Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/bnGfo658xZ9yLsi4mECiUvHTR48.roa
File: bnGfo658xZ9yLsi4mECiUvHTR48.roa (raw, json)
Hash identifier: o2L235ApmI6h0AI35D9ApUu3cbuXhxeMBCVKMAjQFSc=
Subject key identifier: 6E:71:9F:A3:AE:7C:C5:9F:72:2E:C8:B8:98:40:A2:52:F1:D3:47:8F
Certificate issuer: /CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Certificate serial: 0193E86E911BF099F533DBD71D761B15FEC3
Authority key identifier: 5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/bnGfo658xZ9yLsi4mECiUvHTR48.roa
Signing time: Sat 21 Dec 2024 08:56:20 +0000
ROA not before: Sat 21 Dec 2024 08:56:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59642
IP address blocks: 5.253.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e8:6e:91:1b:f0:99:f5:33:db:d7:1d:76:1b:15:fe:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Validity
Not Before: Dec 21 08:56:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e719fa3ae7cc59f722ec8b89840a252f1d3478f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:0a:30:71:59:26:aa:c6:04:35:b9:93:fa:73:
9f:4e:40:c7:14:08:35:fe:42:90:0f:0e:d2:d7:a0:
50:26:46:e1:60:5d:85:83:30:0c:e2:62:ae:3f:14:
6b:8b:c8:7f:ec:f1:65:f2:d1:82:15:d1:26:b3:a2:
df:8d:70:66:d2:3f:28:ed:9f:64:8e:43:37:d1:ce:
0a:e4:6f:91:a0:6c:85:d1:7a:ae:3f:27:f9:09:af:
ac:eb:06:89:4f:f5:db:6b:62:1d:1a:d9:45:57:15:
a6:7d:08:64:20:9f:ec:c5:9b:49:14:d0:44:44:2d:
a7:8c:6b:9d:57:88:25:2b:69:e8:6c:e1:34:8e:bf:
d4:fe:a8:c3:bb:3f:8a:a6:4e:32:98:01:91:55:bb:
ce:32:3b:87:ea:0b:64:7b:4c:76:54:ac:31:a4:49:
b8:bd:12:65:d0:75:c3:fd:ed:8c:66:53:c0:ea:fe:
2e:be:39:01:2b:a6:80:bb:bd:b2:a3:7b:79:f4:b3:
ff:58:9f:b8:df:02:55:dc:ba:f9:4a:ce:16:84:a1:
41:a9:21:83:29:ca:91:9c:40:b6:d6:a0:3a:f3:a3:
b4:09:e2:dc:6c:db:dc:51:fa:50:58:72:3d:94:aa:
39:06:43:57:ca:21:15:97:df:15:c8:e4:9f:80:a1:
3b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:71:9F:A3:AE:7C:C5:9F:72:2E:C8:B8:98:40:A2:52:F1:D3:47:8F
X509v3 Authority Key Identifier:
keyid:5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/bnGfo658xZ9yLsi4mECiUvHTR48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/XYbEfabZB5NHtg8E7VxVV_6YPrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.191.0/24
Signature Algorithm: sha256WithRSAEncryption
20:a3:d9:be:0f:e6:d3:31:ea:76:fa:57:2c:72:d4:7d:03:1b:
ec:c4:ca:79:c1:69:31:23:3c:e0:d4:1e:74:b9:7e:83:6d:b8:
d7:fe:70:fb:f4:f4:91:cb:4a:5f:15:ce:13:03:13:e4:a5:e9:
1e:8f:c7:30:6a:b2:6f:14:ff:9a:79:91:8a:51:2e:97:a2:2d:
41:5b:c8:78:74:bd:15:6e:9b:00:d5:8b:d9:d3:1a:eb:43:4f:
c1:f8:bf:27:ed:88:37:81:60:58:75:5a:dd:06:57:7d:f3:a5:
4e:a6:96:a8:29:ce:08:4c:6d:13:f6:5a:ac:2a:bd:b3:31:a7:
f2:42:95:1a:45:8b:31:79:db:00:62:83:10:8a:49:e1:28:13:
ae:76:d0:ab:1c:ec:e1:7e:59:0b:e5:f7:73:e8:1d:a0:d3:09:
d3:7c:3d:b9:fd:21:19:45:60:86:79:fc:7e:0f:65:f6:a9:ed:
48:b5:d5:98:05:61:d3:f6:d6:31:55:fc:93:9b:71:be:80:4d:
e2:da:cd:7e:26:ff:50:13:f7:ce:12:d6:9c:6c:af:a2:69:39:
b6:f7:90:b0:6c:6e:f7:d4:22:d3:ea:34:fb:30:ef:1b:ab:a6:
b8:98:1b:90:36:ed:0e:3e:b4:b1:88:0d:86:2c:ce:44:db:f1:
b5:7c:f2:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPobpEb8Jn1M9vXHXYbFf7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODZjNDdkYTZkOTA3OTM0N2I2MGYwNGVkNWM1NTU3ZmU5
ODNlYjgwHhcNMjQxMjIxMDg1NjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTcxOWZhM2FlN2NjNTlmNzIyZWM4Yjg5ODQwYTI1MmYxZDM0NzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AowcVkmqsYENbmT+nOfTkDHFAg1
/kKQDw7S16BQJkbhYF2FgzAM4mKuPxRri8h/7PFl8tGCFdEms6LfjXBm0j8o7Z9k
jkM30c4K5G+RoGyF0XquPyf5Ca+s6waJT/Xba2IdGtlFVxWmfQhkIJ/sxZtJFNBE
RC2njGudV4glK2nobOE0jr/U/qjDuz+Kpk4ymAGRVbvOMjuH6gtke0x2VKwxpEm4
vRJl0HXD/e2MZlPA6v4uvjkBK6aAu72yo3t59LP/WJ+43wJV3Lr5Ss4WhKFBqSGD
KcqRnEC21qA686O0CeLcbNvcUfpQWHI9lKo5BkNXyiEVl98VyOSfgKE7/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5xn6OufMWfci7IuJhAolLx00ePMB8GA1UdIwQY
MBaAFF2GxH2m2QeTR7YPBO1cVVf+mD64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYt
ZmM2MzI4NDFiYTNlLzEvYm5HZm82NTh4Wjl5THNpNG1FQ2lVdkhUUjQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYtZmM2MzI4NDFiYTNl
LzEvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABf2/MA0G
CSqGSIb3DQEBCwUAA4IBAQAgo9m+D+bTMep2+lcsctR9AxvsxMp5wWkxIzzg1B50
uX6DbbjX/nD79PSRy0pfFc4TAxPkpekej8cwarJvFP+aeZGKUS6Xoi1BW8h4dL0V
bpsA1YvZ0xrrQ0/B+L8n7Yg3gWBYdVrdBld986VOppaoKc4ITG0T9lqsKr2zMafy
QpUaRYsxedsAYoMQiknhKBOudtCrHOzhflkL5fdz6B2g0wnTfD25/SEZRWCGefx+
D2X2qe1ItdWYBWHT9tYxVfyTm3G+gE3i2s1+Jv9QE/fOEtacbK+iaTm295CwbG73
1CLT6jT7MO8bq6a4mBuQNu0OPrSxiA2GLM5E2/G1fPKl
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:27:57 2025 by rpki-client