Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/Y5GGkwcKhGJF1lCIrKcdAW6sqv4.roa
File: Y5GGkwcKhGJF1lCIrKcdAW6sqv4.roa (raw, json)
Hash identifier: RetxX4S+QsNLnF9SbJfiGrQdWvGjZ4osX9OeJuimA2E=
Subject key identifier: 63:91:86:93:07:0A:84:62:45:D6:50:88:AC:A7:1D:01:6E:AC:AA:FE
Certificate issuer: /CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Certificate serial: 019155D665136A882B3F50354809439CC936
Authority key identifier: 96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/Y5GGkwcKhGJF1lCIrKcdAW6sqv4.roa
Signing time: Thu 15 Aug 2024 11:39:59 +0000
ROA not before: Thu 15 Aug 2024 11:39:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212165
IP address blocks: 5.42.90.0/24 maxlen: 24
5.42.91.0/24 maxlen: 24
5.42.93.0/24 maxlen: 24
2a13:5980::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:55:d6:65:13:6a:88:2b:3f:50:35:48:09:43:9c:c9:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Validity
Not Before: Aug 15 11:39:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63918693070a846245d65088aca71d016eacaafe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ec:c7:cd:86:a8:ff:00:0b:6e:b8:cf:ef:ee:
8a:59:bb:c6:f0:4b:f4:11:d1:3d:5a:78:8a:37:89:
fb:e3:d6:fc:51:a7:86:68:b4:33:7b:c3:42:09:7f:
7b:3a:e6:ea:f7:a8:e9:59:e3:47:a3:9a:dd:3f:e0:
af:e8:d5:b6:e3:48:5c:38:ec:2b:ab:ba:27:72:8a:
2a:c0:1b:3e:ed:a7:ee:d1:01:8f:f5:96:1f:0a:f0:
1f:ca:72:77:5e:dd:8c:6b:ec:65:8e:b4:57:20:1a:
03:62:9c:cc:e4:8a:90:19:28:1d:6b:33:f2:f9:44:
1e:82:6f:e4:eb:dc:6e:9a:a0:18:02:99:04:58:de:
2d:b4:0b:6f:fd:ca:5d:fa:ac:13:5c:26:4f:32:ce:
a1:ef:91:d6:de:86:af:52:47:3e:86:16:fa:75:5d:
a8:5c:a9:a8:e8:43:12:ae:3f:52:99:c4:1f:2d:27:
ae:30:42:d9:6a:21:60:16:51:66:c5:20:69:2b:b4:
29:4c:60:cd:93:b9:54:79:d1:e9:7f:12:c5:32:03:
e9:b0:24:d6:d4:6c:d4:ed:58:4b:2b:6c:56:e7:18:
76:3f:00:a0:4f:8a:2e:74:f1:b1:f5:94:5c:2f:90:
a0:9a:d4:ec:65:6c:3d:02:ce:8d:17:1f:b9:34:2f:
d2:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:91:86:93:07:0A:84:62:45:D6:50:88:AC:A7:1D:01:6E:AC:AA:FE
X509v3 Authority Key Identifier:
keyid:96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/Y5GGkwcKhGJF1lCIrKcdAW6sqv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/lgYvXdsY-W14SSs1ONd0XMRxSiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.90.0/23
5.42.93.0/24
IPv6:
2a13:5980::/29
Signature Algorithm: sha256WithRSAEncryption
1f:7e:54:80:f4:fb:2d:1e:3c:26:1c:ad:c0:c4:ba:93:b6:58:
c5:d2:f3:a9:75:52:cb:f4:26:8d:7a:19:1d:17:e5:fe:89:a5:
ed:eb:3c:34:c8:48:7c:52:14:ce:71:8b:c5:31:db:ad:a0:46:
1f:57:44:36:ac:5a:36:63:37:c9:62:ad:14:58:e0:b1:7f:57:
6f:7d:b9:7b:31:20:38:88:f6:f0:63:4b:a7:4f:0c:41:e2:6b:
ca:69:fb:92:27:f4:c5:c3:5b:93:5f:c5:12:3b:3b:75:28:76:
85:49:04:9c:99:00:bb:cd:a2:f3:62:57:45:09:c9:95:2d:db:
8c:6a:27:c5:d4:4d:73:3d:5a:33:0a:6a:35:78:40:a1:ba:01:
d9:9a:88:dd:dc:be:cc:0a:d4:89:ca:15:2f:c7:b8:12:56:7f:
3c:d9:98:66:76:14:16:9a:f1:57:fe:c8:e2:09:16:84:09:6c:
b2:76:b1:79:7f:2b:c1:37:af:dd:10:af:93:49:37:4f:6c:1c:
45:b3:61:9c:2f:98:38:24:db:ba:96:92:36:ac:0e:e1:fa:bf:
f4:55:2e:d3:89:22:21:04:37:f8:6d:71:16:7c:32:9c:ad:ee:
aa:61:f5:da:45:07:6f:ef:7c:53:e0:22:e1:e4:e2:91:c0:49:
8a:5a:74:cb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZFV1mUTaogrP1A1SAlDnMk2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MDYyZjVkZGIxOGY5NmQ3ODQ5MmIzNTM4ZDc3NDVjYzQ3
MTRhMjYwHhcNMjQwODE1MTEzOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzkxODY5MzA3MGE4NDYyNDVkNjUwODhhY2E3MWQwMTZlYWNhYWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApezHzYao/wALbrjP7+6KWbvG8Ev0
EdE9WniKN4n749b8UaeGaLQze8NCCX97Oubq96jpWeNHo5rdP+Cv6NW240hcOOwr
q7oncooqwBs+7afu0QGP9ZYfCvAfynJ3Xt2Ma+xljrRXIBoDYpzM5IqQGSgdazPy
+UQegm/k69xumqAYApkEWN4ttAtv/cpd+qwTXCZPMs6h75HW3oavUkc+hhb6dV2o
XKmo6EMSrj9SmcQfLSeuMELZaiFgFlFmxSBpK7QpTGDNk7lUedHpfxLFMgPpsCTW
1GzU7VhLK2xW5xh2PwCgT4oudPGx9ZRcL5CgmtTsZWw9As6NFx+5NC/SDQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGORhpMHCoRiRdZQiKynHQFurKr+MB8GA1UdIwQY
MBaAFJYGL13bGPlteEkrNTjXdFzEcUomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmIt
M2ZjYjVmM2YzYzU5LzEvWTVHR2t3Y0toR0pGMWxDSXJLY2RBVzZzcXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmItM2ZjYjVmM2YzYzU5
LzEvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBBSpaAwQA
BSpdMA0EAgACMAcDBQMqE1mAMA0GCSqGSIb3DQEBCwUAA4IBAQAfflSA9PstHjwm
HK3AxLqTtljF0vOpdVLL9CaNehkdF+X+iaXt6zw0yEh8UhTOcYvFMdutoEYfV0Q2
rFo2YzfJYq0UWOCxf1dvfbl7MSA4iPbwY0unTwxB4mvKafuSJ/TFw1uTX8USOzt1
KHaFSQScmQC7zaLzYldFCcmVLduMaifF1E1zPVozCmo1eEChugHZmojd3L7MCtSJ
yhUvx7gSVn882ZhmdhQWmvFX/sjiCRaECWyydrF5fyvBN6/dEK+TSTdPbBxFs2Gc
L5g4JNu6lpI2rA7h+r/0VS7TiSIhBDf4bXEWfDKcre6qYfXaRQdv73xT4CLh5OKR
wEmKWnTL
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:29:35 2025 by rpki-client