Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/fRceip3h2Msmcqe9rKrCKcMtxes.roa
File: fRceip3h2Msmcqe9rKrCKcMtxes.roa (raw, json)
Hash identifier: oNjWptRPWR6rzXvroRTUIsfC0TJW0USE0QLK1AbwdGM=
Subject key identifier: 7D:17:1E:8A:9D:E1:D8:CB:26:72:A7:BD:AC:AA:C2:29:C3:2D:C5:EB
Certificate issuer: /CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Certificate serial: 01942068362FE9866DC33FADCBF6858DB16B
Authority key identifier: 96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/fRceip3h2Msmcqe9rKrCKcMtxes.roa
Signing time: Wed 01 Jan 2025 05:48:08 +0000
ROA not before: Wed 01 Jan 2025 05:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208392
IP address blocks: 5.42.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 07:22:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:36:2f:e9:86:6d:c3:3f:ad:cb:f6:85:8d:b1:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Validity
Not Before: Jan 1 05:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d171e8a9de1d8cb2672a7bdacaac229c32dc5eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d8:17:bd:14:eb:4f:39:12:25:50:f6:8d:85:
ae:ab:65:1e:f0:c9:d6:2a:9f:0f:89:7b:20:29:51:
34:41:51:5e:6f:22:69:9a:35:e7:49:af:82:33:cf:
d2:4e:cb:22:9e:2a:16:f3:9e:29:5f:7c:ee:29:a9:
a3:4a:ca:5e:d5:f0:53:87:07:f8:c2:e8:9a:b2:c5:
28:4c:c1:96:be:b1:40:da:54:50:70:40:62:2d:a4:
a0:87:c2:d9:4c:ea:67:84:6c:dc:70:3d:61:31:69:
91:4f:04:b9:6a:7c:aa:f9:1d:3e:49:ec:60:13:f1:
63:13:62:f0:8d:d0:8f:ce:a1:8d:99:49:04:3a:db:
0b:1b:ab:44:f1:6c:4a:24:2c:b3:41:18:76:cb:69:
cd:6e:be:8d:a5:d1:4a:1a:68:3f:f3:67:25:86:28:
10:a1:3a:cb:dd:68:19:13:a8:ef:70:06:72:94:67:
48:6a:fa:d9:ad:da:1d:f7:33:d7:03:a0:4f:b7:b0:
0b:fd:0b:e4:19:fd:29:e9:01:d9:01:a2:19:ec:42:
28:4a:88:d2:ae:da:7a:90:0f:d1:4a:4b:48:c1:66:
0f:34:23:35:29:99:fb:8f:85:0f:f0:ed:70:f0:b1:
21:db:77:8b:31:00:76:66:72:4f:09:41:16:18:01:
10:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:17:1E:8A:9D:E1:D8:CB:26:72:A7:BD:AC:AA:C2:29:C3:2D:C5:EB
X509v3 Authority Key Identifier:
keyid:96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/fRceip3h2Msmcqe9rKrCKcMtxes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/lgYvXdsY-W14SSs1ONd0XMRxSiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.89.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:85:e8:89:57:26:b6:71:86:c9:68:0d:69:8d:4c:80:a0:2d:
c2:7e:d9:8e:0a:4c:2d:c5:1a:49:0b:3f:9b:26:c2:16:03:80:
41:6e:ad:70:bc:af:a0:d9:52:e3:71:33:f0:ae:1c:d0:4e:b5:
e9:ce:31:dc:58:2a:80:e5:92:93:50:50:3d:c2:99:ac:c0:3e:
00:59:89:f5:61:f7:16:91:ab:c5:22:1a:d5:4c:25:25:1e:04:
4b:9e:ec:43:bd:07:d9:c9:0b:d0:af:12:aa:a6:98:2e:62:66:
33:0f:94:04:21:52:a1:2c:5a:74:9d:d5:72:b9:87:c6:bd:7b:
a6:e6:86:8b:8a:5f:bb:76:7a:62:c2:7a:1d:b4:17:04:6f:5d:
18:ee:00:c1:10:ab:b7:62:c7:a0:fd:ce:01:69:fd:4d:8a:4e:
f2:c5:74:40:8e:f7:ac:f5:4f:71:43:5a:90:f2:ff:45:10:63:
27:e6:16:2f:43:2a:d0:6f:62:67:ba:a5:bd:2c:82:d9:2f:67:
3f:bc:0c:d5:bb:ea:c5:0c:28:f5:74:b0:bc:06:6f:28:e3:13:
24:78:60:82:f2:e6:56:6d:f5:47:9a:c4:89:b6:a4:17:09:86:
e5:3c:d2:91:42:94:2e:bf:0a:bf:f7:21:bb:5c:c5:a7:e5:9e:
07:53:25:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaDYv6YZtwz+ty/aFjbFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MDYyZjVkZGIxOGY5NmQ3ODQ5MmIzNTM4ZDc3NDVjYzQ3
MTRhMjYwHhcNMjUwMTAxMDU0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDE3MWU4YTlkZTFkOGNiMjY3MmE3YmRhY2FhYzIyOWMzMmRjNWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9gXvRTrTzkSJVD2jYWuq2Ue8MnW
Kp8PiXsgKVE0QVFebyJpmjXnSa+CM8/STssinioW854pX3zuKamjSspe1fBThwf4
wuiassUoTMGWvrFA2lRQcEBiLaSgh8LZTOpnhGzccD1hMWmRTwS5anyq+R0+Sexg
E/FjE2LwjdCPzqGNmUkEOtsLG6tE8WxKJCyzQRh2y2nNbr6NpdFKGmg/82clhigQ
oTrL3WgZE6jvcAZylGdIavrZrdod9zPXA6BPt7AL/QvkGf0p6QHZAaIZ7EIoSojS
rtp6kA/RSktIwWYPNCM1KZn7j4UP8O1w8LEh23eLMQB2ZnJPCUEWGAEQwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH0XHoqd4djLJnKnvayqwinDLcXrMB8GA1UdIwQY
MBaAFJYGL13bGPlteEkrNTjXdFzEcUomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmIt
M2ZjYjVmM2YzYzU5LzEvZlJjZWlwM2gyTXNtY3FlOXJLckNLY010eGVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmItM2ZjYjVmM2YzYzU5
LzEvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSpZMA0G
CSqGSIb3DQEBCwUAA4IBAQBqheiJVya2cYbJaA1pjUyAoC3CftmOCkwtxRpJCz+b
JsIWA4BBbq1wvK+g2VLjcTPwrhzQTrXpzjHcWCqA5ZKTUFA9wpmswD4AWYn1YfcW
kavFIhrVTCUlHgRLnuxDvQfZyQvQrxKqppguYmYzD5QEIVKhLFp0ndVyuYfGvXum
5oaLil+7dnpiwnodtBcEb10Y7gDBEKu3Yseg/c4Baf1Nik7yxXRAjves9U9xQ1qQ
8v9FEGMn5hYvQyrQb2JnuqW9LILZL2c/vAzVu+rFDCj1dLC8Bm8o4xMkeGCC8uZW
bfVHmsSJtqQXCYblPNKRQpQuvwq/9yG7XMWn5Z4HUyW1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:08 2025 by rpki-client