Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/5CvI_vMkA029X1ss1FvzeEl5_W0.roa
File: 5CvI_vMkA029X1ss1FvzeEl5_W0.roa (raw, json)
Hash identifier: Fjf9cE1V8eMHE1M217Bk5KQKELg5xzDg6gmwnrfCIAw=
Subject key identifier: E4:2B:C8:FE:F3:24:03:4D:BD:5F:5B:2C:D4:5B:F3:78:49:79:FD:6D
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018D057885B53B702AF1B326913C2B49F99C
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/5CvI_vMkA029X1ss1FvzeEl5_W0.roa
Signing time: Sun 14 Jan 2024 00:56:40 +0000
ROA not before: Sun 14 Jan 2024 00:56:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29066
IP address blocks: 176.221.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 24 Jan 2024 22:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:05:78:85:b5:3b:70:2a:f1:b3:26:91:3c:2b:49:f9:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 14 00:56:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e42bc8fef324034dbd5f5b2cd45bf3784979fd6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:00:98:f6:54:65:4e:9f:db:6d:78:86:8b:23:
42:3c:4b:85:9d:0c:50:a4:82:aa:19:02:c0:3e:c3:
d0:9a:03:d3:2d:ac:16:e8:79:66:1c:9c:c0:e4:9d:
1b:64:d2:4d:35:30:78:26:da:e7:56:95:7d:28:de:
31:67:b7:52:58:9e:7d:9e:d0:13:42:ef:e0:52:40:
b6:38:d4:7f:e8:55:5c:36:e1:bd:67:85:e0:05:ae:
33:a5:18:45:da:1a:e2:fd:83:0b:4b:85:95:3e:cb:
0c:ab:66:cb:7f:b5:6c:0a:26:da:1e:33:59:ab:63:
8e:02:68:cb:10:2f:8a:d2:13:ae:15:ac:c4:76:27:
13:49:a6:32:24:39:9b:c1:36:57:34:3a:94:b7:a8:
cd:81:7c:8c:b7:d0:0a:4b:b5:fa:ff:01:58:58:b5:
fe:8a:6c:49:71:39:f5:73:6f:11:45:11:24:98:8d:
1e:f8:2d:fc:5f:a3:c7:52:22:1c:75:d7:24:d2:6c:
81:41:d5:82:36:fd:02:2e:82:29:92:68:ab:b3:b0:
b0:7c:d6:cc:d0:5c:ac:d1:ff:15:8d:64:a4:a0:80:
8e:00:84:a3:03:d8:6f:ae:0d:3e:7f:69:6c:15:d7:
5b:db:aa:8c:2e:c4:ad:c8:c1:1e:46:b3:0c:b6:d6:
cf:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:2B:C8:FE:F3:24:03:4D:BD:5F:5B:2C:D4:5B:F3:78:49:79:FD:6D
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/5CvI_vMkA029X1ss1FvzeEl5_W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.20.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:05:4e:b4:7c:e5:c8:ed:80:23:43:7e:88:92:a9:87:fd:4d:
9d:7d:bf:71:a7:da:85:79:61:5f:85:18:f4:9a:d8:37:f5:96:
1a:1e:54:0c:62:7e:61:af:b3:33:13:a0:12:86:f9:fa:36:79:
37:41:af:83:7d:f2:d2:5d:a4:17:c5:93:a5:ca:8c:6c:92:e2:
e6:f8:3b:5a:2d:3f:c7:e6:89:4e:d5:7a:f7:ff:43:a7:22:18:
56:02:cf:48:b6:4b:ea:16:ed:ef:2e:8b:8e:73:20:07:6e:86:
d2:f2:03:cd:52:e5:aa:e4:f8:6b:dd:d5:b7:fd:b0:6a:78:5f:
39:96:95:48:54:7a:4e:d4:54:d6:ef:13:70:70:29:71:c5:fa:
e3:0c:6a:8d:4d:50:14:6e:fe:f4:ed:1b:f8:bb:da:92:e2:fe:
59:ab:78:94:d7:2a:55:3e:d1:1a:f5:31:a0:ea:db:08:79:88:
00:ba:2e:11:af:38:2a:00:34:07:c7:bc:94:c5:36:04:e3:3f:
eb:c6:25:2f:5a:c4:69:7e:be:d6:61:e6:6a:d5:b9:17:1c:5a:
1b:9e:c3:d2:99:fa:88:bf:c2:a8:34:40:da:fe:52:1e:48:19:
24:9b:7f:e3:ec:74:13:33:07:3d:3a:37:e7:e8:84:f5:f6:df:
bc:19:71:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0FeIW1O3Aq8bMmkTwrSfmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwMTE0MDA1NjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDJiYzhmZWYzMjQwMzRkYmQ1ZjViMmNkNDViZjM3ODQ5NzlmZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQCY9lRlTp/bbXiGiyNCPEuFnQxQ
pIKqGQLAPsPQmgPTLawW6HlmHJzA5J0bZNJNNTB4JtrnVpV9KN4xZ7dSWJ59ntAT
Qu/gUkC2ONR/6FVcNuG9Z4XgBa4zpRhF2hri/YMLS4WVPssMq2bLf7VsCibaHjNZ
q2OOAmjLEC+K0hOuFazEdicTSaYyJDmbwTZXNDqUt6jNgXyMt9AKS7X6/wFYWLX+
imxJcTn1c28RRREkmI0e+C38X6PHUiIcddck0myBQdWCNv0CLoIpkmirs7CwfNbM
0Fys0f8VjWSkoICOAISjA9hvrg0+f2lsFddb26qMLsStyMEeRrMMttbPWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQryP7zJANNvV9bLNRb83hJef1tMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvNUN2SV92TWtBMDI5WDFzczFGdnplRWw1X1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsN0UMA0G
CSqGSIb3DQEBCwUAA4IBAQAOBU60fOXI7YAjQ36IkqmH/U2dfb9xp9qFeWFfhRj0
mtg39ZYaHlQMYn5hr7MzE6AShvn6Nnk3Qa+DffLSXaQXxZOlyoxskuLm+DtaLT/H
5olO1Xr3/0OnIhhWAs9ItkvqFu3vLouOcyAHbobS8gPNUuWq5Phr3dW3/bBqeF85
lpVIVHpO1FTW7xNwcClxxfrjDGqNTVAUbv707Rv4u9qS4v5Zq3iU1ypVPtEa9TGg
6tsIeYgAui4RrzgqADQHx7yUxTYE4z/rxiUvWsRpfr7WYeZq1bkXHFobnsPSmfqI
v8KoNEDa/lIeSBkkm3/j7HQTMwc9Ojfn6IT19t+8GXGE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:44 2025 by rpki-client