Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/ox0d8c1Jt--WcG-34aLq7o2ESqY.roa
File: ox0d8c1Jt--WcG-34aLq7o2ESqY.roa (raw, json)
Hash identifier: bYroUaagq/eC2hKhQG35R97DAuOkzmxv6zEvciKe1uE=
Subject key identifier: A3:1D:1D:F1:CD:49:B7:EF:96:70:6F:B7:E1:A2:EA:EE:8D:84:4A:A6
Certificate issuer: /CN=5ff4bc6137c540a89b9173cc2de32eb04c9e6eae
Certificate serial: 018CC8DDAB213EBBC7532C4A0789EC647144
Authority key identifier: 5F:F4:BC:61:37:C5:40:A8:9B:91:73:CC:2D:E3:2E:B0:4C:9E:6E:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X_S8YTfFQKibkXPMLeMusEyebq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/ox0d8c1Jt--WcG-34aLq7o2ESqY.roa
Signing time: Tue 02 Jan 2024 06:30:19 +0000
ROA not before: Tue 02 Jan 2024 06:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15644
IP address blocks: 5.61.68.0/24 maxlen: 24
5.61.71.0/24 maxlen: 24
5.61.69.0/24 maxlen: 24
5.61.70.0/24 maxlen: 24
5.61.64.0/21 maxlen: 21
2a01:52c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:ab:21:3e:bb:c7:53:2c:4a:07:89:ec:64:71:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ff4bc6137c540a89b9173cc2de32eb04c9e6eae
Validity
Not Before: Jan 2 06:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a31d1df1cd49b7ef96706fb7e1a2eaee8d844aa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:11:4d:b3:3b:b2:1b:c3:6d:f3:26:6f:bb:18:
3b:53:83:1e:e3:8c:e7:2f:7c:d7:6b:6c:2c:7e:10:
ef:14:1f:e7:43:17:5f:8c:28:1d:81:37:70:e0:62:
56:18:04:f0:7a:0a:ca:f0:29:6c:b4:09:02:c9:80:
3e:13:dc:13:c9:5a:5e:ac:f7:a4:e3:49:a3:e8:d1:
10:dd:62:b9:64:d7:48:e2:e9:3d:28:62:b8:f1:76:
34:6b:2a:29:44:88:f8:da:8f:2f:a6:30:cd:9b:3d:
a1:a7:02:7f:d2:d3:51:4a:8d:e1:12:b2:aa:d2:2d:
18:ba:21:8e:60:c9:2b:0a:38:0b:22:c1:a7:6b:f1:
2d:dc:eb:60:cd:45:e3:ad:b1:18:1a:1e:d6:0e:01:
bf:54:0e:24:0c:07:17:ee:fd:45:c9:29:5a:7b:69:
15:f3:ab:09:e8:f4:b4:99:de:ef:92:aa:61:fa:ad:
59:8a:41:7a:5d:a7:d5:58:c8:d1:8e:13:26:10:1c:
ec:1e:78:e6:c2:f6:22:56:b2:93:69:0c:6d:86:97:
0a:a3:cb:5b:04:68:9b:ea:07:49:6f:4c:32:72:e1:
c6:bd:1d:c0:26:c5:e3:88:ea:ce:7e:85:57:d1:44:
a0:e8:19:87:c4:2d:57:55:06:1f:93:45:14:26:56:
ed:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:1D:1D:F1:CD:49:B7:EF:96:70:6F:B7:E1:A2:EA:EE:8D:84:4A:A6
X509v3 Authority Key Identifier:
keyid:5F:F4:BC:61:37:C5:40:A8:9B:91:73:CC:2D:E3:2E:B0:4C:9E:6E:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X_S8YTfFQKibkXPMLeMusEyebq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/ox0d8c1Jt--WcG-34aLq7o2ESqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/X_S8YTfFQKibkXPMLeMusEyebq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.64.0/21
IPv6:
2a01:52c0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:f0:91:63:2a:6c:e0:1b:b1:26:54:05:db:64:5a:c1:d7:c2:
cf:f2:48:46:0d:40:c1:3c:f1:68:13:bf:09:34:92:0a:4f:d1:
d7:2b:93:a6:ce:a5:2f:ea:e4:d8:29:43:75:99:bb:ce:d9:75:
25:fe:e1:ca:9c:77:7b:a5:84:c8:5e:52:b7:2d:b3:e4:3f:74:
ec:63:a6:d3:f6:7b:84:e0:e8:e1:2c:45:c9:c1:d2:03:bd:cd:
62:a7:50:30:f9:0a:f7:fe:f8:04:50:8a:62:c1:e8:f9:3c:56:
d4:c8:b1:56:bc:d0:e9:4e:2a:c3:7c:9a:f5:67:b2:24:3f:e2:
58:84:34:54:83:be:47:18:37:c0:af:c0:d6:fe:22:3e:c9:cc:
fb:89:7d:d6:a8:26:dd:5e:49:ed:d3:32:73:46:72:7f:51:81:
8e:5d:3e:42:87:46:58:59:65:12:02:fe:6a:ea:d1:4a:35:80:
dc:82:bf:f2:7a:19:b2:b1:e7:1c:84:90:fe:04:6e:67:65:c6:
c8:a9:bd:e0:d2:d6:98:c8:ca:32:35:1a:9d:f5:15:8a:2a:0a:
18:ce:ef:f4:32:7a:9a:a8:18:2c:d5:92:b5:22:3b:33:7d:b9:
cd:61:b4:a5:95:be:78:d3:3d:b7:04:79:2c:f3:f0:7e:c8:f9:
0d:fa:1e:48
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3ashPrvHUyxKB4nsZHFEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZjRiYzYxMzdjNTQwYTg5YjkxNzNjYzJkZTMyZWIwNGM5
ZTZlYWUwHhcNMjQwMTAyMDYzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzFkMWRmMWNkNDliN2VmOTY3MDZmYjdlMWEyZWFlZThkODQ0YWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7xFNszuyG8Nt8yZvuxg7U4Me44zn
L3zXa2wsfhDvFB/nQxdfjCgdgTdw4GJWGATwegrK8ClstAkCyYA+E9wTyVperPek
40mj6NEQ3WK5ZNdI4uk9KGK48XY0ayopRIj42o8vpjDNmz2hpwJ/0tNRSo3hErKq
0i0YuiGOYMkrCjgLIsGna/Et3OtgzUXjrbEYGh7WDgG/VA4kDAcX7v1FySlae2kV
86sJ6PS0md7vkqph+q1ZikF6XafVWMjRjhMmEBzsHnjmwvYiVrKTaQxthpcKo8tb
BGib6gdJb0wycuHGvR3AJsXjiOrOfoVX0USg6BmHxC1XVQYfk0UUJlbtCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKMdHfHNSbfvlnBvt+Gi6u6NhEqmMB8GA1UdIwQY
MBaAFF/0vGE3xUCom5FzzC3jLrBMnm6uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWF9TOFlUZkZRS2lia1hQTUxlTXVzRXllYnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jMDExY2EtNDU2Yi00ZjUxLWJjOGIt
MDA1Y2I0ZGNhNjNmLzEvb3gwZDhjMUp0LS1XY0ctMzRhTHE3bzJFU3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jMDExY2EtNDU2Yi00ZjUxLWJjOGItMDA1Y2I0ZGNhNjNm
LzEvWF9TOFlUZkZRS2lia1hQTUxlTXVzRXllYnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBT1AMA0E
AgACMAcDBQAqAVLAMA0GCSqGSIb3DQEBCwUAA4IBAQAN8JFjKmzgG7EmVAXbZFrB
18LP8khGDUDBPPFoE78JNJIKT9HXK5OmzqUv6uTYKUN1mbvO2XUl/uHKnHd7pYTI
XlK3LbPkP3TsY6bT9nuE4OjhLEXJwdIDvc1ip1Aw+Qr3/vgEUIpiwej5PFbUyLFW
vNDpTirDfJr1Z7IkP+JYhDRUg75HGDfAr8DW/iI+ycz7iX3WqCbdXknt0zJzRnJ/
UYGOXT5Ch0ZYWWUSAv5q6tFKNYDcgr/yehmysecchJD+BG5nZcbIqb3g0taYyMoy
NRqd9RWKKgoYzu/0MnqaqBgs1ZK1IjszfbnNYbSllb540z23BHks8/B+yPkN+h5I
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:28 2025 by rpki-client