Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/OYe4GObn9zBaHHW--CIFrRWQMX4.roa
File: OYe4GObn9zBaHHW--CIFrRWQMX4.roa (raw, json)
Hash identifier: GPkPmhJhbk7ShCo+OT5hqmgIYxTaO9Js9+BOjRHDx6Y=
Subject key identifier: 39:87:B8:18:E6:E7:F7:30:5A:1C:75:BE:F8:22:05:AD:15:90:31:7E
Certificate issuer: /CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Certificate serial: 0191C79343D1948B00A93DCD0BC136DE12C6
Authority key identifier: 5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/OYe4GObn9zBaHHW--CIFrRWQMX4.roa
Signing time: Fri 06 Sep 2024 13:43:22 +0000
ROA not before: Fri 06 Sep 2024 13:43:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216475
IP address blocks: 5.253.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c7:93:43:d1:94:8b:00:a9:3d:cd:0b:c1:36:de:12:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Validity
Not Before: Sep 6 13:43:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3987b818e6e7f7305a1c75bef82205ad1590317e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:99:c9:b4:cc:a7:64:61:85:b2:28:9b:d1:0d:
be:62:9f:6f:02:4d:4b:61:ac:42:b5:f3:a7:9d:c1:
37:82:0d:58:95:73:84:89:d7:fd:94:d4:bd:dd:b8:
31:d1:b3:71:ee:0d:63:23:cf:80:3e:13:0c:52:45:
7e:70:22:b3:ee:e3:ea:d1:8f:31:99:e4:e1:05:c6:
a5:af:1a:95:78:e9:da:62:f8:b0:1d:0a:55:cb:27:
07:3b:2a:84:e3:35:06:2f:35:30:eb:54:a3:f2:06:
ce:0a:d1:ba:2f:b3:9b:a8:31:4b:bd:2d:ac:11:da:
c8:18:08:cc:c0:27:ee:e9:d5:12:71:6d:70:5f:a0:
65:89:21:44:a2:13:84:6b:55:5e:a0:fb:b4:55:ae:
64:73:09:2a:c2:0b:a0:ed:cd:8c:73:b0:a0:6c:c3:
4e:d4:69:1d:69:a9:7b:e7:93:3c:6c:a9:29:85:b5:
13:59:fb:f7:c5:14:37:7c:e4:34:5d:16:af:0b:82:
71:4f:15:c3:ed:a9:32:78:1a:ff:53:22:71:8b:28:
b7:29:d4:a5:83:9e:b5:ec:9d:b2:10:32:75:90:7b:
43:5e:3b:dc:d3:a0:d7:a8:ec:46:e9:81:f0:8c:70:
50:e5:a8:e3:f0:b3:52:db:d7:88:dc:92:c3:37:09:
66:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:87:B8:18:E6:E7:F7:30:5A:1C:75:BE:F8:22:05:AD:15:90:31:7E
X509v3 Authority Key Identifier:
keyid:5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/OYe4GObn9zBaHHW--CIFrRWQMX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/XYbEfabZB5NHtg8E7VxVV_6YPrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.189.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:a5:ec:46:99:fc:e3:cc:a4:95:a9:b3:bd:8a:eb:a2:20:73:
b7:ce:a3:0e:00:ce:d7:b1:cd:c6:d1:b8:9d:c2:48:f5:4a:9d:
bb:e7:71:53:9a:51:af:7f:bf:29:f5:a4:ff:6c:a1:70:2b:c3:
60:8d:c1:41:70:e8:5e:88:a2:48:7b:91:78:5b:29:62:7b:df:
8f:25:13:ca:8c:90:84:63:19:6d:bb:29:19:9b:61:17:54:05:
6a:5a:65:2f:53:28:67:96:0e:b9:91:73:33:a9:61:3a:38:a1:
1e:45:fd:dd:ed:28:d9:e3:6b:12:ba:49:c6:da:3b:6e:15:49:
4a:b4:84:f0:21:e9:66:a4:da:9d:1e:8d:62:88:40:50:89:c5:
63:80:b7:d4:63:41:95:29:f5:7f:cb:d5:16:8d:cc:a7:a0:94:
17:2a:9f:a0:e4:c9:d4:99:7e:0b:08:43:d5:df:fb:9f:ac:e8:
30:17:d0:40:0a:1c:f7:71:da:08:de:4f:01:51:6a:c0:c3:69:
40:7d:f4:3b:17:64:ca:98:ec:0d:05:b5:72:46:66:fa:31:cf:
46:06:f7:d8:8f:83:10:8e:8c:58:e1:c7:3b:e9:64:e4:18:ff:
a7:1d:88:b4:4c:61:3a:4f:06:cd:7c:f5:88:e7:ff:7c:2d:df:
7d:af:26:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHHk0PRlIsAqT3NC8E23hLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODZjNDdkYTZkOTA3OTM0N2I2MGYwNGVkNWM1NTU3ZmU5
ODNlYjgwHhcNMjQwOTA2MTM0MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTg3YjgxOGU2ZTdmNzMwNWExYzc1YmVmODIyMDVhZDE1OTAzMTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpnJtMynZGGFsiib0Q2+Yp9vAk1L
YaxCtfOnncE3gg1YlXOEidf9lNS93bgx0bNx7g1jI8+APhMMUkV+cCKz7uPq0Y8x
meThBcalrxqVeOnaYviwHQpVyycHOyqE4zUGLzUw61Sj8gbOCtG6L7ObqDFLvS2s
EdrIGAjMwCfu6dUScW1wX6BliSFEohOEa1VeoPu0Va5kcwkqwgug7c2Mc7CgbMNO
1Gkdaal755M8bKkphbUTWfv3xRQ3fOQ0XRavC4JxTxXD7akyeBr/UyJxiyi3KdSl
g5617J2yEDJ1kHtDXjvc06DXqOxG6YHwjHBQ5ajj8LNS29eI3JLDNwlmAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDmHuBjm5/cwWhx1vvgiBa0VkDF+MB8GA1UdIwQY
MBaAFF2GxH2m2QeTR7YPBO1cVVf+mD64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYt
ZmM2MzI4NDFiYTNlLzEvT1llNEdPYm45ekJhSEhXLS1DSUZyUldRTVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYtZmM2MzI4NDFiYTNl
LzEvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABf29MA0G
CSqGSIb3DQEBCwUAA4IBAQBbpexGmfzjzKSVqbO9iuuiIHO3zqMOAM7Xsc3G0bid
wkj1Sp2753FTmlGvf78p9aT/bKFwK8NgjcFBcOheiKJIe5F4Wylie9+PJRPKjJCE
YxltuykZm2EXVAVqWmUvUyhnlg65kXMzqWE6OKEeRf3d7SjZ42sSuknG2jtuFUlK
tITwIelmpNqdHo1iiEBQicVjgLfUY0GVKfV/y9UWjcynoJQXKp+g5MnUmX4LCEPV
3/ufrOgwF9BAChz3cdoI3k8BUWrAw2lAffQ7F2TKmOwNBbVyRmb6Mc9GBvfYj4MQ
joxY4cc76WTkGP+nHYi0TGE6TwbNfPWI5/98Ld99ryYg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:31 2025 by rpki-client