Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/xanp85TeEWkcfprdDLuZU3kn1Fg.roa
File: xanp85TeEWkcfprdDLuZU3kn1Fg.roa (raw, json)
Hash identifier: DXdeulNiScMkA465+O+rdlMdQTzMwEvXrucyfKTgvbo=
Subject key identifier: C5:A9:E9:F3:94:DE:11:69:1C:7E:9A:DD:0C:BB:99:53:79:27:D4:58
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018CC94DB5506846018F2B2671E503E40BC2
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/xanp85TeEWkcfprdDLuZU3kn1Fg.roa
Signing time: Tue 02 Jan 2024 08:32:42 +0000
ROA not before: Tue 02 Jan 2024 08:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203499
IP address blocks: 5.154.98.0/24 maxlen: 24
151.237.198.0/24 maxlen: 24
109.167.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:b5:50:68:46:01:8f:2b:26:71:e5:03:e4:0b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 08:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5a9e9f394de11691c7e9add0cbb99537927d458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d8:02:cf:ad:5f:c9:71:22:bd:5e:eb:89:3a:
18:05:12:1c:5d:2b:51:7d:7d:64:10:d9:24:98:6f:
fe:e5:e1:ce:9f:37:b2:dd:39:67:e9:ea:e7:b7:d2:
1c:52:f5:62:ce:1b:44:0a:fe:b2:fb:de:ec:94:d5:
c4:ff:7c:e1:ea:a4:a6:5d:f9:1b:21:42:37:43:61:
be:53:02:b7:e8:53:48:bf:3f:9b:74:c2:1e:d1:be:
4e:f3:c7:1f:28:32:9e:84:2e:b6:9a:90:81:8a:51:
bf:c2:51:b4:a0:60:de:de:25:e4:3f:6e:61:1d:86:
51:f3:15:cb:09:f7:b3:d8:dc:0d:1b:d7:b3:fe:1b:
b4:5a:3f:24:f0:28:8b:7e:d6:90:d8:2f:02:11:fc:
e8:6d:bf:50:31:e7:00:5e:42:93:b9:bb:28:5c:1e:
0f:68:4a:13:5c:7d:cf:4f:4e:2d:1f:97:a9:85:56:
15:a4:3e:d6:b1:46:5d:e0:3d:c2:b3:4d:4b:05:72:
6b:05:9d:f9:ab:ff:1f:c9:aa:41:17:d7:2e:2f:b4:
9d:f4:62:d8:9c:1e:ee:6b:a6:7f:06:21:53:38:e5:
e8:9d:0d:b5:62:bd:c7:ee:7d:fe:00:31:e1:5a:40:
51:bd:f2:7d:f0:aa:5c:d0:9c:59:8b:b0:45:9c:54:
ce:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A9:E9:F3:94:DE:11:69:1C:7E:9A:DD:0C:BB:99:53:79:27:D4:58
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/xanp85TeEWkcfprdDLuZU3kn1Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.98.0/24
109.167.46.0/24
151.237.198.0/24
Signature Algorithm: sha256WithRSAEncryption
45:84:6d:d0:cf:35:d5:57:c1:16:85:6e:e6:ef:5f:6c:25:68:
55:53:b2:d6:69:fc:d6:97:a5:be:60:f7:d8:f6:87:34:f0:f9:
be:11:22:eb:47:d2:d7:49:3b:9a:34:33:95:96:c3:26:9c:23:
0d:23:6b:58:40:f1:4c:2c:2b:df:cc:81:0c:62:3c:dc:56:5f:
d3:d2:62:cd:05:f5:5d:2f:30:b7:8e:99:3a:36:11:e1:3a:bb:
9c:e5:3a:4f:dc:f5:a2:fb:6a:a0:d3:b9:39:93:03:15:73:34:
9f:89:80:c8:98:9f:05:06:22:dc:5d:c1:e0:2c:31:89:52:f9:
ef:7b:49:5c:87:73:1f:a1:3c:09:d9:09:65:35:a0:78:40:33:
d3:ca:ae:ca:15:82:0b:20:35:52:1c:a2:23:70:b9:12:47:22:
ec:76:f2:2d:ea:39:24:24:bc:eb:4d:f1:cb:09:83:30:21:fa:
c2:ea:ae:3c:cb:fb:28:63:3d:c1:c1:81:5f:71:f0:58:5e:a5:
3f:9d:be:91:e8:c9:22:ea:15:93:c5:85:82:ad:ab:e1:76:29:
e7:f7:36:a5:d6:bb:ca:73:d0:6c:f6:9d:81:30:08:26:e3:6f:
d6:3e:4c:e6:0d:08:7d:14:37:20:91:3f:e3:fd:66:40:ca:96:
65:63:a4:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTbVQaEYBjysmceUD5AvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTAyMDgzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWE5ZTlmMzk0ZGUxMTY5MWM3ZTlhZGQwY2JiOTk1Mzc5MjdkNDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NgCz61fyXEivV7riToYBRIcXStR
fX1kENkkmG/+5eHOnzey3Tln6ernt9IcUvVizhtECv6y+97slNXE/3zh6qSmXfkb
IUI3Q2G+UwK36FNIvz+bdMIe0b5O88cfKDKehC62mpCBilG/wlG0oGDe3iXkP25h
HYZR8xXLCfez2NwNG9ez/hu0Wj8k8CiLftaQ2C8CEfzobb9QMecAXkKTubsoXB4P
aEoTXH3PT04tH5ephVYVpD7WsUZd4D3Cs01LBXJrBZ35q/8fyapBF9cuL7Sd9GLY
nB7ua6Z/BiFTOOXonQ21Yr3H7n3+ADHhWkBRvfJ98Kpc0JxZi7BFnFTOlQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMWp6fOU3hFpHH6a3Qy7mVN5J9RYMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEveGFucDg1VGVFV2tjZnByZERMdVpVM2tuMUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABZpiAwQA
bacuAwQAl+3GMA0GCSqGSIb3DQEBCwUAA4IBAQBFhG3QzzXVV8EWhW7m719sJWhV
U7LWafzWl6W+YPfY9oc08Pm+ESLrR9LXSTuaNDOVlsMmnCMNI2tYQPFMLCvfzIEM
YjzcVl/T0mLNBfVdLzC3jpk6NhHhOruc5TpP3PWi+2qg07k5kwMVczSfiYDImJ8F
BiLcXcHgLDGJUvnve0lch3MfoTwJ2QllNaB4QDPTyq7KFYILIDVSHKIjcLkSRyLs
dvIt6jkkJLzrTfHLCYMwIfrC6q48y/soYz3BwYFfcfBYXqU/nb6R6Mki6hWTxYWC
ravhdinn9zal1rvKc9Bs9p2BMAgm42/WPkzmDQh9FDcgkT/j/WZAypZlY6QQ
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:20:16 2025 by rpki-client