Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/sQsi0qkNd2CNF-r8njHXWRj0leI.roa
File: sQsi0qkNd2CNF-r8njHXWRj0leI.roa (raw, json)
Hash identifier: iw3/K/GTVEIhwqSV7mOZOWKbFGXY4fFyKJhBnlcla4c=
Subject key identifier: B1:0B:22:D2:A9:0D:77:60:8D:17:EA:FC:9E:31:D7:59:18:F4:95:E2
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0194221FFCDD17496032FF5B095BB8131A30
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/sQsi0qkNd2CNF-r8njHXWRj0leI.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34899
IP address blocks: 5.231.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 07:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:fc:dd:17:49:60:32:ff:5b:09:5b:b8:13:1a:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b10b22d2a90d77608d17eafc9e31d75918f495e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:72:85:8c:b4:71:6a:e1:12:51:59:c5:3b:f1:
17:90:77:3a:ae:08:b7:be:b9:3a:74:6b:46:f1:dd:
61:06:64:6e:8c:21:ff:7f:fd:4a:fe:eb:1e:17:f0:
57:ee:f2:57:84:2e:0e:70:e2:1e:e9:81:65:58:4a:
ae:20:2c:1d:bb:c1:62:a1:e1:7b:9b:6a:0c:6c:7a:
23:05:7f:06:00:4e:80:04:b1:67:6b:53:9d:9e:25:
69:8c:dc:6f:4a:d8:35:5f:61:31:2e:de:8f:67:28:
fa:b0:8c:1a:c6:21:5e:06:77:cf:04:56:96:9e:69:
16:a4:4c:ee:1e:32:91:fe:38:36:ab:e8:54:a0:79:
fd:22:20:24:f8:cd:39:cd:e4:1d:48:38:4a:86:77:
28:52:1b:18:29:ea:4a:58:71:f8:82:b3:d2:85:a4:
b2:a1:72:0c:17:e1:dc:9c:4a:32:f6:54:3d:e1:b2:
4e:8f:f6:24:6f:be:09:f6:92:96:b6:9f:f8:41:1c:
10:c6:1e:73:8f:29:db:1c:bb:50:4e:08:c5:d0:45:
72:b1:7c:ee:2c:c7:3a:82:f2:67:6f:0d:f5:14:2e:
31:1b:ed:1e:e9:46:83:44:fc:2f:d9:62:23:d7:85:
fe:a3:bf:b8:74:45:b5:d0:eb:7d:15:50:f7:62:5d:
11:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:0B:22:D2:A9:0D:77:60:8D:17:EA:FC:9E:31:D7:59:18:F4:95:E2
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/sQsi0qkNd2CNF-r8njHXWRj0leI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.39.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:c6:45:f2:5d:52:03:40:8f:8b:ea:0a:09:c4:49:0f:49:0d:
62:58:d6:67:44:76:dd:70:e1:e0:61:5b:4b:f1:44:ab:7b:04:
75:3a:32:a4:e7:a8:e1:19:ac:49:20:57:1b:35:5c:02:cd:a8:
b9:3b:d2:88:25:a3:44:33:f1:27:a9:4d:bc:ab:2b:d4:a1:05:
46:9a:4d:01:45:df:8d:d8:7c:1b:16:e7:23:b4:a2:b7:6d:7d:
85:aa:c9:a3:9b:c7:7a:6b:91:80:7d:91:84:92:cf:55:2d:d4:
ab:af:0b:e3:eb:6c:40:4a:6e:9f:b1:4b:cb:0a:17:e4:84:bb:
aa:5e:98:60:85:ac:b7:fa:13:7a:21:f7:58:10:36:81:96:86:
0b:2a:b2:47:99:32:53:65:73:a1:65:da:7f:1e:55:f4:ee:f8:
84:e3:c4:ae:df:37:2f:f1:48:15:82:ba:cd:26:32:86:c7:9e:
72:70:dc:c2:bf:58:ef:1b:8f:3f:17:32:3d:2c:e1:49:fe:43:
a2:12:b6:fc:af:f8:8c:56:6d:fe:72:54:f9:0b:6d:87:37:7c:
d6:62:07:bb:6b:96:30:9c:c6:84:a9:19:49:3d:f0:14:f6:5a:
67:e0:db:ce:3e:33:35:dc:0e:56:20:63:1b:97:be:b8:dc:3f:
66:8b:f4:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH/zdF0lgMv9bCVu4ExowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTBiMjJkMmE5MGQ3NzYwOGQxN2VhZmM5ZTMxZDc1OTE4ZjQ5NWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HKFjLRxauESUVnFO/EXkHc6rgi3
vrk6dGtG8d1hBmRujCH/f/1K/useF/BX7vJXhC4OcOIe6YFlWEquICwdu8FioeF7
m2oMbHojBX8GAE6ABLFna1OdniVpjNxvStg1X2ExLt6PZyj6sIwaxiFeBnfPBFaW
nmkWpEzuHjKR/jg2q+hUoHn9IiAk+M05zeQdSDhKhncoUhsYKepKWHH4grPShaSy
oXIMF+HcnEoy9lQ94bJOj/Ykb74J9pKWtp/4QRwQxh5zjynbHLtQTgjF0EVysXzu
LMc6gvJnbw31FC4xG+0e6UaDRPwv2WIj14X+o7+4dEW10Ot9FVD3Yl0RGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLELItKpDXdgjRfq/J4x11kY9JXiMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvc1FzaTBxa05kMkNORi1yOG5qSFhXUmowbGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABecnMA0G
CSqGSIb3DQEBCwUAA4IBAQDLxkXyXVIDQI+L6goJxEkPSQ1iWNZnRHbdcOHgYVtL
8USrewR1OjKk56jhGaxJIFcbNVwCzai5O9KIJaNEM/EnqU28qyvUoQVGmk0BRd+N
2HwbFucjtKK3bX2Fqsmjm8d6a5GAfZGEks9VLdSrrwvj62xASm6fsUvLChfkhLuq
Xphghay3+hN6IfdYEDaBloYLKrJHmTJTZXOhZdp/HlX07viE48Su3zcv8UgVgrrN
JjKGx55ycNzCv1jvG48/FzI9LOFJ/kOiErb8r/iMVm3+clT5C22HN3zWYge7a5Yw
nMaEqRlJPfAU9lpn4NvOPjM13A5WIGMbl7643D9mi/TI
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:20:39 2025 by rpki-client