Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/kilFcYFdq1RyTWXBBgcZ5_hJHRU.roa
File: kilFcYFdq1RyTWXBBgcZ5_hJHRU.roa (raw, json)
Hash identifier: okD4Q99K8dxCrAxKcXNg7+YONuJT8aWZtmXGl876jFc=
Subject key identifier: 92:29:45:71:81:5D:AB:54:72:4D:65:C1:06:07:19:E7:F8:49:1D:15
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 01914FC6BA25ADD9BB3015A70EC3479B05D2
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/kilFcYFdq1RyTWXBBgcZ5_hJHRU.roa
Signing time: Wed 14 Aug 2024 07:25:09 +0000
ROA not before: Wed 14 Aug 2024 07:25:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39130
IP address blocks: 5.102.38.0/24 maxlen: 24
195.5.124.0/24 maxlen: 24
2a10:d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4f:c6:ba:25:ad:d9:bb:30:15:a7:0e:c3:47:9b:05:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Aug 14 07:25:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92294571815dab54724d65c1060719e7f8491d15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:91:95:13:11:87:2c:68:85:b9:37:41:3e:26:
84:81:bc:ba:5f:ac:ee:55:e1:81:5c:b4:6e:dc:25:
3a:20:3e:58:ef:a7:c1:53:90:90:fe:a6:cc:28:cf:
2c:6b:2c:0c:3f:a2:93:ec:27:97:8f:fb:27:dc:ac:
a1:d0:4e:ee:25:2a:88:b7:e1:78:0a:66:da:bd:e7:
83:bf:67:43:02:03:e4:2f:b4:cc:c7:3f:09:11:62:
76:dd:50:4b:7a:23:a4:ce:14:cc:dd:23:92:08:d9:
89:6f:10:32:9f:ca:62:37:95:c8:a7:5f:08:a9:83:
4b:b9:13:a0:2e:22:83:1b:ea:6e:1c:c9:9c:92:66:
da:b1:18:32:65:78:9a:a4:6a:31:06:71:fe:5a:84:
7a:e0:81:b9:08:83:5e:6b:b4:b2:5b:ec:b0:1e:44:
34:20:a7:03:83:ec:c3:b2:fa:9c:4b:ff:44:17:1b:
ff:6a:91:60:0e:36:45:e8:50:31:78:2b:2c:50:ca:
8d:3d:fe:64:66:68:3f:6d:4b:5c:d4:29:ec:44:ef:
85:3f:ed:48:1b:d7:e1:23:83:39:72:31:7c:fb:86:
29:b8:65:82:d3:aa:a2:9d:f5:93:67:7e:73:e4:1e:
87:15:ac:f2:32:ca:6a:45:0d:d5:2f:1a:1f:ce:a3:
f5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:29:45:71:81:5D:AB:54:72:4D:65:C1:06:07:19:E7:F8:49:1D:15
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/kilFcYFdq1RyTWXBBgcZ5_hJHRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.38.0/24
195.5.124.0/24
IPv6:
2a10:d80::/29
Signature Algorithm: sha256WithRSAEncryption
17:db:5f:6a:e2:e6:2f:9a:f0:b8:bc:2c:06:d0:14:d9:6f:1a:
48:74:d3:98:05:c1:82:df:de:34:db:da:d2:11:75:bd:7f:78:
30:e4:1a:47:38:74:2b:c2:1b:0c:c1:0e:57:1f:39:98:a6:67:
70:10:50:1d:27:fe:d0:1e:47:9e:c1:65:5e:4c:a1:6f:f4:66:
ef:08:b5:47:c6:ea:c5:77:26:03:4d:e4:ad:4d:4f:5d:40:2a:
f1:45:4f:1b:0c:48:ff:a3:cd:ce:cb:0f:55:db:e0:2a:50:45:
6c:f7:48:5a:2b:76:59:b8:c1:29:fb:bd:45:47:b6:8a:c8:7e:
86:6a:fb:b6:29:9f:42:a0:6d:cf:ff:d7:dc:6d:e5:ca:5d:51:
e0:71:57:f6:39:ba:d5:9d:04:98:b0:23:c1:27:34:84:c3:1d:
23:68:03:10:07:0f:4b:04:6f:31:9d:09:eb:f1:0d:d5:67:75:
91:28:1e:5d:e3:59:1c:f7:28:34:ef:35:5a:61:2b:3a:62:bb:
93:d1:b4:7b:76:0c:ec:2f:38:08:37:5d:49:1d:be:36:26:9d:
dd:b0:0f:43:f7:37:06:4a:c3:1e:f1:5a:2f:39:73:77:c8:0f:
f6:25:10:b5:e5:b6:a6:6f:5e:bf:12:c6:d7:44:df:9f:65:a3:
a2:3d:60:a8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZFPxrolrdm7MBWnDsNHmwXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjQwODE0MDcyNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjI5NDU3MTgxNWRhYjU0NzI0ZDY1YzEwNjA3MTllN2Y4NDkxZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5GVExGHLGiFuTdBPiaEgby6X6zu
VeGBXLRu3CU6ID5Y76fBU5CQ/qbMKM8saywMP6KT7CeXj/sn3Kyh0E7uJSqIt+F4
CmbaveeDv2dDAgPkL7TMxz8JEWJ23VBLeiOkzhTM3SOSCNmJbxAyn8piN5XIp18I
qYNLuROgLiKDG+puHMmckmbasRgyZXiapGoxBnH+WoR64IG5CINea7SyW+ywHkQ0
IKcDg+zDsvqcS/9EFxv/apFgDjZF6FAxeCssUMqNPf5kZmg/bUtc1CnsRO+FP+1I
G9fhI4M5cjF8+4YpuGWC06qinfWTZ35z5B6HFazyMspqRQ3VLxofzqP1SQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJIpRXGBXatUck1lwQYHGef4SR0VMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEva2lsRmNZRmRxMVJ5VFdYQkJnY1o1X2hKSFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQABWYmAwQA
wwV8MA0EAgACMAcDBQMqEA2AMA0GCSqGSIb3DQEBCwUAA4IBAQAX219q4uYvmvC4
vCwG0BTZbxpIdNOYBcGC394029rSEXW9f3gw5BpHOHQrwhsMwQ5XHzmYpmdwEFAd
J/7QHkeewWVeTKFv9GbvCLVHxurFdyYDTeStTU9dQCrxRU8bDEj/o83Oyw9V2+Aq
UEVs90haK3ZZuMEp+71FR7aKyH6Gavu2KZ9CoG3P/9fcbeXKXVHgcVf2ObrVnQSY
sCPBJzSEwx0jaAMQBw9LBG8xnQnr8Q3VZ3WRKB5d41kc9yg07zVaYSs6YruT0bR7
dgzsLzgIN11JHb42Jp3dsA9D9zcGSsMe8VovOXN3yA/2JRC15bamb16/EsbXRN+f
ZaOiPWCo
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:51 2025 by rpki-client