Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/t646WIM-Hu-A12VVYPKnxqCQV60.roa
File: t646WIM-Hu-A12VVYPKnxqCQV60.roa (raw, json)
Hash identifier: /KgctHbA9zi5EL/akfOBKwNxgBV3oSWdrmvDcAhC9XY=
Subject key identifier: B7:AE:3A:58:83:3E:1E:EF:80:D7:65:55:60:F2:A7:C6:A0:90:57:AD
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCCDBE8EDCE7BE0D882D8F23674577
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/t646WIM-Hu-A12VVYPKnxqCQV60.roa
Signing time: Tue 02 Jan 2024 10:34:02 +0000
ROA not before: Tue 02 Jan 2024 10:34:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9049
IP address blocks: 5.3.85.0/24 maxlen: 24
188.234.152.0/21 maxlen: 24
2a02:2698:a100::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:cd:be:8e:dc:e7:be:0d:88:2d:8f:23:67:45:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7ae3a58833e1eef80d7655560f2a7c6a09057ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e4:9d:17:d3:c1:c2:e0:0f:5f:52:2a:35:c2:
c7:f8:59:20:28:2d:e3:40:6e:46:08:d8:38:01:8e:
db:f7:2c:fd:f6:79:56:e4:04:8f:11:8b:ea:6a:3e:
15:7d:6d:11:87:d2:03:b6:6b:30:35:dc:c0:5e:76:
87:7c:64:0c:74:e4:00:04:03:00:90:cb:0a:69:e3:
e1:5b:47:67:a6:13:25:b3:cb:bf:ec:37:88:d5:81:
53:86:44:95:86:7e:7b:36:a4:ff:2a:5c:9f:a0:76:
68:5c:b9:74:63:f0:be:ca:0b:3b:9b:0f:82:82:a5:
cc:dc:d8:8f:c4:0c:d7:1f:0b:82:eb:30:e9:d5:4a:
0a:bc:c1:bb:6f:86:71:d9:ac:5e:1a:97:aa:e3:e4:
0c:5f:8f:95:ec:3e:dd:36:44:57:49:1b:b3:dd:43:
48:0d:45:2c:53:14:02:90:c4:06:4d:99:37:e5:b5:
ff:2c:9d:74:a7:99:76:85:05:e3:95:3a:08:76:cd:
13:16:9f:30:97:ab:f4:67:fb:9a:0a:d7:12:91:71:
c6:53:96:a6:bf:40:00:f8:50:27:5e:88:0b:d0:16:
c6:bf:0f:f5:54:80:fb:d5:51:e4:85:99:69:b6:b9:
60:54:15:31:51:dc:4f:25:8b:ef:d7:ed:0a:60:68:
d0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:AE:3A:58:83:3E:1E:EF:80:D7:65:55:60:F2:A7:C6:A0:90:57:AD
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/t646WIM-Hu-A12VVYPKnxqCQV60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.3.85.0/24
188.234.152.0/21
IPv6:
2a02:2698:a100::/40
Signature Algorithm: sha256WithRSAEncryption
7b:c7:0a:ce:9b:e5:83:82:9f:81:2d:04:16:91:31:25:b2:6d:
e2:be:40:34:d5:52:44:16:07:34:56:51:30:de:7e:de:93:18:
2c:24:b6:22:28:f0:1c:9b:77:b8:d9:b1:eb:60:ec:0c:ff:0f:
97:9a:0f:86:c4:9c:60:0c:03:ad:9f:06:f5:6d:e6:07:52:c0:
c0:eb:54:18:b4:0d:dd:ee:2e:b6:12:41:0e:c9:6f:9d:29:fb:
25:ad:2e:ca:ea:87:32:1f:72:09:c7:2f:0d:e2:4a:08:ab:97:
b5:05:55:4a:13:71:d4:60:74:59:74:66:a5:73:46:cc:82:26:
5f:a5:98:6b:84:fb:4f:fc:4a:e4:a4:ca:ea:ca:f3:31:11:45:
26:c7:38:d2:fa:0c:f1:09:ba:fe:7c:b7:cd:5c:49:27:59:8d:
49:2f:70:dd:c1:b5:c7:8d:47:f9:45:86:6d:43:9c:09:d7:f2:
38:ee:f2:a0:c4:d9:e8:22:9b:77:3b:87:f7:64:da:31:4a:4d:
de:06:1b:b7:10:92:48:8c:87:e5:c3:9c:f0:aa:fa:0c:39:5e:
6e:b7:99:24:3f:51:5a:c7:9c:6a:59:bb:ad:57:70:00:ac:60:
07:75:37:8d:50:c2:c1:25:d1:f6:8b:09:d5:40:47:ad:b0:01:
bf:be:c3:11
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzJvM2+jtznvg2ILY8jZ0V3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2FlM2E1ODgzM2UxZWVmODBkNzY1NTU2MGYyYTdjNmEwOTA1N2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOSdF9PBwuAPX1IqNcLH+FkgKC3j
QG5GCNg4AY7b9yz99nlW5ASPEYvqaj4VfW0Rh9IDtmswNdzAXnaHfGQMdOQABAMA
kMsKaePhW0dnphMls8u/7DeI1YFThkSVhn57NqT/KlyfoHZoXLl0Y/C+ygs7mw+C
gqXM3NiPxAzXHwuC6zDp1UoKvMG7b4Zx2axeGpeq4+QMX4+V7D7dNkRXSRuz3UNI
DUUsUxQCkMQGTZk35bX/LJ10p5l2hQXjlToIds0TFp8wl6v0Z/uaCtcSkXHGU5am
v0AA+FAnXogL0BbGvw/1VID71VHkhZlptrlgVBUxUdxPJYvv1+0KYGjQmwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLeuOliDPh7vgNdlVWDyp8agkFetMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvdDY0NldJTS1IdS1BMTJWVllQS254cUNRVjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQABQNVAwQD
vOqYMA4EAgACMAgDBgAqAiaYoTANBgkqhkiG9w0BAQsFAAOCAQEAe8cKzpvlg4Kf
gS0EFpExJbJt4r5ANNVSRBYHNFZRMN5+3pMYLCS2IijwHJt3uNmx62DsDP8Pl5oP
hsScYAwDrZ8G9W3mB1LAwOtUGLQN3e4uthJBDslvnSn7Ja0uyuqHMh9yCccvDeJK
CKuXtQVVShNx1GB0WXRmpXNGzIImX6WYa4T7T/xK5KTK6srzMRFFJsc40voM8Qm6
/ny3zVxJJ1mNSS9w3cG1x41H+UWGbUOcCdfyOO7yoMTZ6CKbdzuH92TaMUpN3gYb
txCSSIyH5cOc8Kr6DDlebreZJD9RWsecalm7rVdwAKxgB3U3jVDCwSXR9osJ1UBH
rbABv77DEQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:47 2025 by rpki-client