Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/D45rX9vD8zZcYh-ohYRy1y4Wbyg.roa
File: D45rX9vD8zZcYh-ohYRy1y4Wbyg.roa (raw, json)
Hash identifier: oAr1b1gS4pPEpu05ZUoGMaZFMoL8d1EUH+0PXJXYmzY=
Subject key identifier: 0F:8E:6B:5F:DB:C3:F3:36:5C:62:1F:A8:85:84:72:D7:2E:16:6F:28
Certificate issuer: /CN=b14aaa9b084864f44bae18ba076b26067754fb62
Certificate serial: 018CCA2B170AEC40661C126464F3323D5C71
Authority key identifier: B1:4A:AA:9B:08:48:64:F4:4B:AE:18:BA:07:6B:26:06:77:54:FB:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUqqmwhIZPRLrhi6B2smBndU-2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/D45rX9vD8zZcYh-ohYRy1y4Wbyg.roa
Signing time: Tue 02 Jan 2024 12:34:30 +0000
ROA not before: Tue 02 Jan 2024 12:34:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60641
IP address blocks: 5.39.233.0/24 maxlen: 24
5.39.236.0/24 maxlen: 24
5.39.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:17:0a:ec:40:66:1c:12:64:64:f3:32:3d:5c:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14aaa9b084864f44bae18ba076b26067754fb62
Validity
Not Before: Jan 2 12:34:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f8e6b5fdbc3f3365c621fa8858472d72e166f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:07:00:4e:51:73:9f:e8:03:86:62:4b:8f:a8:
73:d5:58:b8:b2:c5:52:f2:f6:ff:17:ef:8c:19:95:
d9:e0:fb:37:7a:4e:f5:49:a1:89:a4:c6:0f:01:4d:
9d:74:95:ec:71:f8:3c:52:e9:f0:7b:2e:7e:58:3b:
c9:af:76:e9:8e:b6:c0:08:a5:00:2d:8d:f7:30:fd:
ca:40:92:3f:ab:b1:da:5d:46:dc:13:c3:43:63:26:
c5:56:b2:ef:3f:51:c5:79:e1:3f:cc:1e:a9:3c:15:
1e:42:53:6e:93:d1:aa:0f:9d:38:33:e5:17:b6:1a:
36:8c:a8:82:87:3d:31:60:7c:15:56:a0:7d:4b:e1:
2f:94:ac:82:9b:e7:fc:f2:14:f0:db:30:e4:d0:7e:
cd:24:b5:27:49:b2:13:76:82:db:dd:07:6b:6c:77:
7b:e6:26:e2:8e:f0:13:2c:38:a5:97:d8:32:06:70:
77:db:6c:26:79:88:bc:a9:e7:4f:89:f0:81:c9:56:
f3:99:d0:71:a8:18:6c:80:ba:80:ea:bd:a5:25:84:
a7:1d:1d:d7:75:28:94:91:98:98:da:c4:72:7c:13:
87:08:d3:84:a2:0b:8e:5f:60:46:d6:43:af:7f:0a:
02:73:31:de:84:fe:0c:5a:b3:69:f5:b4:8a:f4:a9:
41:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:8E:6B:5F:DB:C3:F3:36:5C:62:1F:A8:85:84:72:D7:2E:16:6F:28
X509v3 Authority Key Identifier:
keyid:B1:4A:AA:9B:08:48:64:F4:4B:AE:18:BA:07:6B:26:06:77:54:FB:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUqqmwhIZPRLrhi6B2smBndU-2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/D45rX9vD8zZcYh-ohYRy1y4Wbyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/sUqqmwhIZPRLrhi6B2smBndU-2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.233.0-5.39.234.255
5.39.236.0/24
Signature Algorithm: sha256WithRSAEncryption
56:86:d3:78:4b:72:02:4b:21:0c:4b:d3:33:44:da:7c:0e:0f:
8c:51:9a:20:a0:93:60:ca:f5:e4:82:0d:d1:7c:09:d5:06:41:
58:ba:42:f2:c7:4d:80:33:eb:0d:8c:83:d6:77:14:e0:7b:2a:
51:50:6e:45:c2:e6:c5:84:2e:11:ed:c8:6c:5f:32:9c:b2:13:
ec:90:e6:d1:47:87:8f:27:bc:dc:bc:a2:d1:93:1e:14:cd:15:
3c:a2:f6:25:fa:05:6e:a5:b9:48:2a:e3:5f:62:20:a4:8c:88:
43:d4:d8:a1:7d:be:95:6c:31:31:c6:dd:80:77:e9:da:75:e2:
db:7c:32:09:1d:06:05:29:6c:71:7c:4c:92:86:09:df:14:01:
ba:ca:48:cf:08:53:0b:18:3c:1c:c9:34:20:f3:e3:8d:e6:72:
bb:c9:b7:11:24:ac:94:ba:41:db:e2:bc:fc:77:66:15:86:dd:
e5:49:48:11:9f:96:d8:4e:83:f2:ae:36:c9:cf:91:3d:6d:f2:
bd:8d:5d:99:d7:08:89:ef:71:1d:68:b5:3b:27:b4:b4:d0:21:
f9:52:87:26:09:ad:df:fe:62:94:b5:ee:aa:31:fe:2a:33:9d:
bd:7f:83:5b:d1:de:f2:75:3f:be:89:26:95:07:73:35:84:ab:
a0:f0:10:92
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzKKxcK7EBmHBJkZPMyPVxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNGFhYTliMDg0ODY0ZjQ0YmFlMThiYTA3NmIyNjA2Nzc1
NGZiNjIwHhcNMjQwMTAyMTIzNDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjhlNmI1ZmRiYzNmMzM2NWM2MjFmYTg4NTg0NzJkNzJlMTY2ZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwcATlFzn+gDhmJLj6hz1Vi4ssVS
8vb/F++MGZXZ4Ps3ek71SaGJpMYPAU2ddJXscfg8Uunwey5+WDvJr3bpjrbACKUA
LY33MP3KQJI/q7HaXUbcE8NDYybFVrLvP1HFeeE/zB6pPBUeQlNuk9GqD504M+UX
tho2jKiChz0xYHwVVqB9S+EvlKyCm+f88hTw2zDk0H7NJLUnSbITdoLb3QdrbHd7
5ibijvATLDill9gyBnB322wmeYi8qedPifCByVbzmdBxqBhsgLqA6r2lJYSnHR3X
dSiUkZiY2sRyfBOHCNOEoguOX2BG1kOvfwoCczHehP4MWrNp9bSK9KlBIwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFA+Oa1/bw/M2XGIfqIWEctcuFm8oMB8GA1UdIwQY
MBaAFLFKqpsISGT0S64YugdrJgZ3VPtiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VxcW13aElaUFJMcmhpNkIyc21CbmRVLTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yMjdhZmEtZGRlYy00NjQ0LTk4MmEt
NThmYWEyN2U1NTQ5LzEvRDQ1clg5dkQ4elpjWWgtb2hZUnkxeTRXYnlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yMjdhZmEtZGRlYy00NjQ0LTk4MmEtNThmYWEyN2U1NTQ5
LzEvc1VxcW13aElaUFJMcmhpNkIyc21CbmRVLTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAFJ+kD
BAAFJ+oDBAAFJ+wwDQYJKoZIhvcNAQELBQADggEBAFaG03hLcgJLIQxL0zNE2nwO
D4xRmiCgk2DK9eSCDdF8CdUGQVi6QvLHTYAz6w2Mg9Z3FOB7KlFQbkXC5sWELhHt
yGxfMpyyE+yQ5tFHh48nvNy8otGTHhTNFTyi9iX6BW6luUgq419iIKSMiEPU2KF9
vpVsMTHG3YB36dp14tt8MgkdBgUpbHF8TJKGCd8UAbrKSM8IUwsYPBzJNCDz443m
crvJtxEkrJS6QdvivPx3ZhWG3eVJSBGflthOg/KuNsnPkT1t8r2NXZnXCInvcR1o
tTsntLTQIflShyYJrd/+YpS17qox/ioznb1/g1vR3vJ1P76JJpUHczWEq6DwEJI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:14 2025 by rpki-client