Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/SRTcjYX9CzccUUs6vNpQWP5q4Mk.roa
File: SRTcjYX9CzccUUs6vNpQWP5q4Mk.roa (raw, json)
Hash identifier: ruY4fq37Sj99VTCUmom175Udg1nOZOuunSzKEDM1ssc=
Subject key identifier: 49:14:DC:8D:85:FD:0B:37:1C:51:4B:3A:BC:DA:50:58:FE:6A:E0:C9
Certificate issuer: /CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Certificate serial: 0193DAC5EA5655047D18C657E16EDE8CDC4F
Authority key identifier: 5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/SRTcjYX9CzccUUs6vNpQWP5q4Mk.roa
Signing time: Wed 18 Dec 2024 17:17:03 +0000
ROA not before: Wed 18 Dec 2024 17:17:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39011
IP address blocks: 5.253.191.0/24 maxlen: 24
194.102.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Dec 2024 08:56:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:da:c5:ea:56:55:04:7d:18:c6:57:e1:6e:de:8c:dc:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Validity
Not Before: Dec 18 17:17:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4914dc8d85fd0b371c514b3abcda5058fe6ae0c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:18:49:59:58:ee:c1:f7:c9:63:5a:a0:a3:ec:
66:83:10:74:bd:dc:d4:37:7c:1c:9b:75:81:d2:4a:
7a:15:59:ce:3d:57:1f:cc:0d:34:6d:04:a7:4a:7b:
dc:f9:99:dd:a5:78:f2:06:71:9f:26:dd:92:e2:23:
eb:2b:a1:6d:f7:c1:82:03:36:7b:b9:9d:a8:3e:cc:
01:68:86:9b:45:fb:61:46:ab:04:f2:ec:6d:ef:18:
c3:23:b8:60:c7:22:c0:b7:cd:a5:f9:0e:20:33:5e:
29:26:1e:1a:59:f7:a7:85:0c:11:5d:de:a3:95:55:
8b:0b:36:f6:ce:11:2b:1a:d6:31:a3:c4:48:c1:d8:
8a:95:e2:aa:9f:85:7b:7b:ad:4c:91:ac:71:eb:44:
74:9a:17:a0:00:31:d0:95:9d:2c:50:c0:77:2d:a9:
7b:a0:0d:22:26:ce:5c:16:be:ce:d2:b2:90:31:a7:
2a:20:e3:90:0f:b3:ef:65:ca:74:dc:a6:34:07:9a:
65:5b:9b:7a:b9:68:0b:65:bb:52:81:3a:d5:a5:72:
3f:62:4f:e6:6b:0e:f5:b5:24:c2:1a:a5:6d:7f:f8:
2a:8e:33:58:50:97:ba:9f:cb:b2:63:1c:f9:8c:80:
69:9a:4d:e7:25:ce:a6:76:bb:2a:32:87:41:33:89:
f5:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:14:DC:8D:85:FD:0B:37:1C:51:4B:3A:BC:DA:50:58:FE:6A:E0:C9
X509v3 Authority Key Identifier:
keyid:5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/SRTcjYX9CzccUUs6vNpQWP5q4Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/XYbEfabZB5NHtg8E7VxVV_6YPrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.191.0/24
194.102.204.0/24
Signature Algorithm: sha256WithRSAEncryption
40:4d:68:33:8b:c5:9f:84:42:3c:52:b6:b5:1a:3c:d6:42:7c:
4e:62:42:99:52:66:19:60:7e:30:40:2b:19:ad:6d:b0:53:b3:
02:81:be:b2:07:8b:a7:72:4f:e4:dd:5d:22:32:3b:a3:d7:70:
f6:0c:23:93:9d:b2:11:f6:47:ed:05:77:f6:d1:17:a9:5c:b3:
5f:50:23:4e:e7:5f:f5:ab:05:77:10:05:d3:ad:f4:e4:73:96:
38:e6:08:9b:5b:aa:01:79:c1:cf:3c:aa:08:ab:3b:11:5e:f5:
84:26:26:f6:9d:3f:9a:76:99:0d:15:c3:93:03:09:03:36:d6:
e1:1b:42:2c:66:e6:fa:c1:0b:9b:3f:e6:e7:70:da:97:ce:d5:
63:24:91:10:95:df:6f:8a:26:92:d0:19:7b:1a:84:5e:6a:df:
54:e0:49:66:4b:9a:ca:c6:d2:6e:c7:c4:58:cb:30:fe:eb:14:
0d:c7:ea:33:ed:f8:2e:80:f4:1b:9b:02:7b:5c:4b:7d:be:44:
f6:ce:04:7f:ff:83:26:91:5c:dd:32:8e:41:e9:58:c3:87:c2:
dc:a9:6b:00:65:4d:bf:73:f0:20:03:3a:83:f9:93:36:97:5b:
93:b3:44:44:da:4a:78:7e:bf:e9:4d:b7:e5:f9:10:67:fc:7d:
21:e8:74:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPaxepWVQR9GMZX4W7ejNxPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODZjNDdkYTZkOTA3OTM0N2I2MGYwNGVkNWM1NTU3ZmU5
ODNlYjgwHhcNMjQxMjE4MTcxNzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTE0ZGM4ZDg1ZmQwYjM3MWM1MTRiM2FiY2RhNTA1OGZlNmFlMGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hhJWVjuwffJY1qgo+xmgxB0vdzU
N3wcm3WB0kp6FVnOPVcfzA00bQSnSnvc+ZndpXjyBnGfJt2S4iPrK6Ft98GCAzZ7
uZ2oPswBaIabRfthRqsE8uxt7xjDI7hgxyLAt82l+Q4gM14pJh4aWfenhQwRXd6j
lVWLCzb2zhErGtYxo8RIwdiKleKqn4V7e61Mkaxx60R0mhegADHQlZ0sUMB3Lal7
oA0iJs5cFr7O0rKQMacqIOOQD7PvZcp03KY0B5plW5t6uWgLZbtSgTrVpXI/Yk/m
aw71tSTCGqVtf/gqjjNYUJe6n8uyYxz5jIBpmk3nJc6mdrsqModBM4n1zQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEkU3I2F/Qs3HFFLOrzaUFj+auDJMB8GA1UdIwQY
MBaAFF2GxH2m2QeTR7YPBO1cVVf+mD64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYt
ZmM2MzI4NDFiYTNlLzEvU1JUY2pZWDlDemNjVVVzNnZOcFFXUDVxNE1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYtZmM2MzI4NDFiYTNl
LzEvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABf2/AwQA
wmbMMA0GCSqGSIb3DQEBCwUAA4IBAQBATWgzi8WfhEI8Ura1GjzWQnxOYkKZUmYZ
YH4wQCsZrW2wU7MCgb6yB4unck/k3V0iMjuj13D2DCOTnbIR9kftBXf20RepXLNf
UCNO51/1qwV3EAXTrfTkc5Y45gibW6oBecHPPKoIqzsRXvWEJib2nT+adpkNFcOT
AwkDNtbhG0IsZub6wQubP+bncNqXztVjJJEQld9viiaS0Bl7GoReat9U4ElmS5rK
xtJux8RYyzD+6xQNx+oz7fgugPQbmwJ7XEt9vkT2zgR//4MmkVzdMo5B6VjDh8Lc
qWsAZU2/c/AgAzqD+ZM2l1uTs0RE2kp4fr/pTbfl+RBn/H0h6HQZ
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:30:21 2025 by rpki-client