Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/5PbCre9u8PfDu-qBQBo5i1Pwtf4.roa
File: 5PbCre9u8PfDu-qBQBo5i1Pwtf4.roa (raw, json)
Hash identifier: grSWMmIRDgYqryZOROK3yBcd7H4+ui5Ebae1bEo+DYg=
Subject key identifier: E4:F6:C2:AD:EF:6E:F0:F7:C3:BB:EA:81:40:1A:39:8B:53:F0:B5:FE
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018E74DAE047160A20CE9EDB449E6393EF74
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/5PbCre9u8PfDu-qBQBo5i1Pwtf4.roa
Signing time: Mon 25 Mar 2024 09:04:45 +0000
ROA not before: Mon 25 Mar 2024 09:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34
IP address blocks: 37.128.248.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 22:13:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:74:da:e0:47:16:0a:20:ce:9e:db:44:9e:63:93:ef:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Mar 25 09:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4f6c2adef6ef0f7c3bbea81401a398b53f0b5fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8f:5c:23:f3:93:b4:37:92:ad:55:93:ce:5c:
56:f4:8e:71:48:c3:1f:3d:f2:46:fe:e7:e8:eb:35:
57:7a:4f:70:e3:87:7e:b5:80:a7:16:01:33:29:0c:
70:b0:ae:b5:85:d5:10:71:cd:7b:2a:32:5a:25:9e:
cb:e0:c8:2e:ac:2d:93:6e:46:f0:85:e8:4c:ae:9e:
5c:00:86:d8:c5:5f:15:36:4c:20:0d:d1:5a:ff:c5:
3b:70:61:df:97:f4:1d:eb:2b:41:a0:11:84:bc:d6:
a9:f4:f5:be:49:da:e6:1b:34:09:59:83:8b:9f:c6:
8e:30:d3:fa:61:5d:05:09:59:3d:85:28:15:34:57:
c8:47:2a:5a:e3:47:1b:39:40:ca:0c:e4:6c:85:89:
fc:27:7c:d1:61:c9:c1:c7:f5:d1:bb:41:36:9c:5f:
d5:37:02:61:c1:92:36:79:fd:5b:9e:9b:ad:1d:56:
af:92:a5:35:fe:83:2c:9f:6c:1f:11:72:da:22:47:
28:8a:e1:36:e5:fd:82:c9:9c:7b:eb:97:87:57:51:
0e:36:8a:6e:03:1f:f6:f3:7a:57:b0:83:71:78:4f:
7f:13:9c:27:7d:18:db:22:1e:a5:aa:23:0d:20:50:
38:64:93:3e:b1:fa:49:0a:2e:d0:ca:96:ed:00:7a:
9a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F6:C2:AD:EF:6E:F0:F7:C3:BB:EA:81:40:1A:39:8B:53:F0:B5:FE
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/5PbCre9u8PfDu-qBQBo5i1Pwtf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/23
Signature Algorithm: sha256WithRSAEncryption
38:ab:a8:ba:e1:8e:ea:ae:eb:c7:22:f4:2e:6b:3a:4f:4c:41:
68:d9:49:5c:5e:5b:cf:71:5d:2a:90:b5:96:8d:58:05:93:ab:
82:0f:3d:c5:f8:05:86:0e:08:bd:07:12:a1:f8:0c:08:3a:d8:
d7:00:c3:ef:c3:6d:5e:f6:6e:ea:79:cc:ed:01:a2:45:0f:27:
ef:f5:e6:94:ed:47:d3:de:d1:66:03:7a:1a:0e:54:2a:eb:d3:
cc:6a:82:cb:48:1f:4d:26:51:27:07:36:3f:e3:a3:a4:52:bb:
9c:46:72:36:e3:e9:1c:27:9b:eb:7d:02:d9:d6:0f:58:8d:4d:
5f:b2:70:ea:ff:22:f4:07:4c:91:28:97:fa:71:e4:97:af:3c:
4c:cd:77:48:84:4c:9d:e8:63:d0:f1:1d:bd:ca:39:35:f6:a5:
36:c5:1f:4f:bc:b3:29:58:66:4c:df:21:66:5d:fa:c2:8e:7e:
35:9d:5c:02:73:86:7b:4d:b3:3f:b6:4b:56:ec:2c:e1:9b:9a:
30:e3:b7:41:38:e2:6c:36:30:e0:15:38:b8:77:34:ea:05:e5:
b1:8a:84:b3:08:a6:31:87:31:a0:e5:4d:e0:1b:b5:f2:a6:06:
ce:62:42:a5:6b:62:13:aa:3d:38:97:6e:e2:8f:2e:fc:07:c4:
00:59:83:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY502uBHFgogzp7bRJ5jk+90MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwMzI1MDkwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGY2YzJhZGVmNmVmMGY3YzNiYmVhODE0MDFhMzk4YjUzZjBiNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAko9cI/OTtDeSrVWTzlxW9I5xSMMf
PfJG/ufo6zVXek9w44d+tYCnFgEzKQxwsK61hdUQcc17KjJaJZ7L4MgurC2Tbkbw
hehMrp5cAIbYxV8VNkwgDdFa/8U7cGHfl/Qd6ytBoBGEvNap9PW+SdrmGzQJWYOL
n8aOMNP6YV0FCVk9hSgVNFfIRypa40cbOUDKDORshYn8J3zRYcnBx/XRu0E2nF/V
NwJhwZI2ef1bnputHVavkqU1/oMsn2wfEXLaIkcoiuE25f2CyZx765eHV1EONopu
Ax/283pXsINxeE9/E5wnfRjbIh6lqiMNIFA4ZJM+sfpJCi7QypbtAHqaMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOT2wq3vbvD3w7vqgUAaOYtT8LX+MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvNVBiQ3JlOXU4UGZEdS1xQlFCbzVpMVB3dGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJYD4MA0G
CSqGSIb3DQEBCwUAA4IBAQA4q6i64Y7qruvHIvQuazpPTEFo2UlcXlvPcV0qkLWW
jVgFk6uCDz3F+AWGDgi9BxKh+AwIOtjXAMPvw21e9m7qecztAaJFDyfv9eaU7UfT
3tFmA3oaDlQq69PMaoLLSB9NJlEnBzY/46OkUrucRnI24+kcJ5vrfQLZ1g9YjU1f
snDq/yL0B0yRKJf6ceSXrzxMzXdIhEyd6GPQ8R29yjk19qU2xR9PvLMpWGZM3yFm
XfrCjn41nVwCc4Z7TbM/tktW7Czhm5ow47dBOOJsNjDgFTi4dzTqBeWxioSzCKYx
hzGg5U3gG7XypgbOYkKla2ITqj04l27ijy78B8QAWYOe
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:07 2025 by rpki-client