Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/34536a-771a-4775-b2bd-cac8ed76a844/1/xTGRvSgDK1jGfJp0nlUaE5WE4vI.roa
File: xTGRvSgDK1jGfJp0nlUaE5WE4vI.roa (raw, json)
Hash identifier: w/jLgcqvIQum9SagfjL3XeUFm08M4G4EfFOIE2h5Q+Q=
Subject key identifier: C5:31:91:BD:28:03:2B:58:C6:7C:9A:74:9E:55:1A:13:95:84:E2:F2
Certificate issuer: /CN=5b8a16522ec34b1c5bc4708206cc1963a15bbdb1
Certificate serial: 018CC3B6ED7F9A6FBDB09A92E32A7822A13C
Authority key identifier: 5B:8A:16:52:2E:C3:4B:1C:5B:C4:70:82:06:CC:19:63:A1:5B:BD:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W4oWUi7DSxxbxHCCBswZY6FbvbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/34536a-771a-4775-b2bd-cac8ed76a844/1/xTGRvSgDK1jGfJp0nlUaE5WE4vI.roa
Signing time: Mon 01 Jan 2024 06:29:54 +0000
ROA not before: Mon 01 Jan 2024 06:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212905
IP address blocks: 5.182.247.0/24 maxlen: 24
178.159.35.0/24 maxlen: 24
2a0c:d200::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ed:7f:9a:6f:bd:b0:9a:92:e3:2a:78:22:a1:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b8a16522ec34b1c5bc4708206cc1963a15bbdb1
Validity
Not Before: Jan 1 06:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c53191bd28032b58c67c9a749e551a139584e2f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:01:8c:ef:fd:ba:ce:5d:12:c0:25:00:90:55:
85:bd:74:2e:3a:51:f4:07:e8:02:f1:d2:fc:a8:94:
1b:b2:92:d0:b0:20:cf:32:62:7a:d2:07:63:cd:2b:
a2:b3:2c:7e:3e:99:c6:dd:4c:c5:b0:e5:a4:12:d0:
21:25:3a:1b:61:44:04:19:28:28:b6:a8:c7:0f:69:
47:7c:f1:78:0f:98:4d:e1:66:6e:f1:10:d6:9c:1e:
ec:7a:3c:cb:27:b7:2b:2d:e1:df:d4:83:2b:56:4a:
87:eb:35:36:9e:8c:15:f1:4b:80:ef:c3:ff:54:a0:
5b:ff:bf:d3:ee:54:03:de:a3:89:b1:83:c2:82:13:
63:b6:b6:ea:a8:c7:53:ad:f6:88:a2:b8:98:9b:3f:
ff:46:4f:1a:ce:f4:b2:7c:85:1e:98:80:84:60:12:
bc:e4:22:72:f8:67:ae:2d:fa:f6:d8:c0:0b:41:90:
90:79:22:e1:e4:ce:93:b9:82:8c:2b:a5:66:e3:2d:
8d:78:27:5f:e5:22:dd:76:1a:36:08:4b:ac:02:87:
91:18:e6:36:b3:f6:f9:40:bc:87:d2:02:6f:81:a4:
6d:ec:f9:99:05:41:eb:4c:17:d8:0e:cd:b2:92:d1:
cd:da:34:88:55:be:b3:a0:4c:2b:42:76:46:c4:82:
11:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:31:91:BD:28:03:2B:58:C6:7C:9A:74:9E:55:1A:13:95:84:E2:F2
X509v3 Authority Key Identifier:
keyid:5B:8A:16:52:2E:C3:4B:1C:5B:C4:70:82:06:CC:19:63:A1:5B:BD:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W4oWUi7DSxxbxHCCBswZY6FbvbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/34536a-771a-4775-b2bd-cac8ed76a844/1/xTGRvSgDK1jGfJp0nlUaE5WE4vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/34536a-771a-4775-b2bd-cac8ed76a844/1/W4oWUi7DSxxbxHCCBswZY6FbvbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.247.0/24
178.159.35.0/24
IPv6:
2a0c:d200::/48
Signature Algorithm: sha256WithRSAEncryption
01:13:6a:64:93:3c:59:4c:16:6f:f9:82:c0:5c:d8:69:80:a2:
a2:41:9d:fd:83:f1:26:a9:0c:b1:47:52:01:e1:30:53:57:fb:
f6:65:db:42:72:5e:6f:08:d6:5f:d7:91:84:c0:e8:58:23:a4:
6a:a4:87:f9:9f:3c:c0:84:bd:cb:10:26:54:0d:78:04:d9:0a:
50:a9:fb:31:0d:41:0a:d0:89:83:20:a5:e0:77:b1:2d:47:b2:
70:cc:e7:d0:df:f7:05:18:22:11:cb:04:3d:dc:02:d2:4d:d2:
6e:21:3a:aa:ab:d1:7a:9e:75:45:c0:84:13:76:a3:66:22:4a:
cf:42:67:1b:11:29:c9:8f:f6:67:f4:af:5e:58:5d:fa:f3:63:
6a:7b:4a:24:ce:7e:8a:99:8f:88:0e:c5:d6:ba:d6:ad:7b:75:
26:17:7a:88:9d:91:4f:3d:57:d1:c9:44:5c:dc:1b:f3:58:28:
d7:20:58:a6:4c:bc:21:7f:c5:98:e3:a7:aa:37:c9:25:5b:06:
a5:20:48:6b:f2:7e:f9:d7:04:4f:7e:af:6f:88:2b:be:5d:df:
4a:10:92:e8:ef:7b:76:4e:9d:e8:93:5f:50:c9:8a:85:ba:b1:
23:b5:24:b1:c3:25:6b:46:48:f1:21:14:7a:00:f9:cb:7c:70:
fe:d3:16:bf
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDtu1/mm+9sJqS4yp4IqE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViOGExNjUyMmVjMzRiMWM1YmM0NzA4MjA2Y2MxOTYzYTE1
YmJkYjEwHhcNMjQwMTAxMDYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTMxOTFiZDI4MDMyYjU4YzY3YzlhNzQ5ZTU1MWExMzk1ODRlMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigGM7/26zl0SwCUAkFWFvXQuOlH0
B+gC8dL8qJQbspLQsCDPMmJ60gdjzSuisyx+PpnG3UzFsOWkEtAhJTobYUQEGSgo
tqjHD2lHfPF4D5hN4WZu8RDWnB7sejzLJ7crLeHf1IMrVkqH6zU2nowV8UuA78P/
VKBb/7/T7lQD3qOJsYPCghNjtrbqqMdTrfaIoriYmz//Rk8azvSyfIUemICEYBK8
5CJy+GeuLfr22MALQZCQeSLh5M6TuYKMK6Vm4y2NeCdf5SLddho2CEusAoeRGOY2
s/b5QLyH0gJvgaRt7PmZBUHrTBfYDs2yktHN2jSIVb6zoEwrQnZGxIIR9QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMUxkb0oAytYxnyadJ5VGhOVhOLyMB8GA1UdIwQY
MBaAFFuKFlIuw0scW8RwggbMGWOhW72xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzRvV1VpN0RTeHhieEhDQ0Jzd1pZNkZidmJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8zNDUzNmEtNzcxYS00Nzc1LWIyYmQt
Y2FjOGVkNzZhODQ0LzEveFRHUnZTZ0RLMWpHZkpwMG5sVWFFNVdFNHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8zNDUzNmEtNzcxYS00Nzc1LWIyYmQtY2FjOGVkNzZhODQ0
LzEvVzRvV1VpN0RTeHhieEhDQ0Jzd1pZNkZidmJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQABbb3AwQA
sp8jMA8EAgACMAkDBwAqDNIAAAAwDQYJKoZIhvcNAQELBQADggEBAAETamSTPFlM
Fm/5gsBc2GmAoqJBnf2D8SapDLFHUgHhMFNX+/Zl20JyXm8I1l/XkYTA6FgjpGqk
h/mfPMCEvcsQJlQNeATZClCp+zENQQrQiYMgpeB3sS1HsnDM59Df9wUYIhHLBD3c
AtJN0m4hOqqr0XqedUXAhBN2o2YiSs9CZxsRKcmP9mf0r15YXfrzY2p7SiTOfoqZ
j4gOxda61q17dSYXeoidkU89V9HJRFzcG/NYKNcgWKZMvCF/xZjjp6o3ySVbBqUg
SGvyfvnXBE9+r2+IK75d30oQkujve3ZOneiTX1DJioW6sSO1JLHDJWtGSPEhFHoA
+ct8cP7TFr8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:33:20 2025 by rpki-client