Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/5w0GS6bn0HwELoG9_kslmyQieSI.roa
File: 5w0GS6bn0HwELoG9_kslmyQieSI.roa (raw, json)
Hash identifier: urKKW6C88PXpx/EvrORIbKavuZ4GdnrhY+l3Hu72azY=
Subject key identifier: E7:0D:06:4B:A6:E7:D0:7C:04:2E:81:BD:FE:4B:25:9B:24:22:79:22
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0194633DA4D98B84F5B98ABAE7B49BE011B0
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/5w0GS6bn0HwELoG9_kslmyQieSI.roa
Signing time: Tue 14 Jan 2025 05:16:11 +0000
ROA not before: Tue 14 Jan 2025 05:16:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48314
IP address blocks: 5.175.143.0/24 maxlen: 24
5.175.233.0/24 maxlen: 24
77.90.0.0/24 maxlen: 24
77.90.2.0/24 maxlen: 24
77.90.8.0/24 maxlen: 24
77.90.13.0/24 maxlen: 24
77.90.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Jan 2025 05:12:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:63:3d:a4:d9:8b:84:f5:b9:8a:ba:e7:b4:9b:e0:11:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 14 05:16:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e70d064ba6e7d07c042e81bdfe4b259b24227922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a3:0f:09:35:f6:e8:c2:1f:cf:23:ba:42:d3:
22:2b:19:30:3d:8d:d7:d9:62:6a:e3:0f:75:be:95:
67:da:86:92:92:d1:b8:65:0f:d0:1c:fa:a9:fd:92:
4d:1b:d8:99:6d:e5:ac:02:7b:40:6c:bf:0c:9f:ba:
9f:18:7f:65:fb:a0:75:76:fc:d1:35:e1:61:b6:cc:
46:dd:21:c1:a1:bf:44:96:ff:d8:f3:e1:e7:2b:8b:
11:62:99:df:b3:9c:8b:d4:3a:53:5f:8a:c1:dc:cc:
8f:ae:cc:3b:ed:2a:8b:84:bb:01:82:1b:22:00:2b:
63:a5:45:31:90:ac:ba:6c:b9:23:18:28:1f:1f:05:
b3:4c:90:27:8e:4e:31:ca:82:c3:15:79:08:69:4f:
c3:fc:62:b2:1d:2f:79:b2:7f:bf:c9:1a:b2:ab:e3:
01:28:ca:55:95:90:ba:70:af:e6:c9:70:8d:7d:28:
c0:28:fe:f4:3a:ae:60:52:cc:b6:69:4f:e3:74:59:
11:bd:2f:05:9f:66:12:2c:56:ec:78:e8:5b:b9:76:
4b:32:96:80:97:92:1e:0e:3b:7c:1e:e1:c4:4c:da:
cf:b6:f8:ef:33:7a:11:16:6c:37:03:b3:85:42:67:
a6:dd:53:43:a8:46:f5:60:14:30:6e:76:93:8b:35:
d1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:0D:06:4B:A6:E7:D0:7C:04:2E:81:BD:FE:4B:25:9B:24:22:79:22
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/5w0GS6bn0HwELoG9_kslmyQieSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.143.0/24
5.175.233.0/24
77.90.0.0/24
77.90.2.0/24
77.90.8.0/24
77.90.13.0/24
77.90.51.0/24
Signature Algorithm: sha256WithRSAEncryption
77:23:47:f7:ae:4e:85:7d:bc:cd:da:57:75:e9:93:5c:59:11:
4f:d1:25:54:6b:ed:d2:d5:6b:d1:aa:8f:1b:46:ae:dd:57:69:
d6:96:5b:93:e5:e4:22:0a:0a:58:3a:58:56:75:25:09:e2:9d:
77:ed:28:97:8f:28:d4:45:70:ac:fc:82:d7:6e:73:bb:b3:43:
35:51:e5:d6:b2:01:84:47:47:fd:0b:47:93:ad:4e:54:ca:fb:
51:1d:19:db:1d:5b:b4:db:c6:52:d1:bc:7f:86:ca:d5:28:14:
1c:c2:e3:97:39:f3:23:fc:a5:67:45:d7:98:ee:93:3e:84:f6:
f8:89:69:a0:71:7d:41:fb:df:59:9a:16:e8:70:2c:b3:f5:20:
81:3b:7d:d8:e0:5c:51:e5:ba:de:e5:4e:0a:1c:03:7b:28:99:
4b:c7:09:c6:21:bf:50:63:e9:ea:65:54:36:eb:a8:d2:03:04:
76:d6:9d:ed:9d:3b:4e:ca:ba:aa:95:83:7b:c2:aa:4c:17:74:
91:57:8e:4f:96:25:4c:3b:73:a4:7c:1f:2a:e5:5e:df:8e:b8:
76:cf:64:88:83:98:5a:d6:cf:45:dd:57:db:d8:1e:09:93:56:
6c:e7:0d:22:fa:35:00:cd:9e:9e:a6:5a:5c:b2:f9:8e:2d:3f:
ee:ea:f9:bf
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZRjPaTZi4T1uYq657Sb4BGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTE0MDUxNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzBkMDY0YmE2ZTdkMDdjMDQyZTgxYmRmZTRiMjU5YjI0MjI3OTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaMPCTX26MIfzyO6QtMiKxkwPY3X
2WJq4w91vpVn2oaSktG4ZQ/QHPqp/ZJNG9iZbeWsAntAbL8Mn7qfGH9l+6B1dvzR
NeFhtsxG3SHBob9Elv/Y8+HnK4sRYpnfs5yL1DpTX4rB3MyPrsw77SqLhLsBghsi
ACtjpUUxkKy6bLkjGCgfHwWzTJAnjk4xyoLDFXkIaU/D/GKyHS95sn+/yRqyq+MB
KMpVlZC6cK/myXCNfSjAKP70Oq5gUsy2aU/jdFkRvS8Fn2YSLFbseOhbuXZLMpaA
l5IeDjt8HuHETNrPtvjvM3oRFmw3A7OFQmem3VNDqEb1YBQwbnaTizXR9wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOcNBkum59B8BC6Bvf5LJZskInkiMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvNXcwR1M2Ym4wSHdFTG9HOV9rc2xteVFpZVNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABa+PAwQA
Ba/pAwQATVoAAwQATVoCAwQATVoIAwQATVoNAwQATVozMA0GCSqGSIb3DQEBCwUA
A4IBAQB3I0f3rk6FfbzN2ld16ZNcWRFP0SVUa+3S1WvRqo8bRq7dV2nWlluT5eQi
CgpYOlhWdSUJ4p137SiXjyjURXCs/ILXbnO7s0M1UeXWsgGER0f9C0eTrU5UyvtR
HRnbHVu028ZS0bx/hsrVKBQcwuOXOfMj/KVnRdeY7pM+hPb4iWmgcX1B+99Zmhbo
cCyz9SCBO33Y4FxR5bre5U4KHAN7KJlLxwnGIb9QY+nqZVQ266jSAwR21p3tnTtO
yrqqlYN7wqpMF3SRV45PliVMO3OkfB8q5V7fjrh2z2SIg5ha1s9F3Vfb2B4Jk1Zs
5w0i+jUAzZ6eplpcsvmOLT/u6vm/
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:23:01 2025 by rpki-client