Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uS5wlwA_dZyXsG1P-P5Y9-mpXc8.roa
File: uS5wlwA_dZyXsG1P-P5Y9-mpXc8.roa (raw, json)
Hash identifier: 8corXAu4BCL6SuH7zgWNsAb0Pv9vMWie0FrrWybiHkg=
Subject key identifier: B9:2E:70:97:00:3F:75:9C:97:B0:6D:4F:F8:FE:58:F7:E9:A9:5D:CF
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0196EE72EA6F2F485882306E854BF0380B35
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uS5wlwA_dZyXsG1P-P5Y9-mpXc8.roa
Signing time: Tue 20 May 2025 16:07:10 +0000
ROA not before: Tue 20 May 2025 16:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 150654
IP address blocks: 163.5.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 May 2025 12:19:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ee:72:ea:6f:2f:48:58:82:30:6e:85:4b:f0:38:0b:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 20 16:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b92e7097003f759c97b06d4ff8fe58f7e9a95dcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b5:58:b6:fc:ac:d4:62:e2:1f:c7:88:13:6a:
f4:40:36:fd:e7:b0:64:78:89:38:18:7e:0a:15:39:
6a:62:d8:9e:3c:2a:52:70:b5:3c:8b:e7:ea:76:86:
4f:b5:d7:64:91:49:50:6b:65:6c:5d:6f:9b:5d:48:
6e:a6:7b:54:ab:6c:81:e8:8a:88:98:32:b1:10:aa:
6e:f2:c9:4b:73:00:ed:a6:48:01:3a:21:2e:fc:08:
68:85:14:30:be:63:52:56:e3:83:63:da:60:aa:ad:
87:25:ae:62:6d:10:65:4e:61:28:1a:a7:58:1d:56:
08:fc:2b:62:ad:65:08:b3:71:b4:94:d3:1b:59:02:
f3:9b:05:7a:75:ba:87:89:de:d2:bb:17:43:b4:f0:
da:c6:6d:26:56:5f:f0:de:f9:70:d9:9e:1a:3e:78:
9c:f2:9b:8b:2b:7a:b5:36:5c:ad:12:0d:04:95:ba:
2c:5a:55:16:10:b5:6a:d1:46:41:b6:02:d8:38:33:
5f:9e:83:0a:2e:20:f3:a7:e4:4d:b0:29:0e:05:92:
bc:a4:79:64:ec:5f:b0:44:21:06:a3:3e:72:06:19:
1b:01:92:29:95:54:ff:55:fb:ff:dd:97:26:b7:d6:
58:86:85:f1:da:12:93:dc:34:ef:2b:5a:3f:fb:fa:
6f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:2E:70:97:00:3F:75:9C:97:B0:6D:4F:F8:FE:58:F7:E9:A9:5D:CF
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uS5wlwA_dZyXsG1P-P5Y9-mpXc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.191.0/24
Signature Algorithm: sha256WithRSAEncryption
12:6e:e2:31:0e:df:17:5c:50:07:90:c0:9c:02:6f:b7:0f:1e:
27:f9:48:30:46:06:fa:ff:da:75:b3:b4:ca:f2:e4:07:22:34:
1a:e7:ba:af:5b:27:11:56:89:a3:2f:59:09:06:0e:cf:55:a2:
bb:13:3a:47:b5:cd:0a:6d:8b:58:61:65:bc:c9:2e:0f:ac:c9:
c2:3f:d4:5f:2b:93:14:9b:6b:38:3c:f5:f7:36:e8:8f:a7:11:
06:d8:9a:f2:77:15:9d:9b:a9:76:02:5e:e5:57:5f:1e:49:df:
f0:b3:3c:a8:d2:5a:5f:2b:68:1c:88:d7:94:98:e0:ac:7e:da:
fe:00:e2:df:21:15:91:63:d9:16:74:65:b2:a1:e9:d4:67:6c:
0f:f6:98:07:aa:14:5e:d9:ed:4b:89:c4:e8:ff:cc:90:5b:f2:
5f:39:cc:d9:09:bf:43:94:80:7e:79:29:ca:7d:21:3b:e8:69:
dd:fe:b6:fe:85:d2:ec:e5:8f:65:6f:01:22:38:58:75:2f:4f:
de:52:c5:2c:c9:ad:0d:81:58:53:d9:23:58:df:07:b1:1b:a0:
4b:04:99:05:b7:3c:d6:ea:04:4a:0d:9c:c9:23:3a:6f:5c:2f:
43:75:3e:79:18:bf:47:90:71:56:84:0c:af:92:56:21:04:5b:
b4:2c:12:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbucupvL0hYgjBuhUvwOAs1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNTIwMTYwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTJlNzA5NzAwM2Y3NTljOTdiMDZkNGZmOGZlNThmN2U5YTk1ZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7VYtvys1GLiH8eIE2r0QDb957Bk
eIk4GH4KFTlqYtiePCpScLU8i+fqdoZPtddkkUlQa2VsXW+bXUhupntUq2yB6IqI
mDKxEKpu8slLcwDtpkgBOiEu/AhohRQwvmNSVuODY9pgqq2HJa5ibRBlTmEoGqdY
HVYI/CtirWUIs3G0lNMbWQLzmwV6dbqHid7SuxdDtPDaxm0mVl/w3vlw2Z4aPnic
8puLK3q1NlytEg0ElbosWlUWELVq0UZBtgLYODNfnoMKLiDzp+RNsCkOBZK8pHlk
7F+wRCEGoz5yBhkbAZIplVT/Vfv/3Zcmt9ZYhoXx2hKT3DTvK1o/+/pvOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLkucJcAP3Wcl7BtT/j+WPfpqV3PMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdVM1d2x3QV9kWnlYc0cxUC1QNVk5LW1wWGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowW/MA0G
CSqGSIb3DQEBCwUAA4IBAQASbuIxDt8XXFAHkMCcAm+3Dx4n+UgwRgb6/9p1s7TK
8uQHIjQa57qvWycRVomjL1kJBg7PVaK7EzpHtc0KbYtYYWW8yS4PrMnCP9RfK5MU
m2s4PPX3NuiPpxEG2JrydxWdm6l2Al7lV18eSd/wszyo0lpfK2gciNeUmOCsftr+
AOLfIRWRY9kWdGWyoenUZ2wP9pgHqhRe2e1LicTo/8yQW/JfOczZCb9DlIB+eSnK
fSE76Gnd/rb+hdLs5Y9lbwEiOFh1L0/eUsUsya0NgVhT2SNY3wexG6BLBJkFtzzW
6gRKDZzJIzpvXC9DdT55GL9HkHFWhAyvklYhBFu0LBK0
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:29:50 2025 by rpki-client