Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1SJaRFH_hlgup0qs570wlpF3K78.roa
File: 1SJaRFH_hlgup0qs570wlpF3K78.roa (raw, json)
Hash identifier: Cj8wRWJ9xz5NphaxqlrkVCRE/TuOdjm3WK45Q3UJ3X8=
Subject key identifier: D5:22:5A:44:51:FF:86:58:2E:A7:4A:AC:E7:BD:30:96:91:77:2B:BF
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01943C2C88B0469BA200BFCEC0444A1B927B
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1SJaRFH_hlgup0qs570wlpF3K78.roa
Signing time: Mon 06 Jan 2025 15:12:19 +0000
ROA not before: Mon 06 Jan 2025 15:12:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31142
IP address blocks: 5.231.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Jan 2025 18:44:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3c:2c:88:b0:46:9b:a2:00:bf:ce:c0:44:4a:1b:92:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 6 15:12:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5225a4451ff86582ea74aace7bd309691772bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:de:14:fe:ee:09:b2:e2:0f:d2:73:dc:30:a6:
0e:85:2f:31:6f:f3:25:1a:87:f5:4a:f8:4a:16:9d:
7c:dc:97:25:d4:1e:c9:a3:da:bb:1a:22:15:c8:50:
20:2c:fb:11:c0:7f:1b:08:1a:ae:1a:02:46:d0:7a:
5a:c0:c1:7e:b8:4d:43:19:02:0a:07:04:c3:3a:f9:
67:1b:a7:33:8c:7a:56:e1:a6:b6:8a:f7:70:ae:ba:
e6:20:d5:9d:a6:a2:6c:67:1b:1f:94:6c:e7:8a:9d:
25:32:cc:29:52:44:17:8d:a1:51:e4:0d:0b:cb:f4:
f9:cd:57:22:5a:13:aa:6f:44:78:4d:60:05:f6:04:
26:78:24:cf:c8:5f:14:aa:b0:07:f0:85:71:5f:f4:
61:e7:c5:d7:fc:46:47:f4:81:b7:1f:94:5b:3e:7e:
48:74:ce:49:2a:cb:19:11:4b:df:b0:f3:4b:63:ec:
91:2f:2e:5c:f8:28:73:df:7e:6d:31:18:f6:04:81:
6f:6c:d3:29:a6:92:b8:38:ad:fd:85:62:b3:bc:f6:
0f:4c:5a:7a:bb:21:39:0c:b5:4c:0a:fe:6c:ec:ea:
d4:f6:07:d4:60:fc:e0:2e:a6:3c:c2:1f:af:9a:69:
f3:b1:88:8f:e0:41:56:da:31:65:d5:29:0b:a9:b1:
59:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:22:5A:44:51:FF:86:58:2E:A7:4A:AC:E7:BD:30:96:91:77:2B:BF
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1SJaRFH_hlgup0qs570wlpF3K78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.254.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:fa:2e:60:ae:76:95:6d:ee:29:bd:da:c2:bf:2b:1e:10:ce:
ee:36:32:03:9c:c5:16:e3:20:7f:44:c6:30:15:dd:d3:cc:61:
ac:d0:32:e6:c8:75:72:e0:c6:e8:be:69:ac:ff:8b:3e:03:1d:
77:16:dc:43:c3:4e:a7:f6:ca:2d:2b:a9:f8:18:7c:ec:4f:e1:
89:f6:a9:7f:74:e8:22:51:2a:ba:85:4d:a6:9f:e8:f3:72:07:
c5:8f:53:55:f8:27:d8:b1:0a:72:5f:43:82:22:2a:e9:b2:59:
2b:3d:43:d3:ea:07:a2:04:f9:40:10:2e:7c:c6:9f:85:44:37:
71:e5:ba:d8:83:56:43:2e:03:ed:66:db:15:ce:65:7d:ed:2f:
f0:46:e2:54:aa:cb:ad:bc:08:73:b2:67:28:bd:a0:b6:af:77:
c1:2e:3f:fe:57:d1:21:17:6b:29:bf:eb:02:37:7a:da:30:e8:
d7:b9:1c:0a:60:f6:38:42:2f:91:26:dc:1c:95:1d:99:82:fd:
20:9f:63:ad:34:4b:95:1f:be:d5:9a:48:94:ff:16:73:5d:c0:
26:cc:57:a7:1e:03:02:ac:62:75:a9:81:80:33:20:49:5d:63:
55:ef:0e:b8:3f:74:78:5f:4e:50:ca:e9:d3:4d:b1:19:e8:af:
d7:67:ce:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQ8LIiwRpuiAL/OwERKG5J7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTA2MTUxMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTIyNWE0NDUxZmY4NjU4MmVhNzRhYWNlN2JkMzA5NjkxNzcyYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw94U/u4JsuIP0nPcMKYOhS8xb/Ml
Gof1SvhKFp183Jcl1B7Jo9q7GiIVyFAgLPsRwH8bCBquGgJG0HpawMF+uE1DGQIK
BwTDOvlnG6czjHpW4aa2ivdwrrrmINWdpqJsZxsflGznip0lMswpUkQXjaFR5A0L
y/T5zVciWhOqb0R4TWAF9gQmeCTPyF8UqrAH8IVxX/Rh58XX/EZH9IG3H5RbPn5I
dM5JKssZEUvfsPNLY+yRLy5c+Chz335tMRj2BIFvbNMpppK4OK39hWKzvPYPTFp6
uyE5DLVMCv5s7OrU9gfUYPzgLqY8wh+vmmnzsYiP4EFW2jFl1SkLqbFZ/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNUiWkRR/4ZYLqdKrOe9MJaRdyu/MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMVNKYVJGSF9obGd1cDBxczU3MHdscEYzSzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABef+MA0G
CSqGSIb3DQEBCwUAA4IBAQCa+i5grnaVbe4pvdrCvyseEM7uNjIDnMUW4yB/RMYw
Fd3TzGGs0DLmyHVy4Mbovmms/4s+Ax13FtxDw06n9sotK6n4GHzsT+GJ9ql/dOgi
USq6hU2mn+jzcgfFj1NV+CfYsQpyX0OCIirpslkrPUPT6geiBPlAEC58xp+FRDdx
5brYg1ZDLgPtZtsVzmV97S/wRuJUqsutvAhzsmcovaC2r3fBLj/+V9EhF2spv+sC
N3raMOjXuRwKYPY4Qi+RJtwclR2Zgv0gn2OtNEuVH77VmkiU/xZzXcAmzFenHgMC
rGJ1qYGAMyBJXWNV7w64P3R4X05QyunTTbEZ6K/XZ87B
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:22:53 2025 by rpki-client