Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Ts5jhgbWm65zWylSfi80OX2vB9E.roa
File: Ts5jhgbWm65zWylSfi80OX2vB9E.roa (raw, json)
Hash identifier: bJwPJ+5pA9o9SmSuxXT2v5DDpTvluQfS/6MD2GSoW9Q=
Subject key identifier: 4E:CE:63:86:06:D6:9B:AE:73:5B:29:52:7E:2F:34:39:7D:AF:07:D1
Certificate issuer: /CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Certificate serial: 0195AFF390AB6C17FDE78E490D6ECD9EC40F
Authority key identifier: 5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Ts5jhgbWm65zWylSfi80OX2vB9E.roa
Signing time: Wed 19 Mar 2025 19:48:49 +0000
ROA not before: Wed 19 Mar 2025 19:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58030
IP address blocks: 91.237.254.0/24 maxlen: 24
91.237.255.0/24 maxlen: 24
2001:67c:1158::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Mar 2025 10:39:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:af:f3:90:ab:6c:17:fd:e7:8e:49:0d:6e:cd:9e:c4:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Validity
Not Before: Mar 19 19:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ece638606d69bae735b29527e2f34397daf07d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ff:5b:37:bd:2f:9e:29:e8:7d:26:f5:ce:65:
b4:f0:0a:cd:67:6b:73:16:04:76:a9:f7:da:c1:b1:
af:b9:91:27:82:e6:aa:63:13:84:d7:54:8b:99:37:
79:11:f5:22:c0:c8:c2:a1:42:e2:c8:fe:c0:29:37:
36:f1:14:0a:95:aa:5f:fc:d9:eb:aa:c1:d6:1f:16:
ca:62:e0:d1:12:db:2a:db:6a:48:18:ab:3f:be:43:
00:52:7e:54:71:08:16:b6:2e:00:56:25:bd:2d:df:
33:c5:27:a9:14:eb:6f:3a:6b:b9:9a:e2:e2:2c:ef:
8e:c5:13:12:6b:6e:28:88:58:6f:f0:eb:6f:85:fa:
2a:d1:04:19:47:ba:21:72:94:50:76:48:72:ac:37:
99:11:8e:77:54:c4:a1:24:77:75:aa:04:38:70:3d:
70:fc:7a:4a:00:c3:b9:21:ca:45:05:b5:e0:d0:c9:
65:81:ce:b6:46:e5:6a:c4:70:b4:ea:c4:a2:84:4c:
e8:d7:2e:3d:27:ae:4b:ac:03:97:ed:ec:21:7e:d8:
a4:da:1b:80:22:bb:20:4c:d9:5d:64:c4:5f:86:d7:
63:91:a0:83:52:df:9e:b5:dd:c1:22:2e:8d:6a:52:
18:86:74:4d:d4:fb:1d:d8:7f:17:53:5b:91:8c:ce:
75:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:CE:63:86:06:D6:9B:AE:73:5B:29:52:7E:2F:34:39:7D:AF:07:D1
X509v3 Authority Key Identifier:
keyid:5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Ts5jhgbWm65zWylSfi80OX2vB9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.254.0/23
IPv6:
2001:67c:1158::/48
Signature Algorithm: sha256WithRSAEncryption
43:9f:b1:8e:8e:86:57:df:e8:36:60:e2:e2:c4:ca:29:db:b5:
e7:1a:78:3b:6c:48:27:8f:e6:31:29:80:dd:03:ad:c4:62:45:
38:88:b8:04:ae:50:4c:f5:7b:b4:23:89:29:f1:7c:cf:ba:1d:
c0:a7:61:11:3f:27:cd:11:62:5c:3c:2f:1c:84:ce:80:fa:d1:
35:5e:60:7c:f4:33:e8:2a:e6:de:32:35:72:89:b3:1e:5c:7b:
fc:71:36:e8:d3:f4:be:31:cb:85:b3:0e:68:6c:65:8a:06:f8:
75:c7:d0:71:e4:74:0c:cb:96:7c:0e:ef:12:5c:c1:47:c1:07:
d0:ed:11:23:44:a2:fe:2f:40:d4:6a:f1:a5:2f:83:8e:f6:a2:
10:a7:63:e7:fa:8e:49:2e:50:0b:e4:fc:f6:7a:3e:bc:92:5c:
73:c7:6c:9b:96:88:0b:85:41:42:0a:5f:1d:49:00:ea:f9:8e:
ec:df:93:8e:54:71:14:c0:8a:38:c0:dc:f6:86:0a:a0:65:96:
d0:1f:90:13:da:1c:c8:73:97:b6:1e:61:a4:03:7f:43:b6:84:
71:57:19:3c:88:73:65:32:25:6c:16:45:4b:d0:77:b6:36:48:
13:be:8b:02:71:1b:53:7d:5c:db:96:1a:24:93:6e:f8:dc:80:
49:8c:43:53
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZWv85CrbBf9545JDW7NnsQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNWU2NmIyNzU5ZTUwYmI2OWJiMGE0NDA5ZWViM2JhNDhj
NDZjNTYwHhcNMjUwMzE5MTk0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWNlNjM4NjA2ZDY5YmFlNzM1YjI5NTI3ZTJmMzQzOTdkYWYwN2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf9bN70vninofSb1zmW08ArNZ2tz
FgR2qffawbGvuZEnguaqYxOE11SLmTd5EfUiwMjCoULiyP7AKTc28RQKlapf/Nnr
qsHWHxbKYuDREtsq22pIGKs/vkMAUn5UcQgWti4AViW9Ld8zxSepFOtvOmu5muLi
LO+OxRMSa24oiFhv8Otvhfoq0QQZR7ohcpRQdkhyrDeZEY53VMShJHd1qgQ4cD1w
/HpKAMO5IcpFBbXg0Mllgc62RuVqxHC06sSihEzo1y49J65LrAOX7ewhftik2huA
IrsgTNldZMRfhtdjkaCDUt+etd3BIi6NalIYhnRN1Psd2H8XU1uRjM51DwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE7OY4YG1puuc1spUn4vNDl9rwfRMB8GA1UdIwQY
MBaAFFpeZrJ1nlC7absKRAnus7pIxGxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWIt
NjUzZjIzOWZlOWEwLzEvVHM1amhnYldtNjV6V3lsU2ZpODBPWDJ2QjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWItNjUzZjIzOWZlOWEw
LzEvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW+3+MA8E
AgACMAkDBwAgAQZ8EVgwDQYJKoZIhvcNAQELBQADggEBAEOfsY6Ohlff6DZg4uLE
yinbtecaeDtsSCeP5jEpgN0DrcRiRTiIuASuUEz1e7QjiSnxfM+6HcCnYRE/J80R
Ylw8LxyEzoD60TVeYHz0M+gq5t4yNXKJsx5ce/xxNujT9L4xy4WzDmhsZYoG+HXH
0HHkdAzLlnwO7xJcwUfBB9DtESNEov4vQNRq8aUvg472ohCnY+f6jkkuUAvk/PZ6
PrySXHPHbJuWiAuFQUIKXx1JAOr5juzfk45UcRTAijjA3PaGCqBlltAfkBPaHMhz
l7YeYaQDf0O2hHFXGTyIc2UyJWwWRUvQd7Y2SBO+iwJxG1N9XNuWGiSTbvjcgEmM
Q1M=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:49:41 2025 by rpki-client