Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/8ef162-e840-4a15-aba6-9e0898f4450c/1/WKfEGdDicOxXoRUXMLLtQmm6f3w.roa
File: WKfEGdDicOxXoRUXMLLtQmm6f3w.roa (raw, json)
Hash identifier: 8XBGL3JC9rMEzi8wsR5uLYAUuB5tq2EOObJwXuRdOsA=
Subject key identifier: 58:A7:C4:19:D0:E2:70:EC:57:A1:15:17:30:B2:ED:42:69:BA:7F:7C
Certificate issuer: /CN=80a38000d4b5abd1532a25381cb2615eec1edca0
Certificate serial: 0196A0CCFB4FC5C5F93EE5440EEA6E9FC816
Authority key identifier: 80:A3:80:00:D4:B5:AB:D1:53:2A:25:38:1C:B2:61:5E:EC:1E:DC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKOAANS1q9FTKiU4HLJhXuwe3KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/8ef162-e840-4a15-aba6-9e0898f4450c/1/WKfEGdDicOxXoRUXMLLtQmm6f3w.roa
Signing time: Mon 05 May 2025 14:15:10 +0000
ROA not before: Mon 05 May 2025 14:15:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.24.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 May 2025 16:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a0:cc:fb:4f:c5:c5:f9:3e:e5:44:0e:ea:6e:9f:c8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80a38000d4b5abd1532a25381cb2615eec1edca0
Validity
Not Before: May 5 14:15:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58a7c419d0e270ec57a1151730b2ed4269ba7f7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9f:41:3b:73:ea:10:e2:92:70:da:35:86:43:
48:96:be:20:76:15:25:e2:ca:e4:30:4a:dd:32:46:
8b:e5:85:4a:5e:10:c9:98:03:be:e5:53:10:17:17:
34:21:1d:8a:6a:60:73:70:0b:22:60:c1:93:9c:4d:
9d:14:3f:81:63:01:ca:c5:0a:90:03:6b:88:b7:07:
ff:ea:ad:c8:1b:c4:ed:5f:1d:68:24:68:b7:d8:81:
4e:77:da:48:ee:c9:70:29:c5:44:0c:62:f3:24:aa:
2f:b0:25:bc:a7:12:23:df:2f:94:5b:a9:d6:dd:16:
b8:ee:90:91:4c:a4:31:75:d4:6f:fc:2c:9e:57:51:
e0:11:6e:ee:09:44:01:62:c0:09:66:9c:25:34:18:
47:76:64:85:6d:bb:5e:27:67:cc:cf:17:b1:b6:4e:
18:4c:49:44:6d:b8:2e:91:2e:e1:ab:b9:54:8a:63:
c5:40:c4:a8:71:1d:e0:d6:1f:1c:a9:dc:7f:e8:25:
65:14:57:0f:23:5e:f9:96:06:ac:c6:2e:54:2e:3d:
fe:5f:61:1b:60:32:78:17:90:48:c0:54:f0:09:79:
1a:4e:02:ab:53:5b:53:0c:44:16:0e:40:37:8c:07:
5b:77:ce:78:a1:91:60:cb:77:c3:3b:1a:30:95:c4:
0b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:A7:C4:19:D0:E2:70:EC:57:A1:15:17:30:B2:ED:42:69:BA:7F:7C
X509v3 Authority Key Identifier:
keyid:80:A3:80:00:D4:B5:AB:D1:53:2A:25:38:1C:B2:61:5E:EC:1E:DC:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKOAANS1q9FTKiU4HLJhXuwe3KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/8ef162-e840-4a15-aba6-9e0898f4450c/1/WKfEGdDicOxXoRUXMLLtQmm6f3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/8ef162-e840-4a15-aba6-9e0898f4450c/1/gKOAANS1q9FTKiU4HLJhXuwe3KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.80.0/24
Signature Algorithm: sha256WithRSAEncryption
14:30:85:fd:ee:62:31:8f:2a:5a:3d:ae:8b:c9:25:34:58:77:
97:b5:07:e7:93:b1:19:84:09:87:01:2f:30:d6:2a:0f:d3:1e:
fa:10:3e:90:14:a1:7d:1c:8a:6b:af:a8:a9:2a:91:44:7d:b1:
0a:d0:62:7b:9f:99:42:52:15:e3:50:d4:4f:ac:c2:26:2e:a3:
e9:1f:28:88:b4:5f:f8:99:c5:44:f9:28:0e:73:8b:f8:dc:95:
eb:0d:24:2e:c0:eb:a7:9c:d4:18:65:3c:bc:7b:1e:8e:72:da:
e0:2b:92:86:1d:71:6b:7c:a1:8c:5e:56:d3:e8:e4:b6:24:cc:
7f:e2:b8:7c:63:e5:34:3f:ac:d5:2a:00:58:85:bb:f5:7b:82:
fb:01:98:4d:52:eb:8a:ef:89:07:80:01:cb:c8:70:09:72:2d:
97:91:86:b0:55:fa:e5:5b:f3:47:98:9a:dd:0e:3d:5a:3a:5f:
e7:a7:21:5b:4b:bd:f4:36:61:42:9f:ff:1d:1d:f7:34:5e:69:
c4:ad:6d:29:1a:06:d0:ef:a0:25:52:76:68:bb:4b:ec:f5:ec:
ac:88:25:82:57:4a:cd:3a:c4:40:d1:af:3a:da:04:86:37:3d:
80:cc:c0:fe:78:5d:eb:d4:94:a1:39:1a:52:79:34:d7:b2:fd:
c0:11:4c:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZagzPtPxcX5PuVEDupun8gWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYTM4MDAwZDRiNWFiZDE1MzJhMjUzODFjYjI2MTVlZWMx
ZWRjYTAwHhcNMjUwNTA1MTQxNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGE3YzQxOWQwZTI3MGVjNTdhMTE1MTczMGIyZWQ0MjY5YmE3ZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu59BO3PqEOKScNo1hkNIlr4gdhUl
4srkMErdMkaL5YVKXhDJmAO+5VMQFxc0IR2KamBzcAsiYMGTnE2dFD+BYwHKxQqQ
A2uItwf/6q3IG8TtXx1oJGi32IFOd9pI7slwKcVEDGLzJKovsCW8pxIj3y+UW6nW
3Ra47pCRTKQxddRv/CyeV1HgEW7uCUQBYsAJZpwlNBhHdmSFbbteJ2fMzxextk4Y
TElEbbgukS7hq7lUimPFQMSocR3g1h8cqdx/6CVlFFcPI175lgasxi5ULj3+X2Eb
YDJ4F5BIwFTwCXkaTgKrU1tTDEQWDkA3jAdbd854oZFgy3fDOxowlcQL/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFinxBnQ4nDsV6EVFzCy7UJpun98MB8GA1UdIwQY
MBaAFICjgADUtavRUyolOByyYV7sHtygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0tPQUFOUzFxOUZUS2lVNEhMSmhYdXdlM0tBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni84ZWYxNjItZTg0MC00YTE1LWFiYTYt
OWUwODk4ZjQ0NTBjLzEvV0tmRUdkRGljT3hYb1JVWE1MTHRRbW02ZjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni84ZWYxNjItZTg0MC00YTE1LWFiYTYtOWUwODk4ZjQ0NTBj
LzEvZ0tPQUFOUzFxOUZUS2lVNEhMSmhYdXdlM0tBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHxhQMA0G
CSqGSIb3DQEBCwUAA4IBAQAUMIX97mIxjypaPa6LySU0WHeXtQfnk7EZhAmHAS8w
1ioP0x76ED6QFKF9HIprr6ipKpFEfbEK0GJ7n5lCUhXjUNRPrMImLqPpHyiItF/4
mcVE+SgOc4v43JXrDSQuwOunnNQYZTy8ex6OctrgK5KGHXFrfKGMXlbT6OS2JMx/
4rh8Y+U0P6zVKgBYhbv1e4L7AZhNUuuK74kHgAHLyHAJci2XkYawVfrlW/NHmJrd
Dj1aOl/npyFbS730NmFCn/8dHfc0XmnErW0pGgbQ76AlUnZou0vs9eysiCWCV0rN
OsRA0a862gSGNz2AzMD+eF3r1JShORpSeTTXsv3AEUwx
-----END CERTIFICATE-----
Generated at Wed May 7 06:25:02 2025 by rpki-client