Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/8PvCzJD8OhNUWJB0kXwRdAPDAmE.roa
File: 8PvCzJD8OhNUWJB0kXwRdAPDAmE.roa (raw, json)
Hash identifier: wb6FP1PTYl0dVGt7wQRxLpZsQgw63LHsWy6MqTeeOfA=
Subject key identifier: F0:FB:C2:CC:90:FC:3A:13:54:58:90:74:91:7C:11:74:03:C3:02:61
Certificate issuer: /CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Certificate serial: 0194206835597A1BBDBBE8C614D7BCDAA3E4
Authority key identifier: 96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/8PvCzJD8OhNUWJB0kXwRdAPDAmE.roa
Signing time: Wed 01 Jan 2025 05:48:07 +0000
ROA not before: Wed 01 Jan 2025 05:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201826
IP address blocks: 5.42.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 13:14:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:35:59:7a:1b:bd:bb:e8:c6:14:d7:bc:da:a3:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Validity
Not Before: Jan 1 05:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0fbc2cc90fc3a1354589074917c117403c30261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:47:05:29:19:13:25:8f:ea:6c:ac:21:56:d6:
03:02:63:26:93:54:bb:ae:bf:7c:8f:0f:1c:66:be:
4d:8a:68:8a:9b:2f:e5:4f:e2:9a:ce:4b:46:13:f7:
ef:0a:72:26:4c:1f:99:56:e8:3b:1c:f6:a4:e4:82:
52:71:68:35:f3:d5:64:89:94:6a:fa:0d:93:45:2f:
a9:40:ef:d4:d6:b8:0c:28:3a:f3:4a:7b:02:e4:ed:
80:6f:5f:8a:be:0a:36:ff:91:23:41:ee:d9:29:e6:
06:1b:cb:d4:c5:18:06:9d:ac:27:21:9c:25:eb:7d:
87:97:82:4b:08:39:5e:6d:7f:c0:e0:e7:e8:88:c8:
ca:6d:a9:e0:0d:69:24:c2:a3:26:53:2f:e8:79:79:
67:f7:39:fb:e2:26:39:f9:99:f0:7b:6a:f7:88:a7:
20:09:12:54:d2:19:1e:e3:51:77:1f:bf:fb:93:69:
42:b2:60:cd:84:7b:b2:11:73:53:91:68:3d:c9:8f:
26:46:ae:41:b3:60:fc:9e:e8:7a:d6:ba:c4:f9:ee:
4d:fb:83:91:d9:77:dc:02:ac:06:e9:fc:0b:12:f6:
1a:b7:82:e1:71:c2:20:f8:e8:eb:69:2c:ca:5a:0e:
c4:a6:f7:74:de:fe:0d:44:00:98:55:35:5d:28:54:
3e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:FB:C2:CC:90:FC:3A:13:54:58:90:74:91:7C:11:74:03:C3:02:61
X509v3 Authority Key Identifier:
keyid:96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/8PvCzJD8OhNUWJB0kXwRdAPDAmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/lgYvXdsY-W14SSs1ONd0XMRxSiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.88.0/24
Signature Algorithm: sha256WithRSAEncryption
e6:a2:df:31:d5:8f:10:d7:87:f6:37:28:0a:8e:06:6e:23:8a:
2d:cd:fa:07:7a:90:07:6a:2e:36:65:bb:3b:58:a2:38:dc:50:
94:39:d3:eb:f9:ac:71:c8:7c:7d:80:5b:35:86:e1:ce:02:be:
06:eb:3b:85:05:76:f4:1a:28:b1:98:f6:c6:d9:7c:3f:3c:6f:
49:36:b4:32:b7:df:ce:62:82:6d:ed:1f:b1:43:91:78:2c:35:
d2:aa:6b:46:de:52:ed:95:00:74:d7:64:82:f6:e9:4c:7b:c7:
2a:da:2d:29:f0:fa:30:74:0c:ff:87:88:9e:ff:af:c6:5d:16:
d2:8e:09:05:af:b7:f1:f8:c7:c4:92:b6:bc:65:36:e3:c8:c0:
0b:c6:07:a2:53:97:d5:22:46:0d:ae:a4:b5:67:13:33:2a:2a:
69:f6:a8:70:49:2d:c1:58:eb:13:27:4c:63:7b:0b:72:eb:e2:
2b:a4:68:10:b5:c8:1a:bd:98:f1:fe:5b:9b:d6:04:2b:32:56:
4a:00:49:93:8a:88:bd:8a:de:db:a3:d0:4c:fb:fb:f9:ea:a5:
04:28:1d:83:2d:2f:2c:dd:6f:b0:91:e3:c8:cc:6d:f7:34:64:
ac:09:27:08:4b:43:b1:a3:38:7f:13:da:91:00:64:88:e5:86:
23:eb:bf:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaDVZehu9u+jGFNe82qPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MDYyZjVkZGIxOGY5NmQ3ODQ5MmIzNTM4ZDc3NDVjYzQ3
MTRhMjYwHhcNMjUwMTAxMDU0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGZiYzJjYzkwZmMzYTEzNTQ1ODkwNzQ5MTdjMTE3NDAzYzMwMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EcFKRkTJY/qbKwhVtYDAmMmk1S7
rr98jw8cZr5NimiKmy/lT+KazktGE/fvCnImTB+ZVug7HPak5IJScWg189VkiZRq
+g2TRS+pQO/U1rgMKDrzSnsC5O2Ab1+Kvgo2/5EjQe7ZKeYGG8vUxRgGnawnIZwl
632Hl4JLCDlebX/A4OfoiMjKbangDWkkwqMmUy/oeXln9zn74iY5+Znwe2r3iKcg
CRJU0hke41F3H7/7k2lCsmDNhHuyEXNTkWg9yY8mRq5Bs2D8nuh61rrE+e5N+4OR
2XfcAqwG6fwLEvYat4LhccIg+OjraSzKWg7Epvd03v4NRACYVTVdKFQ+hQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPD7wsyQ/DoTVFiQdJF8EXQDwwJhMB8GA1UdIwQY
MBaAFJYGL13bGPlteEkrNTjXdFzEcUomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmIt
M2ZjYjVmM2YzYzU5LzEvOFB2Q3pKRDhPaE5VV0pCMGtYd1JkQVBEQW1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmItM2ZjYjVmM2YzYzU5
LzEvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSpYMA0G
CSqGSIb3DQEBCwUAA4IBAQDmot8x1Y8Q14f2NygKjgZuI4otzfoHepAHai42Zbs7
WKI43FCUOdPr+axxyHx9gFs1huHOAr4G6zuFBXb0GiixmPbG2Xw/PG9JNrQyt9/O
YoJt7R+xQ5F4LDXSqmtG3lLtlQB012SC9ulMe8cq2i0p8PowdAz/h4ie/6/GXRbS
jgkFr7fx+MfEkra8ZTbjyMALxgeiU5fVIkYNrqS1ZxMzKipp9qhwSS3BWOsTJ0xj
ewty6+IrpGgQtcgavZjx/lub1gQrMlZKAEmTioi9it7bo9BM+/v56qUEKB2DLS8s
3W+wkePIzG33NGSsCScIS0Oxozh/E9qRAGSI5YYj67/w
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:16 2025 by rpki-client