAwQB
W9KAMAwDBAS5EJADBAC5EJIDBALDRVAwDQQCAAIwBwMFACoDyUAwDQYJKoZIhvcN
AQELBQADggEBAIvZURHuZiP6DQhZWnxH8yu5yjLqSdctmh7Lj593BdT8FqKo9fp7
i4KKWhRIuFZlWSzdUHTihnMicZsiMf/VDMPsr1dNWFAhrEd7ruNaROX0oEFD2PBj
E0YcapAcb6MdhjHprTeUd4zAph59dTEb85WaAO0WhWBGq7xdhB4VFss0w9esh5rC
nVBwJbPHwJNu3nfGwajSk1g9lnINt9TW78uw8QCbrPxM78ZABA9B+KBqev2qN/fz
EfyZ+qtVw6d681lW49A9GTLwWn2jntF9tXtG1feAqYpgfoFCkU3PtzIOgQOL8oXS
cmz/taangudBVj5RuwEYPXa6OIFfvB6f1e0=
-----END CERTIFICATE-----
Generated at Fri May 16 14:36:11 2025 by rpki-client