Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/WMRENQJltXgD_dN7qdNc-yf13sY.roa
File: WMRENQJltXgD_dN7qdNc-yf13sY.roa (raw, json)
Hash identifier: qd9cxZCmrRougUafRB5neRtc/UKSSHVdiWFtfiM3c40=
Subject key identifier: 58:C4:44:35:02:65:B5:78:03:FD:D3:7B:A9:D3:5C:FB:27:F5:DE:C6
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01946E50095B4EF321876C1952AEC3E71A03
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/WMRENQJltXgD_dN7qdNc-yf13sY.roa
Signing time: Thu 16 Jan 2025 08:52:06 +0000
ROA not before: Thu 16 Jan 2025 08:52:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.1.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.21.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 16 Jan 2025 09:18:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:50:09:5b:4e:f3:21:87:6c:19:52:ae:c3:e7:1a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 16 08:52:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58c444350265b57803fdd37ba9d35cfb27f5dec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8f:d3:e2:c6:4b:3c:31:ae:94:b7:df:5c:21:
25:40:16:c5:0a:28:16:ab:2e:a8:cf:34:a1:b9:8f:
6f:45:28:d2:08:0e:9a:5c:25:87:6c:74:de:e4:cc:
4e:03:84:bf:da:58:be:08:f2:bb:0a:80:db:25:10:
72:b6:d0:2a:3f:0c:22:ca:23:07:e4:63:2f:61:2d:
c8:4a:86:31:0c:78:fa:11:cb:99:ff:68:a8:09:b7:
66:c7:da:03:93:db:d7:68:7e:bf:b4:44:17:11:e0:
7d:4d:b2:92:86:2a:40:81:5b:c7:eb:f8:7f:b7:3a:
fe:91:a9:7b:5d:12:36:b6:02:1f:82:7e:77:df:8f:
e2:86:9a:4d:56:7a:9f:2f:3a:2b:67:c5:8e:79:7c:
df:ae:2c:62:98:8b:fe:e0:b9:ea:cd:9b:0d:67:0b:
0a:a3:f3:fe:5a:36:79:32:e0:23:1c:20:c5:5c:87:
9d:33:01:f2:17:48:de:dd:a5:bc:14:e5:35:98:c6:
a3:eb:dd:6d:08:7b:0c:52:c0:92:04:1a:1d:7c:18:
f6:bd:49:04:16:a2:a9:e6:de:3c:44:53:7d:62:74:
2f:c8:56:9a:4a:e0:38:fe:51:95:02:82:8e:6e:d3:
2c:58:e4:d6:af:0f:3d:82:61:04:d5:0a:01:5b:30:
c9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:C4:44:35:02:65:B5:78:03:FD:D3:7B:A9:D3:5C:FB:27:F5:DE:C6
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/WMRENQJltXgD_dN7qdNc-yf13sY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/22
128.0.119.0/24
185.117.20.0/22
185.211.48.0-185.211.50.255
195.85.68.0/23
Signature Algorithm: sha256WithRSAEncryption
cc:58:b5:61:75:b1:04:5d:f7:41:99:69:f2:3c:f6:82:d3:f8:
e0:fd:30:8c:7d:9c:b6:6b:fb:1a:8e:29:16:b0:81:33:3c:13:
65:03:f2:13:35:fb:90:53:79:d0:ae:24:c5:60:c2:85:6c:95:
85:ca:78:ce:46:07:64:34:c9:11:23:76:16:25:b5:64:21:da:
e4:7b:b7:cc:06:0a:9b:31:38:59:9c:b3:11:8a:fe:5f:a4:76:
21:83:ee:60:06:58:ad:30:0f:17:b4:af:38:d6:bc:a4:e6:05:
c4:31:17:50:81:5d:de:49:49:2a:7c:4f:65:62:94:c7:95:07:
f4:bb:08:cd:86:4f:31:c2:b9:d0:6b:15:b6:31:8a:f5:b4:e6:
85:22:31:11:c9:50:71:27:ac:cd:57:a3:8d:ea:ba:0d:f2:9c:
df:fa:f7:ba:44:f3:c1:5f:f5:4c:88:67:2e:92:1e:27:27:4c:
e0:3f:be:c0:40:48:4a:7d:67:bf:ef:54:bc:f2:47:26:e9:60:
2d:a0:a3:ef:32:e4:30:f1:f5:1d:08:39:29:4a:dc:83:a5:05:
d7:c7:74:5c:88:73:8e:8d:f1:65:23:3d:4c:8b:9e:4a:5e:8a:
23:e8:55:7d:17:ef:d8:5a:11:c3:2a:a5:41:84:b0:18:38:66:
2b:6d:0f:c7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZRuUAlbTvMhh2wZUq7D5xoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTE2MDg1MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGM0NDQzNTAyNjViNTc4MDNmZGQzN2JhOWQzNWNmYjI3ZjVkZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuo/T4sZLPDGulLffXCElQBbFCigW
qy6ozzShuY9vRSjSCA6aXCWHbHTe5MxOA4S/2li+CPK7CoDbJRByttAqPwwiyiMH
5GMvYS3ISoYxDHj6EcuZ/2ioCbdmx9oDk9vXaH6/tEQXEeB9TbKShipAgVvH6/h/
tzr+kal7XRI2tgIfgn5334/ihppNVnqfLzorZ8WOeXzfriximIv+4LnqzZsNZwsK
o/P+WjZ5MuAjHCDFXIedMwHyF0je3aW8FOU1mMaj691tCHsMUsCSBBodfBj2vUkE
FqKp5t48RFN9YnQvyFaaSuA4/lGVAoKObtMsWOTWrw89gmEE1QoBWzDJKwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFjERDUCZbV4A/3Te6nTXPsn9d7GMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvV01SRU5RSmx0WGdEX2RON3FkTmMteWYxM3NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCLYgAAwQA
gAB3AwQCuXUUMAwDBAS50zADBAC50zIDBAHDVUQwDQYJKoZIhvcNAQELBQADggEB
AMxYtWF1sQRd90GZafI89oLT+OD9MIx9nLZr+xqOKRawgTM8E2UD8hM1+5BTedCu
JMVgwoVslYXKeM5GB2Q0yREjdhYltWQh2uR7t8wGCpsxOFmcsxGK/l+kdiGD7mAG
WK0wDxe0rzjWvKTmBcQxF1CBXd5JSSp8T2VilMeVB/S7CM2GTzHCudBrFbYxivW0
5oUiMRHJUHEnrM1Xo43qug3ynN/697pE88Ff9UyIZy6SHicnTOA/vsBASEp9Z7/v
VLzyRybpYC2go+8y5DDx9R0IOSlK3IOlBdfHdFyIc46N8WUjPUyLnkpeiiPoVX0X
79haEcMqpUGEsBg4ZittD8c=
-----END CERTIFICATE-----
Generated at Wed May 7 21:19:56 2025 by rpki-client