Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/OkooSdPKMvy8bD8roA16amubXmY.roa
File: OkooSdPKMvy8bD8roA16amubXmY.roa (raw, json)
Hash identifier: 2lOzBp1npzHlIPysJ9TAzHYKKdfJCjx0g7U3l2jnkhE=
Subject key identifier: 3A:4A:28:49:D3:CA:32:FC:BC:6C:3F:2B:A0:0D:7A:6A:6B:9B:5E:66
Certificate issuer: /CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Certificate serial: 01942068385DA05653D249AB735B6CA1ADFD
Authority key identifier: 96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/OkooSdPKMvy8bD8roA16amubXmY.roa
Signing time: Wed 01 Jan 2025 05:48:08 +0000
ROA not before: Wed 01 Jan 2025 05:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215826
IP address blocks: 5.42.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 07:22:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:38:5d:a0:56:53:d2:49:ab:73:5b:6c:a1:ad:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Validity
Not Before: Jan 1 05:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a4a2849d3ca32fcbc6c3f2ba00d7a6a6b9b5e66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:42:29:d1:66:c6:09:09:dc:3b:0e:c1:05:ee:
d2:28:16:44:46:9e:ec:9f:63:d4:a0:2e:b1:d9:07:
6e:5b:1a:87:e1:90:56:9e:ef:a2:3c:eb:dd:29:62:
ff:18:b0:ec:87:3f:c7:73:b0:ef:47:a9:a7:20:c7:
7e:f0:c1:a6:44:44:c1:a3:e2:be:45:e9:c7:73:01:
d3:6b:2a:44:c4:58:36:b0:d9:97:ed:25:fc:55:6b:
6b:0a:21:18:be:0a:94:42:0b:30:62:f8:55:f7:2d:
25:3c:1f:77:f2:7f:b3:f9:d9:83:85:cb:fa:11:99:
ea:42:ca:1f:1e:53:6d:48:4d:7f:b6:ec:64:4c:f4:
93:8c:80:6a:d0:81:4e:98:80:01:74:a5:48:bc:9b:
92:fa:06:68:af:c2:84:0b:c9:39:ae:b0:41:4e:46:
0b:89:6e:10:a3:0b:16:ac:ae:37:c4:22:94:a3:7f:
f6:68:97:49:f3:9c:e1:79:05:b8:26:6a:75:bd:e4:
47:9b:11:2f:68:bc:ed:2f:98:be:5e:c0:94:98:cd:
1e:2d:a5:23:3e:4a:0b:bd:d0:e3:a6:42:ea:0f:11:
8e:70:0a:fb:70:47:59:97:fb:4b:6f:22:5e:77:ec:
5d:39:f6:1d:06:91:23:6e:5a:f5:6a:63:c9:79:92:
cd:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:4A:28:49:D3:CA:32:FC:BC:6C:3F:2B:A0:0D:7A:6A:6B:9B:5E:66
X509v3 Authority Key Identifier:
keyid:96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/OkooSdPKMvy8bD8roA16amubXmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/lgYvXdsY-W14SSs1ONd0XMRxSiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.92.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ed:93:8b:5a:1b:90:6f:f3:f9:74:23:72:75:4f:61:9d:0e:
7e:23:a3:d6:ea:5c:8c:a7:7d:a6:14:56:90:04:3b:7c:1d:f3:
5c:36:7b:fe:d3:f1:82:b6:b8:c8:0e:8f:96:b4:e4:92:a5:2b:
04:01:27:c4:fe:bf:3b:03:21:ad:8c:9a:1c:da:43:03:09:ed:
56:33:75:10:68:9a:3e:c0:dc:78:6a:9f:3f:3b:74:28:64:03:
8a:dc:e4:fa:59:3d:fb:bc:d8:a5:24:24:1a:a7:ec:6e:df:29:
5c:91:2b:99:f6:e4:06:4a:7e:2f:00:ec:27:5b:2d:41:57:6d:
b8:4b:f1:74:b7:cc:75:46:74:8e:70:7f:3c:d2:8c:fd:f4:88:
4c:eb:fe:1b:57:b0:6d:32:af:cb:ac:96:97:61:66:1f:8e:67:
bc:25:0d:ef:a3:54:ed:ef:d6:b2:81:0e:e8:31:bf:cf:fe:21:
c7:c3:b6:00:ae:67:ab:9d:6d:28:b2:2f:b7:8d:5d:94:47:d9:
c9:fd:63:1c:d4:1d:56:62:65:cd:3d:b5:b2:f0:dc:22:9a:c1:
4c:dd:9b:fb:73:ad:78:c0:40:aa:e8:ab:1e:5e:4b:3f:0e:e2:
cd:64:5e:2a:07:5d:23:96:6a:09:bc:6f:94:4c:62:9c:08:81:
ef:23:a5:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaDhdoFZT0kmrc1tsoa39MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MDYyZjVkZGIxOGY5NmQ3ODQ5MmIzNTM4ZDc3NDVjYzQ3
MTRhMjYwHhcNMjUwMTAxMDU0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTRhMjg0OWQzY2EzMmZjYmM2YzNmMmJhMDBkN2E2YTZiOWI1ZTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEIp0WbGCQncOw7BBe7SKBZERp7s
n2PUoC6x2QduWxqH4ZBWnu+iPOvdKWL/GLDshz/Hc7DvR6mnIMd+8MGmRETBo+K+
RenHcwHTaypExFg2sNmX7SX8VWtrCiEYvgqUQgswYvhV9y0lPB938n+z+dmDhcv6
EZnqQsofHlNtSE1/tuxkTPSTjIBq0IFOmIABdKVIvJuS+gZor8KEC8k5rrBBTkYL
iW4QowsWrK43xCKUo3/2aJdJ85zheQW4Jmp1veRHmxEvaLztL5i+XsCUmM0eLaUj
PkoLvdDjpkLqDxGOcAr7cEdZl/tLbyJed+xdOfYdBpEjblr1amPJeZLNXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDpKKEnTyjL8vGw/K6ANemprm15mMB8GA1UdIwQY
MBaAFJYGL13bGPlteEkrNTjXdFzEcUomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmIt
M2ZjYjVmM2YzYzU5LzEvT2tvb1NkUEtNdnk4YkQ4cm9BMTZhbXViWG1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmItM2ZjYjVmM2YzYzU5
LzEvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSpcMA0G
CSqGSIb3DQEBCwUAA4IBAQBa7ZOLWhuQb/P5dCNydU9hnQ5+I6PW6lyMp32mFFaQ
BDt8HfNcNnv+0/GCtrjIDo+WtOSSpSsEASfE/r87AyGtjJoc2kMDCe1WM3UQaJo+
wNx4ap8/O3QoZAOK3OT6WT37vNilJCQap+xu3ylckSuZ9uQGSn4vAOwnWy1BV224
S/F0t8x1RnSOcH880oz99IhM6/4bV7BtMq/LrJaXYWYfjme8JQ3vo1Tt79aygQ7o
Mb/P/iHHw7YArmernW0osi+3jV2UR9nJ/WMc1B1WYmXNPbWy8NwimsFM3Zv7c614
wECq6KseXks/DuLNZF4qB10jlmoJvG+UTGKcCIHvI6VJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:25 2025 by rpki-client