Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/kB76Ysj06KM7BOt9Vs33jHEMUJc.roa
File: kB76Ysj06KM7BOt9Vs33jHEMUJc.roa (raw, json)
Hash identifier: AdS6sUHeePLrzqGDpth3+09QonVqCaeOXTW5KU6zYmc=
Subject key identifier: 90:1E:FA:62:C8:F4:E8:A3:3B:04:EB:7D:56:CD:F7:8C:71:0C:50:97
Certificate issuer: /CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Certificate serial: 0191D6CEE52571BB3D991829C11B5279C0C2
Authority key identifier: 5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/kB76Ysj06KM7BOt9Vs33jHEMUJc.roa
Signing time: Mon 09 Sep 2024 12:42:48 +0000
ROA not before: Mon 09 Sep 2024 12:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39011
IP address blocks: 5.253.188.0/24 maxlen: 24
194.102.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 15:44:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:ce:e5:25:71:bb:3d:99:18:29:c1:1b:52:79:c0:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Validity
Not Before: Sep 9 12:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=901efa62c8f4e8a33b04eb7d56cdf78c710c5097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:bf:fe:72:76:f0:ed:3b:93:fe:0e:96:46:8c:
ea:87:bf:6b:00:3c:fd:3f:ad:9d:2a:ac:df:ef:a1:
fd:97:04:b6:73:34:29:12:d9:35:54:15:70:b5:03:
3d:02:c2:b1:26:41:df:d4:c8:f2:48:05:f8:89:f9:
b6:23:95:fb:2b:fd:20:1d:10:a1:97:df:8d:43:85:
5f:ef:fe:66:15:a3:75:14:2f:a6:60:eb:c1:76:af:
c6:08:cd:54:e8:a8:d1:cb:1b:b9:7c:6b:65:48:de:
c1:b2:75:88:f6:02:0f:d0:86:f1:eb:ee:3e:89:90:
0f:02:55:ed:c9:27:66:6c:cb:cf:d5:e1:ee:a0:05:
20:c7:70:dc:f3:12:48:ec:8b:8d:02:a7:b4:1b:f1:
11:39:3c:fa:b8:5c:33:7c:8c:0f:9a:96:b1:0f:8d:
86:a4:da:47:67:b9:fa:be:d0:6e:fa:2a:ed:f5:38:
78:2a:b1:ef:c0:d1:d0:fa:86:d3:ac:b0:19:0d:10:
8f:ad:db:23:b5:c7:a8:eb:2e:de:44:fb:2f:6a:fe:
0c:9a:42:b3:6a:5e:b2:ec:b5:9f:d7:89:04:15:4a:
d3:87:d7:55:7b:08:67:98:b8:47:ca:e0:68:59:54:
02:e4:d7:c3:b2:46:18:1c:cf:dd:67:3f:c9:8a:4f:
d4:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:1E:FA:62:C8:F4:E8:A3:3B:04:EB:7D:56:CD:F7:8C:71:0C:50:97
X509v3 Authority Key Identifier:
keyid:5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/kB76Ysj06KM7BOt9Vs33jHEMUJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/XYbEfabZB5NHtg8E7VxVV_6YPrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.188.0/24
194.102.204.0/24
Signature Algorithm: sha256WithRSAEncryption
59:cf:90:92:42:0f:39:22:52:12:6f:85:94:ee:94:f6:73:0e:
d0:23:f7:fd:e8:0d:32:69:06:b4:a2:c4:a9:f8:47:e5:98:ba:
97:90:80:68:2b:9f:e9:5d:a1:00:f6:57:e5:bd:73:c0:55:56:
a5:d5:11:0e:0b:32:94:94:06:1c:5e:97:5c:12:65:5c:32:69:
af:f2:1f:b0:bb:e9:ee:af:7c:53:51:dd:a2:1c:5f:1a:8c:2a:
e2:6c:30:fc:db:b4:ff:b4:08:26:73:6e:be:af:63:14:4d:db:
0e:cd:39:55:09:73:61:d1:9d:4c:65:7f:13:17:1d:ee:51:30:
06:d6:e0:bd:f3:7a:79:89:60:31:04:1d:c0:2e:6a:dc:f6:de:
08:69:f7:d2:ed:12:ea:4d:fd:35:dc:2e:3f:62:22:62:e0:94:
12:6f:f7:06:90:7e:22:5c:b2:9a:77:ed:ee:94:74:3a:55:74:
47:c5:46:4d:e4:8a:38:e3:5e:05:22:88:10:c5:b7:fe:c9:70:
3e:3b:e2:5a:de:42:88:a4:3d:d0:59:37:a0:04:7d:95:43:a9:
b9:4e:ca:c5:af:07:89:22:20:72:19:78:6f:44:d2:01:38:68:
6a:d9:fc:36:7e:71:af:5c:60:f2:15:32:26:49:9b:84:31:19:
14:cc:df:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHWzuUlcbs9mRgpwRtSecDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODZjNDdkYTZkOTA3OTM0N2I2MGYwNGVkNWM1NTU3ZmU5
ODNlYjgwHhcNMjQwOTA5MTI0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDFlZmE2MmM4ZjRlOGEzM2IwNGViN2Q1NmNkZjc4YzcxMGM1MDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7r/+cnbw7TuT/g6WRozqh79rADz9
P62dKqzf76H9lwS2czQpEtk1VBVwtQM9AsKxJkHf1MjySAX4ifm2I5X7K/0gHRCh
l9+NQ4Vf7/5mFaN1FC+mYOvBdq/GCM1U6KjRyxu5fGtlSN7BsnWI9gIP0Ibx6+4+
iZAPAlXtySdmbMvP1eHuoAUgx3Dc8xJI7IuNAqe0G/EROTz6uFwzfIwPmpaxD42G
pNpHZ7n6vtBu+irt9Th4KrHvwNHQ+obTrLAZDRCPrdsjtceo6y7eRPsvav4MmkKz
al6y7LWf14kEFUrTh9dVewhnmLhHyuBoWVQC5NfDskYYHM/dZz/Jik/UCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJAe+mLI9OijOwTrfVbN94xxDFCXMB8GA1UdIwQY
MBaAFF2GxH2m2QeTR7YPBO1cVVf+mD64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYt
ZmM2MzI4NDFiYTNlLzEva0I3NllzajA2S003Qk90OVZzMzNqSEVNVUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYtZmM2MzI4NDFiYTNl
LzEvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABf28AwQA
wmbMMA0GCSqGSIb3DQEBCwUAA4IBAQBZz5CSQg85IlISb4WU7pT2cw7QI/f96A0y
aQa0osSp+EflmLqXkIBoK5/pXaEA9lflvXPAVVal1REOCzKUlAYcXpdcEmVcMmmv
8h+wu+nur3xTUd2iHF8ajCribDD827T/tAgmc26+r2MUTdsOzTlVCXNh0Z1MZX8T
Fx3uUTAG1uC983p5iWAxBB3ALmrc9t4IaffS7RLqTf013C4/YiJi4JQSb/cGkH4i
XLKad+3ulHQ6VXRHxUZN5Io4414FIogQxbf+yXA+O+Ja3kKIpD3QWTegBH2VQ6m5
TsrFrweJIiByGXhvRNIBOGhq2fw2fnGvXGDyFTImSZuEMRkUzN89
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:56 2025 by rpki-client