Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Tc4XJdoxZDdJlFuRT-rf11vUmvU.roa
File: Tc4XJdoxZDdJlFuRT-rf11vUmvU.roa (raw, json)
Hash identifier: BatS1vHbTV5toGVvo+T6eMmoNj5wcOfMJsrYdVhtkjo=
Subject key identifier: 4D:CE:17:25:DA:31:64:37:49:94:5B:91:4F:EA:DF:D7:5B:D4:9A:F5
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0194221FFC9D58140A799C9AE5B64DC58E07
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Tc4XJdoxZDdJlFuRT-rf11vUmvU.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31530
IP address blocks: 5.231.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Jan 2025 14:16:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:fc:9d:58:14:0a:79:9c:9a:e5:b6:4d:c5:8e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dce1725da31643749945b914feadfd75bd49af5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0c:ac:ba:15:4f:48:c1:64:9c:6f:08:cb:1a:
96:1e:c3:2f:83:64:3c:92:5e:09:a9:4e:24:aa:3e:
17:ea:00:be:dc:21:c9:61:3e:ed:d9:21:5a:ab:8f:
ce:a9:16:40:cc:ff:a6:23:cd:c1:ee:5a:6c:4e:2a:
3f:d2:67:d4:0a:4c:68:3a:3b:bc:4f:dd:7b:3e:f9:
0c:6e:26:5b:da:2a:1d:72:74:ee:f5:ac:07:c7:48:
13:07:e3:a5:cb:32:ed:b9:ea:df:e8:85:a5:4d:a4:
d0:cb:88:3e:d5:f2:ac:40:a0:06:15:c5:bc:0a:d9:
75:7f:e4:95:41:ef:b8:27:57:3a:0e:53:2e:98:94:
fa:2d:68:23:74:1b:8c:0b:23:7e:20:7d:5d:ce:1c:
54:ae:47:5e:0f:25:a4:23:11:6f:b8:f8:a6:f9:e8:
fb:77:81:30:98:91:eb:91:88:f4:41:52:25:8f:8e:
5b:26:eb:90:30:f0:64:e0:a8:29:21:82:79:7a:eb:
85:60:3e:5e:b4:72:38:46:2c:47:c0:66:52:6b:e7:
dc:83:03:ac:13:39:40:51:2b:7c:d4:05:c6:ef:e9:
23:5e:e0:fb:9a:10:01:ba:84:ac:81:32:08:f7:65:
f7:b5:b3:97:bd:46:61:38:8e:98:32:76:b8:1e:1f:
df:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:CE:17:25:DA:31:64:37:49:94:5B:91:4F:EA:DF:D7:5B:D4:9A:F5
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Tc4XJdoxZDdJlFuRT-rf11vUmvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.37.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:ee:c5:dc:64:f2:f8:53:48:e6:54:c3:4f:32:38:ea:be:a5:
d3:4c:62:52:64:d1:e9:60:bc:f8:b2:08:a0:3f:db:e1:56:25:
96:d8:9d:ea:d8:30:da:2f:db:c1:9c:e4:5e:7a:6c:f6:dd:2d:
23:54:89:5a:bb:e7:82:19:28:b3:13:78:97:99:bd:5d:6c:ea:
f6:e7:a5:30:e0:f8:c9:51:e0:52:11:84:e7:e1:d0:28:20:d7:
b8:8e:40:03:10:20:d8:89:bb:3f:36:43:d8:b0:83:2e:20:0b:
22:01:b3:8c:d0:b1:4c:b0:81:fe:2c:eb:d9:ad:28:09:a5:57:
55:2d:9a:7d:73:35:33:b9:f8:30:93:bc:35:6d:ba:8f:bb:b8:
44:1d:3c:85:d2:96:fe:c6:01:ea:0c:a2:45:92:c6:3c:61:74:
4a:1e:a9:c3:95:a0:82:35:bb:b8:c4:57:d5:30:1a:04:f6:90:
be:99:54:29:62:ff:4c:35:ed:ee:9c:9e:2f:95:97:64:bb:c0:
0b:16:5e:ff:12:92:87:c2:57:5e:fe:f5:6c:11:00:bf:93:dd:
f1:f3:cd:23:d3:52:14:92:ed:a0:4c:a7:82:11:6c:2d:a6:f8:
b8:08:42:93:b6:39:be:61:dc:47:ee:df:db:14:5c:96:6c:92:
f4:41:1b:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH/ydWBQKeZya5bZNxY4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGNlMTcyNWRhMzE2NDM3NDk5NDViOTE0ZmVhZGZkNzViZDQ5YWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAysuhVPSMFknG8IyxqWHsMvg2Q8
kl4JqU4kqj4X6gC+3CHJYT7t2SFaq4/OqRZAzP+mI83B7lpsTio/0mfUCkxoOju8
T917PvkMbiZb2iodcnTu9awHx0gTB+OlyzLtuerf6IWlTaTQy4g+1fKsQKAGFcW8
Ctl1f+SVQe+4J1c6DlMumJT6LWgjdBuMCyN+IH1dzhxUrkdeDyWkIxFvuPim+ej7
d4EwmJHrkYj0QVIlj45bJuuQMPBk4KgpIYJ5euuFYD5etHI4RixHwGZSa+fcgwOs
EzlAUSt81AXG7+kjXuD7mhABuoSsgTII92X3tbOXvUZhOI6YMna4Hh/f/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE3OFyXaMWQ3SZRbkU/q39db1Jr1MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvVGM0WEpkb3haRGRKbEZ1UlQtcmYxMXZVbXZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABeclMA0G
CSqGSIb3DQEBCwUAA4IBAQCa7sXcZPL4U0jmVMNPMjjqvqXTTGJSZNHpYLz4sgig
P9vhViWW2J3q2DDaL9vBnOReemz23S0jVIlau+eCGSizE3iXmb1dbOr256Uw4PjJ
UeBSEYTn4dAoINe4jkADECDYibs/NkPYsIMuIAsiAbOM0LFMsIH+LOvZrSgJpVdV
LZp9czUzufgwk7w1bbqPu7hEHTyF0pb+xgHqDKJFksY8YXRKHqnDlaCCNbu4xFfV
MBoE9pC+mVQpYv9MNe3unJ4vlZdku8ALFl7/EpKHwlde/vVsEQC/k93x880j01IU
ku2gTKeCEWwtpvi4CEKTtjm+YdxH7t/bFFyWbJL0QRsI
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:32:19 2025 by rpki-client