Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/HSxHqAsJEQjXmaftDpUOp9CkuQg.roa
File: HSxHqAsJEQjXmaftDpUOp9CkuQg.roa (raw, json)
Hash identifier: 9FJVKPCS0yk+jzPQoKB/9x//7RrvgG8TAl4kM9a0Ybw=
Subject key identifier: 1D:2C:47:A8:0B:09:11:08:D7:99:A7:ED:0E:95:0E:A7:D0:A4:B9:08
Certificate issuer: /CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Certificate serial: 0191D6CEE4CD975B14EA257209C0865C1728
Authority key identifier: 5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/HSxHqAsJEQjXmaftDpUOp9CkuQg.roa
Signing time: Mon 09 Sep 2024 12:42:48 +0000
ROA not before: Mon 09 Sep 2024 12:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 5.253.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Dec 2024 13:51:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:ce:e4:cd:97:5b:14:ea:25:72:09:c0:86:5c:17:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Validity
Not Before: Sep 9 12:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d2c47a80b091108d799a7ed0e950ea7d0a4b908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e7:d2:17:26:8c:20:3e:ec:28:26:ab:b2:1a:
d8:83:b0:0f:4e:55:9e:1f:db:a4:63:ef:81:ad:b5:
0b:ce:7a:18:d1:53:98:25:40:46:aa:92:ba:bb:4e:
74:75:18:4c:29:92:c5:95:79:9a:db:a0:bf:4d:68:
ea:9b:5f:7b:92:8e:40:91:6e:53:fc:8a:46:0d:2f:
37:fb:b6:a2:f4:9c:72:6e:75:2a:8f:2b:38:28:c9:
b1:54:0e:61:8f:7a:d6:4d:46:92:5f:28:44:e5:32:
80:db:68:b3:37:6c:10:78:1b:ee:44:df:28:8e:af:
aa:70:21:e5:96:13:e6:24:50:4d:ce:49:4e:f8:13:
80:dc:ec:8d:71:63:17:48:fa:e1:2d:96:7d:2b:43:
71:3b:55:7f:e3:ed:9b:42:ff:52:82:a2:c0:20:08:
7d:c7:ba:e8:8c:0c:24:d1:28:34:a4:d3:a7:bc:38:
34:5e:09:9e:ce:49:c0:40:29:bb:8d:2c:41:0d:79:
51:cf:ba:58:af:44:72:e5:d3:42:ef:ae:5b:58:27:
45:87:f2:c5:5c:cf:5c:c0:1c:90:de:5a:51:ea:09:
0f:44:61:5e:1f:cb:a9:3e:e8:56:9c:fc:38:db:02:
ab:36:8a:ed:15:b0:c8:25:ff:9c:2c:55:75:38:7c:
42:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2C:47:A8:0B:09:11:08:D7:99:A7:ED:0E:95:0E:A7:D0:A4:B9:08
X509v3 Authority Key Identifier:
keyid:5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/HSxHqAsJEQjXmaftDpUOp9CkuQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/XYbEfabZB5NHtg8E7VxVV_6YPrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.190.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:6e:00:67:0c:f7:f0:e3:67:2f:f9:a5:21:84:4a:d5:f0:2b:
8e:bd:97:04:36:17:2a:64:ef:1f:7c:a3:c0:ba:8a:d2:cd:cb:
a3:db:32:94:2a:d0:a6:8d:8a:30:cd:a8:27:b5:c1:7c:30:c6:
c3:16:88:81:e6:10:c9:dc:de:e7:5d:11:d8:17:e3:75:01:f5:
3d:2e:2c:6e:79:15:b4:02:9d:b0:3e:73:38:f9:70:01:cd:9c:
ea:f8:9b:de:93:c1:5d:98:f3:fe:4b:56:3a:60:75:c8:8c:a5:
9d:ff:97:8a:6e:b5:a3:39:9a:f5:f9:e2:f9:45:c6:80:e8:7e:
28:47:1b:2b:1c:a7:6a:36:af:c4:ce:41:3b:89:fe:d0:c7:8d:
46:fd:4d:c4:a1:68:9e:86:3e:0d:3f:f6:17:d3:15:65:6d:94:
b0:44:c5:fa:5f:c4:03:17:88:8b:9c:ab:ca:09:8d:7b:ce:e5:
8a:bb:92:e4:ed:79:85:8f:44:0a:70:90:2c:c9:cd:51:d0:9e:
70:6e:a0:4d:a3:ba:84:07:39:d9:61:5b:f9:72:7f:26:74:a8:
a3:76:de:98:ee:d6:25:51:72:f0:84:46:7e:96:2f:2b:c8:43:
e7:30:9b:66:0f:cc:2f:7a:28:82:b0:7b:ee:73:0d:0b:b4:e7:
d1:89:b5:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHWzuTNl1sU6iVyCcCGXBcoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODZjNDdkYTZkOTA3OTM0N2I2MGYwNGVkNWM1NTU3ZmU5
ODNlYjgwHhcNMjQwOTA5MTI0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDJjNDdhODBiMDkxMTA4ZDc5OWE3ZWQwZTk1MGVhN2QwYTRiOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqefSFyaMID7sKCarshrYg7APTlWe
H9ukY++BrbULznoY0VOYJUBGqpK6u050dRhMKZLFlXma26C/TWjqm197ko5AkW5T
/IpGDS83+7ai9JxybnUqjys4KMmxVA5hj3rWTUaSXyhE5TKA22izN2wQeBvuRN8o
jq+qcCHllhPmJFBNzklO+BOA3OyNcWMXSPrhLZZ9K0NxO1V/4+2bQv9SgqLAIAh9
x7rojAwk0Sg0pNOnvDg0XgmezknAQCm7jSxBDXlRz7pYr0Ry5dNC765bWCdFh/LF
XM9cwByQ3lpR6gkPRGFeH8upPuhWnPw42wKrNortFbDIJf+cLFV1OHxCIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0sR6gLCREI15mn7Q6VDqfQpLkIMB8GA1UdIwQY
MBaAFF2GxH2m2QeTR7YPBO1cVVf+mD64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYt
ZmM2MzI4NDFiYTNlLzEvSFN4SHFBc0pFUWpYbWFmdERwVU9wOUNrdVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYtZmM2MzI4NDFiYTNl
LzEvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABf2+MA0G
CSqGSIb3DQEBCwUAA4IBAQBrbgBnDPfw42cv+aUhhErV8CuOvZcENhcqZO8ffKPA
uorSzcuj2zKUKtCmjYowzagntcF8MMbDFoiB5hDJ3N7nXRHYF+N1AfU9LixueRW0
Ap2wPnM4+XABzZzq+Jvek8FdmPP+S1Y6YHXIjKWd/5eKbrWjOZr1+eL5RcaA6H4o
RxsrHKdqNq/EzkE7if7Qx41G/U3EoWiehj4NP/YX0xVlbZSwRMX6X8QDF4iLnKvK
CY17zuWKu5Lk7XmFj0QKcJAsyc1R0J5wbqBNo7qEBznZYVv5cn8mdKijdt6Y7tYl
UXLwhEZ+li8ryEPnMJtmD8wveiiCsHvucw0LtOfRibVv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:52 2025 by rpki-client