Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/tp4VyzBFWKOp3dbyaUnUtpP2BPg.roa
File: tp4VyzBFWKOp3dbyaUnUtpP2BPg.roa (raw, json)
Hash identifier: 1fQnV5K15+AysKSZVMgpEMcGO6Z6y1DXORpD2kPtk1Y=
Subject key identifier: B6:9E:15:CB:30:45:58:A3:A9:DD:D6:F2:69:49:D4:B6:93:F6:04:F8
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 019284F96DA3DF902B749EE1F87E01FC4A31
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/tp4VyzBFWKOp3dbyaUnUtpP2BPg.roa
Signing time: Sun 13 Oct 2024 08:23:11 +0000
ROA not before: Sun 13 Oct 2024 08:23:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35913
IP address blocks: 5.181.0.0/24 maxlen: 24
5.181.1.0/24 maxlen: 24
2a09:fb86::/32 maxlen: 32
2a11:6e40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:84:f9:6d:a3:df:90:2b:74:9e:e1:f8:7e:01:fc:4a:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Oct 13 08:23:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b69e15cb304558a3a9ddd6f26949d4b693f604f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f9:38:9b:ca:cf:9b:d9:c9:7f:ab:6d:a7:97:
c2:df:16:12:49:06:a9:54:5c:b8:a2:ce:80:4d:bb:
53:a9:e8:9b:9a:a9:fd:bf:a2:b5:a6:ba:b0:ce:82:
24:1f:33:af:9a:76:0b:ef:2e:fe:9a:c2:40:9e:b2:
6d:9a:78:4e:d8:9d:aa:e0:5b:c4:e4:87:e5:bd:2d:
42:29:26:4a:cc:65:67:b4:ab:94:71:8a:d2:74:2b:
a2:cc:2a:62:78:87:08:19:52:47:06:3e:e2:64:04:
95:9e:e9:ea:91:ab:1d:91:11:d8:99:69:87:a0:0f:
5a:cb:1a:b7:3d:78:7a:2c:60:6c:6c:0b:8c:4e:86:
9d:18:01:7f:29:17:84:52:85:95:f4:f3:4d:d4:7b:
29:06:22:2c:f7:c0:02:9e:78:7f:8d:5e:ef:9a:a0:
09:b0:23:2e:2d:7a:13:f7:d3:63:cc:bd:29:b5:6e:
dc:13:97:02:33:30:8d:79:89:c8:be:ae:62:82:4d:
35:9b:f5:fb:77:75:82:17:f7:6d:15:16:ba:c1:ad:
0a:6f:c7:26:cb:79:07:bb:fb:b4:6f:5f:c1:ab:03:
b0:1a:1e:14:2b:ad:96:c2:5a:16:85:95:61:44:1d:
5d:75:4a:ec:72:f7:09:57:0a:72:63:c4:16:73:c9:
bd:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:9E:15:CB:30:45:58:A3:A9:DD:D6:F2:69:49:D4:B6:93:F6:04:F8
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/tp4VyzBFWKOp3dbyaUnUtpP2BPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.0.0/23
IPv6:
2a09:fb86::/32
2a11:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
52:44:2e:66:2a:68:fd:b9:8c:aa:a8:92:82:da:63:d3:0e:25:
9a:cf:e3:bc:6d:97:81:58:de:d4:b8:d2:40:9b:fb:99:11:15:
43:c9:ba:cf:e0:4d:9b:f0:fe:f6:af:75:6b:34:f3:29:8e:6d:
9a:0a:ff:55:3e:96:f1:80:1f:0e:a1:7b:50:22:76:92:61:1b:
3c:c2:1e:e6:6c:bb:f7:04:67:99:ad:39:a0:8d:ab:b4:eb:ee:
a3:9d:d0:7d:36:ae:a6:cb:48:a6:21:9e:90:10:40:56:ee:c3:
aa:93:ac:37:d9:f0:4f:12:a0:e3:05:8c:64:ea:fc:72:25:d1:
37:fb:49:d5:67:0d:d9:e8:15:59:b9:76:9c:9f:00:31:bd:38:
26:81:f6:bb:43:6d:48:8b:7a:57:46:5c:24:85:40:b7:22:a5:
f3:79:fd:bb:23:2a:10:8f:26:33:c5:65:8a:d4:89:8e:67:b3:
f7:3e:52:fd:6d:db:7f:19:8a:d9:9e:cc:61:2b:b5:ce:0e:7f:
ff:c3:cf:54:94:8c:a0:6e:3c:f1:e6:ab:fc:db:2f:25:51:b4:
55:6e:46:ee:25:77:f5:ae:be:12:fa:fa:27:48:90:83:d2:be:
f2:61:99:8f:90:32:c6:27:36:bf:56:3f:2c:f5:ea:49:b5:10:
b6:c3:24:80
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKE+W2j35ArdJ7h+H4B/EoxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjQxMDEzMDgyMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjllMTVjYjMwNDU1OGEzYTlkZGQ2ZjI2OTQ5ZDRiNjkzZjYwNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/k4m8rPm9nJf6ttp5fC3xYSSQap
VFy4os6ATbtTqeibmqn9v6K1prqwzoIkHzOvmnYL7y7+msJAnrJtmnhO2J2q4FvE
5IflvS1CKSZKzGVntKuUcYrSdCuizCpieIcIGVJHBj7iZASVnunqkasdkRHYmWmH
oA9ayxq3PXh6LGBsbAuMToadGAF/KReEUoWV9PNN1HspBiIs98ACnnh/jV7vmqAJ
sCMuLXoT99NjzL0ptW7cE5cCMzCNeYnIvq5igk01m/X7d3WCF/dtFRa6wa0Kb8cm
y3kHu/u0b1/BqwOwGh4UK62WwloWhZVhRB1ddUrscvcJVwpyY8QWc8m9ewIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLaeFcswRVijqd3W8mlJ1LaT9gT4MB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvdHA0Vnl6QkZXS09wM2RieWFVblV0cFAyQlBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQBBbUAMBQE
AgACMA4DBQAqCfuGAwUAKhFuQDANBgkqhkiG9w0BAQsFAAOCAQEAUkQuZipo/bmM
qqiSgtpj0w4lms/jvG2XgVje1LjSQJv7mREVQ8m6z+BNm/D+9q91azTzKY5tmgr/
VT6W8YAfDqF7UCJ2kmEbPMIe5my79wRnma05oI2rtOvuo53QfTaupstIpiGekBBA
Vu7DqpOsN9nwTxKg4wWMZOr8ciXRN/tJ1WcN2egVWbl2nJ8AMb04JoH2u0NtSIt6
V0ZcJIVAtyKl83n9uyMqEI8mM8VlitSJjmez9z5S/W3bfxmK2Z7MYSu1zg5//8PP
VJSMoG488ear/NsvJVG0VW5G7iV39a6+Evr6J0iQg9K+8mGZj5Ayxic2v1Y/LPXq
SbUQtsMkgA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:40 2025 by rpki-client