Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/4weaWaJ_0FtZl0q3MAYLdwAgxqI.roa
File: 4weaWaJ_0FtZl0q3MAYLdwAgxqI.roa (raw, json)
Hash identifier: KpaUuqw9FLYhw0F8qNzoPY6RE1s4aIPur7o11amC8bo=
Subject key identifier: E3:07:9A:59:A2:7F:D0:5B:59:97:4A:B7:30:06:0B:77:00:20:C6:A2
Certificate issuer: /CN=7e26b1ef7410072ce96e82d7581be436e639a7c4
Certificate serial: 01942068437D883753944B298BCA1D47F3C0
Authority key identifier: 7E:26:B1:EF:74:10:07:2C:E9:6E:82:D7:58:1B:E4:36:E6:39:A7:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/4weaWaJ_0FtZl0q3MAYLdwAgxqI.roa
Signing time: Wed 01 Jan 2025 05:48:11 +0000
ROA not before: Wed 01 Jan 2025 05:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59796
IP address blocks: 5.252.32.0/24 maxlen: 24
5.252.33.0/24 maxlen: 24
5.252.34.0/24 maxlen: 24
5.252.35.0/24 maxlen: 24
160.79.120.0/24 maxlen: 24
160.79.121.0/24 maxlen: 24
160.79.122.0/24 maxlen: 24
160.79.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 12:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:43:7d:88:37:53:94:4b:29:8b:ca:1d:47:f3:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e26b1ef7410072ce96e82d7581be436e639a7c4
Validity
Not Before: Jan 1 05:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3079a59a27fd05b59974ab730060b770020c6a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0c:3a:d0:1c:87:7d:2e:20:90:5a:1c:9e:8c:
0c:fe:75:4f:e9:33:e3:ef:1c:dc:94:99:a5:7f:d2:
3e:98:4d:c6:a5:c9:1c:d0:20:23:d7:ca:70:8f:ea:
40:30:e7:9c:e3:8e:21:2e:0c:89:09:ff:bf:dc:41:
8c:e0:63:49:16:14:bd:0b:a9:30:b4:af:d5:b8:ef:
53:27:3c:3a:89:66:f4:17:ca:a9:28:a5:8d:f7:4d:
3b:ba:ed:4a:cc:e6:14:ea:94:e5:6d:93:78:25:aa:
f7:16:af:08:83:5d:c4:4e:95:f8:44:97:e0:91:c1:
52:61:cc:0f:5e:91:b5:f5:7e:0a:68:ec:7d:ac:a4:
93:19:f9:49:19:8a:e8:89:79:02:81:44:c5:18:e4:
72:be:38:0d:64:27:df:c3:c3:96:15:3d:65:df:8d:
15:4c:b1:1a:a2:ba:1a:5a:fe:33:16:a3:c9:24:66:
51:a0:d1:14:f4:fd:36:59:73:15:e9:6c:88:a2:0d:
e9:53:e6:88:b7:7f:3b:42:4f:b9:57:84:f5:0a:8e:
0e:e9:82:7a:3a:79:12:ef:a7:ee:b4:c1:c0:34:12:
b5:8d:d8:98:36:3c:3e:45:d9:7d:bb:f2:c0:8d:8a:
5d:d6:e8:b9:05:b4:bb:12:e6:64:6b:97:f7:db:68:
85:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:07:9A:59:A2:7F:D0:5B:59:97:4A:B7:30:06:0B:77:00:20:C6:A2
X509v3 Authority Key Identifier:
keyid:7E:26:B1:EF:74:10:07:2C:E9:6E:82:D7:58:1B:E4:36:E6:39:A7:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/4weaWaJ_0FtZl0q3MAYLdwAgxqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/fiax73QQByzpboLXWBvkNuY5p8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.32.0/22
160.79.120.0/22
Signature Algorithm: sha256WithRSAEncryption
03:3e:21:d3:9e:35:83:28:71:d1:2d:e0:db:ab:25:c5:a0:f4:
43:60:b2:fe:55:85:0b:74:58:97:af:89:ba:f6:73:70:e7:09:
b0:07:9a:ca:1c:a2:a4:e8:8a:52:55:6f:f2:51:5b:7e:7f:20:
5c:e3:13:fb:31:cc:62:86:c7:a1:68:ef:f6:a8:e7:c6:d7:c7:
58:81:27:95:8b:d8:5c:eb:31:9f:b6:fa:32:b0:fc:4a:32:31:
09:0d:f9:3c:99:3d:2c:ef:fd:8d:9c:32:9e:1f:cd:6f:fd:ec:
b3:c6:04:eb:2f:46:ff:dc:aa:a5:1e:b3:b0:5e:5d:08:74:ee:
af:86:4f:9c:39:b1:02:81:76:1e:8d:a6:9c:34:9a:0e:9b:a5:
fb:e4:1c:40:3f:3d:f0:88:d5:8b:ad:2c:14:a0:97:94:a4:98:
00:08:5a:32:e4:cd:b9:c8:a8:dc:7f:db:4a:50:d3:a0:01:d2:
90:8b:f2:7b:42:2f:18:4e:28:8d:26:c6:19:25:d4:d0:0b:f6:
76:3e:c0:4a:83:1b:3e:cf:5d:1c:b8:38:ac:9d:96:08:7d:55:
b5:99:5b:3c:f7:45:fa:e6:70:63:b4:72:21:db:ab:81:49:31:
6f:53:c5:77:33:4c:f1:e9:e6:5f:91:6b:75:d3:c9:4e:76:05:
11:28:15:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgaEN9iDdTlEspi8odR/PAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjZiMWVmNzQxMDA3MmNlOTZlODJkNzU4MWJlNDM2ZTYz
OWE3YzQwHhcNMjUwMTAxMDU0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzA3OWE1OWEyN2ZkMDViNTk5NzRhYjczMDA2MGI3NzAwMjBjNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuww60ByHfS4gkFocnowM/nVP6TPj
7xzclJmlf9I+mE3Gpckc0CAj18pwj+pAMOec444hLgyJCf+/3EGM4GNJFhS9C6kw
tK/VuO9TJzw6iWb0F8qpKKWN9007uu1KzOYU6pTlbZN4Jar3Fq8Ig13ETpX4RJfg
kcFSYcwPXpG19X4KaOx9rKSTGflJGYroiXkCgUTFGORyvjgNZCffw8OWFT1l340V
TLEaoroaWv4zFqPJJGZRoNEU9P02WXMV6WyIog3pU+aIt387Qk+5V4T1Co4O6YJ6
OnkS76futMHANBK1jdiYNjw+Rdl9u/LAjYpd1ui5BbS7EuZka5f322iFXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOMHmlmif9BbWZdKtzAGC3cAIMaiMB8GA1UdIwQY
MBaAFH4mse90EAcs6W6C11gb5DbmOafEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlheDczUVFCeXpwYm9MWFdCdmtOdVk1cDhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9jYWM2M2MtNTVlNS00MTU0LTg4NzYt
OGMzMmMzNTFlZTcwLzEvNHdlYVdhSl8wRnRabDBxM01BWUxkd0FneHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9jYWM2M2MtNTVlNS00MTU0LTg4NzYtOGMzMmMzNTFlZTcw
LzEvZmlheDczUVFCeXpwYm9MWFdCdmtOdVk1cDhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBfwgAwQC
oE94MA0GCSqGSIb3DQEBCwUAA4IBAQADPiHTnjWDKHHRLeDbqyXFoPRDYLL+VYUL
dFiXr4m69nNw5wmwB5rKHKKk6IpSVW/yUVt+fyBc4xP7McxihsehaO/2qOfG18dY
gSeVi9hc6zGftvoysPxKMjEJDfk8mT0s7/2NnDKeH81v/eyzxgTrL0b/3KqlHrOw
Xl0IdO6vhk+cObECgXYejaacNJoOm6X75BxAPz3wiNWLrSwUoJeUpJgACFoy5M25
yKjcf9tKUNOgAdKQi/J7Qi8YTiiNJsYZJdTQC/Z2PsBKgxs+z10cuDisnZYIfVW1
mVs890X65nBjtHIh26uBSTFvU8V3M0zx6eZfkWt108lOdgURKBXm
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:46:39 2025 by rpki-client