Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/65a5oX8uKPyqWhxBEvw3fCK9aTk.roa
File: 65a5oX8uKPyqWhxBEvw3fCK9aTk.roa (raw, json)
Hash identifier: F7g+j2RO0E9cDYmrysql9eICvzaEgfbUr5LFS26epY0=
Subject key identifier: EB:96:B9:A1:7F:2E:28:FC:AA:5A:1C:41:12:FC:37:7C:22:BD:69:39
Certificate issuer: /CN=2b7c4264dacdfacb3b7a3aeeed565975aa52434c
Certificate serial: 018CC42541658E105511BD8D4D2ACFB1B419
Authority key identifier: 2B:7C:42:64:DA:CD:FA:CB:3B:7A:3A:EE:ED:56:59:75:AA:52:43:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K3xCZNrN-ss7ejru7VZZdapSQ0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/65a5oX8uKPyqWhxBEvw3fCK9aTk.roa
Signing time: Mon 01 Jan 2024 08:30:25 +0000
ROA not before: Mon 01 Jan 2024 08:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12859
IP address blocks: 5.61.248.0/24 maxlen: 24
5.61.252.0/24 maxlen: 24
5.61.253.0/24 maxlen: 24
5.61.250.0/24 maxlen: 24
5.61.251.0/24 maxlen: 24
5.61.248.0/21 maxlen: 21
5.61.249.0/24 maxlen: 24
5.61.254.0/24 maxlen: 24
5.61.255.0/24 maxlen: 24
2a01:7860::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Apr 2024 14:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:41:65:8e:10:55:11:bd:8d:4d:2a:cf:b1:b4:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b7c4264dacdfacb3b7a3aeeed565975aa52434c
Validity
Not Before: Jan 1 08:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb96b9a17f2e28fcaa5a1c4112fc377c22bd6939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:28:cc:98:c7:1a:63:7d:8b:e7:4c:b9:26:e7:
db:1c:8f:13:7b:0b:3d:bd:04:04:24:cf:8d:b2:fc:
b6:ef:08:60:5e:82:b7:5b:56:f7:19:8a:61:32:d1:
cf:0d:7f:13:55:0f:72:b0:8f:5b:36:55:e9:37:76:
85:8e:41:0e:f8:94:fa:ac:05:71:91:b7:94:f7:7f:
18:0e:3a:a3:95:9b:0d:54:81:fa:d6:b5:62:0e:48:
2d:6e:6d:4f:f4:04:49:3f:e8:f3:aa:8d:69:f6:5e:
0e:c9:13:75:72:7c:b8:0e:be:cc:3b:65:17:38:aa:
c2:76:49:96:d3:2b:63:34:d5:32:de:31:90:61:af:
3c:13:04:ef:e2:49:61:c0:7e:15:a4:92:e9:73:25:
8f:88:fd:8b:88:91:6b:fd:47:a8:1f:9d:8e:0a:ae:
cf:46:0b:08:bd:89:ef:0c:f7:ac:8c:de:59:21:63:
b8:97:bb:bc:c4:f9:cf:b7:00:1a:ae:71:ae:7e:0d:
82:f6:db:e9:95:91:78:d6:6d:7c:41:22:63:55:d1:
56:66:aa:e7:ef:84:d3:82:8e:ad:97:16:75:4f:c5:
0d:a9:31:3b:5a:f6:e7:d2:f4:14:8f:af:81:6b:c5:
e8:d9:9e:75:bc:eb:6b:fa:79:de:0b:86:ee:ba:f1:
45:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:96:B9:A1:7F:2E:28:FC:AA:5A:1C:41:12:FC:37:7C:22:BD:69:39
X509v3 Authority Key Identifier:
keyid:2B:7C:42:64:DA:CD:FA:CB:3B:7A:3A:EE:ED:56:59:75:AA:52:43:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K3xCZNrN-ss7ejru7VZZdapSQ0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/65a5oX8uKPyqWhxBEvw3fCK9aTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/K3xCZNrN-ss7ejru7VZZdapSQ0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.248.0/21
IPv6:
2a01:7860::/32
Signature Algorithm: sha256WithRSAEncryption
1d:1c:53:e9:1c:25:1f:9e:31:40:42:f3:4d:6c:6a:a1:45:cc:
82:f7:98:54:72:e0:68:71:00:d5:ad:e1:66:d2:cb:68:7a:32:
5c:ee:6d:a0:d4:5a:b1:82:4d:70:b5:15:40:f8:cf:82:b0:9c:
ee:44:62:16:e2:e6:64:4a:87:ed:c1:c6:58:9d:fa:be:a1:4a:
6b:be:d1:52:36:87:51:63:e9:15:b2:35:0d:71:24:c4:8d:da:
a1:f7:c6:db:f1:05:1d:a3:2f:6e:3f:2e:fb:a7:92:6a:08:4c:
0e:27:f6:a3:13:38:7e:aa:70:22:e1:b8:39:11:7d:2b:10:3a:
f4:e9:db:96:1a:02:04:b9:1e:a6:70:4a:a0:b5:ee:c7:87:05:
e9:29:a8:74:2b:fe:ac:87:c9:fd:c4:12:b5:0d:57:3e:18:e6:
7c:00:cf:3c:41:d3:78:bf:5f:95:e1:c3:ab:3d:16:1c:67:85:
d8:c0:7f:e8:28:ea:9b:1e:81:0d:f7:f8:e2:d9:89:74:85:e4:
1b:8c:24:1e:93:f8:4f:07:ad:ed:ca:1f:dd:d2:db:53:0f:66:
c4:f1:37:d8:92:dc:32:0e:4a:60:55:90:a9:82:dd:9b:cb:a1:
81:7e:f1:77:e9:36:fc:c8:59:8b:5a:82:73:91:f6:12:b3:82:
78:b2:0d:54
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJUFljhBVEb2NTSrPsbQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2M0MjY0ZGFjZGZhY2IzYjdhM2FlZWVkNTY1OTc1YWE1
MjQzNGMwHhcNMjQwMTAxMDgzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjk2YjlhMTdmMmUyOGZjYWE1YTFjNDExMmZjMzc3YzIyYmQ2OTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSjMmMcaY32L50y5JufbHI8Tews9
vQQEJM+Nsvy27whgXoK3W1b3GYphMtHPDX8TVQ9ysI9bNlXpN3aFjkEO+JT6rAVx
kbeU938YDjqjlZsNVIH61rViDkgtbm1P9ARJP+jzqo1p9l4OyRN1cny4Dr7MO2UX
OKrCdkmW0ytjNNUy3jGQYa88EwTv4klhwH4VpJLpcyWPiP2LiJFr/UeoH52OCq7P
RgsIvYnvDPesjN5ZIWO4l7u8xPnPtwAarnGufg2C9tvplZF41m18QSJjVdFWZqrn
74TTgo6tlxZ1T8UNqTE7Wvbn0vQUj6+Ba8Xo2Z51vOtr+nneC4buuvFF/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOuWuaF/Lij8qlocQRL8N3wivWk5MB8GA1UdIwQY
MBaAFCt8QmTazfrLO3o67u1WWXWqUkNMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzN4Q1pOck4tc3M3ZWpydTdWWlpkYXBTUTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iYmVkNDAtNjI4MS00OGJmLTllOWQt
MzFkNWFjM2FjOWI1LzEvNjVhNW9YOHVLUHlxV2h4QkV2dzNmQ0s5YVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iYmVkNDAtNjI4MS00OGJmLTllOWQtMzFkNWFjM2FjOWI1
LzEvSzN4Q1pOck4tc3M3ZWpydTdWWlpkYXBTUTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBT34MA0E
AgACMAcDBQAqAXhgMA0GCSqGSIb3DQEBCwUAA4IBAQAdHFPpHCUfnjFAQvNNbGqh
RcyC95hUcuBocQDVreFm0stoejJc7m2g1Fqxgk1wtRVA+M+CsJzuRGIW4uZkSoft
wcZYnfq+oUprvtFSNodRY+kVsjUNcSTEjdqh98bb8QUdoy9uPy77p5JqCEwOJ/aj
Ezh+qnAi4bg5EX0rEDr06duWGgIEuR6mcEqgte7HhwXpKah0K/6sh8n9xBK1DVc+
GOZ8AM88QdN4v1+V4cOrPRYcZ4XYwH/oKOqbHoEN9/ji2Yl0heQbjCQek/hPB63t
yh/d0ttTD2bE8TfYktwyDkpgVZCpgt2by6GBfvF36Tb8yFmLWoJzkfYSs4J4sg1U
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:08 2024 by rpki-client on console-ams.rpki-client.org