Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/dPgeJx-sMUiyLrfwnJTjcT-KEbU.roa
File: dPgeJx-sMUiyLrfwnJTjcT-KEbU.roa (raw, json)
Hash identifier: ioiIjgevuLorlkGWMJMyqStI7g33Z53WKTtGUEWdWN0=
Subject key identifier: 74:F8:1E:27:1F:AC:31:48:B2:2E:B7:F0:9C:94:E3:71:3F:8A:11:B5
Certificate issuer: /CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Certificate serial: 019447C3C28C8E24A9D723A9B362858D13E3
Authority key identifier: 38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/dPgeJx-sMUiyLrfwnJTjcT-KEbU.roa
Signing time: Wed 08 Jan 2025 21:13:19 +0000
ROA not before: Wed 08 Jan 2025 21:13:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48753
IP address blocks: 5.63.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 15:16:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:47:c3:c2:8c:8e:24:a9:d7:23:a9:b3:62:85:8d:13:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Validity
Not Before: Jan 8 21:13:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74f81e271fac3148b22eb7f09c94e3713f8a11b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:27:33:93:79:bd:b0:cb:44:22:47:68:78:18:
b4:2a:0e:2a:2f:a2:db:19:11:6e:69:4a:26:77:23:
fd:b6:25:f8:af:fd:8f:97:a9:eb:23:6d:98:5a:4d:
f6:5a:83:e7:5e:5f:59:66:2c:dc:76:29:2e:62:7e:
8e:8d:55:7c:fd:2e:f7:94:78:6f:bb:43:3b:06:57:
41:cc:db:cf:e5:64:a2:59:dd:b7:a4:b3:26:e5:06:
e8:9d:cb:4f:2b:83:c9:40:3d:ed:9a:3a:99:da:c3:
4e:41:e6:70:90:09:d9:58:3d:02:c2:4d:7b:c2:44:
03:11:61:e4:0f:ed:09:c5:35:d3:ed:6d:c9:62:84:
b8:d1:e8:69:d2:cf:ef:a0:71:60:27:eb:20:23:f9:
fe:d3:22:b5:35:db:ae:36:01:29:2c:64:af:ed:42:
c8:f2:a5:96:d4:c8:ba:12:6c:49:0c:97:4d:89:47:
5a:4c:f7:64:61:8d:df:dd:44:2e:57:e7:1f:63:6e:
4b:cb:b9:20:35:17:59:f7:0b:bd:bb:74:f3:f3:77:
aa:a9:f9:ad:02:9a:61:f3:68:12:0c:20:42:73:50:
30:85:d4:b8:c0:1f:a8:fc:50:67:87:10:28:7b:77:
69:30:b1:45:70:d8:bd:4f:ba:df:42:2f:95:03:2a:
9a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F8:1E:27:1F:AC:31:48:B2:2E:B7:F0:9C:94:E3:71:3F:8A:11:B5
X509v3 Authority Key Identifier:
keyid:38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/dPgeJx-sMUiyLrfwnJTjcT-KEbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.19.0/24
Signature Algorithm: sha256WithRSAEncryption
60:28:81:2c:1a:31:f5:09:de:6a:ae:94:5d:8d:b3:50:3d:0d:
dd:41:cc:b4:12:dc:50:a9:42:9c:58:c6:04:0e:56:1b:05:cc:
ef:9c:ac:96:55:c8:a7:26:c9:78:27:71:f2:b5:85:35:69:5e:
3a:21:71:e2:38:40:e1:4a:75:d8:19:07:7d:f3:e0:4b:d5:88:
1e:7f:73:03:47:6c:e3:7d:76:91:10:b6:30:56:b6:88:dc:65:
6d:6f:6a:b3:b4:23:82:84:64:09:24:c9:fb:87:31:43:d9:7f:
20:9a:f8:bf:9e:3f:5a:2e:b2:c0:7d:f4:89:a9:27:0c:3f:cc:
3e:a2:07:c9:16:67:31:ba:7a:b3:d4:3f:a7:82:6d:a7:1b:8c:
41:15:49:00:cb:dc:41:ce:6f:ec:a9:8e:ae:74:2e:2e:12:23:
f3:8c:47:72:5b:83:15:09:bd:cd:d2:dc:0b:6b:12:cc:d0:ab:
99:33:3b:e1:c2:5e:a8:04:59:5b:7c:d2:c1:b8:40:56:5f:6d:
96:26:70:5e:19:f0:52:76:0a:1c:de:29:99:40:7d:ac:0f:c6:
a3:e3:a9:95:b6:a2:3f:26:f7:b9:6a:7e:e6:a5:86:c1:d4:5f:
14:c6:fd:26:69:47:4d:ce:65:d9:c7:a9:65:f8:18:19:13:c7:
09:b7:4c:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRHw8KMjiSp1yOps2KFjRPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmU1MzMwMzNiM2NlOTVlNDk3MmJmMjM4MmRkYWMyOTNj
MmRjMDEwHhcNMjUwMTA4MjExMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGY4MWUyNzFmYWMzMTQ4YjIyZWI3ZjA5Yzk0ZTM3MTNmOGExMWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Sczk3m9sMtEIkdoeBi0Kg4qL6Lb
GRFuaUomdyP9tiX4r/2Pl6nrI22YWk32WoPnXl9ZZizcdikuYn6OjVV8/S73lHhv
u0M7BldBzNvP5WSiWd23pLMm5QbonctPK4PJQD3tmjqZ2sNOQeZwkAnZWD0Cwk17
wkQDEWHkD+0JxTXT7W3JYoS40ehp0s/voHFgJ+sgI/n+0yK1NduuNgEpLGSv7ULI
8qWW1Mi6EmxJDJdNiUdaTPdkYY3f3UQuV+cfY25Ly7kgNRdZ9wu9u3Tz83eqqfmt
Apph82gSDCBCc1AwhdS4wB+o/FBnhxAoe3dpMLFFcNi9T7rfQi+VAyqagQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHT4HicfrDFIsi638JyU43E/ihG1MB8GA1UdIwQY
MBaAFDguUzAzs86V5Jcr8jgt2sKTwtwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQt
ZWFhMDkwNTE0YjUyLzEvZFBnZUp4LXNNVWl5THJmd25KVGpjVC1LRWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQtZWFhMDkwNTE0YjUy
LzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABT8TMA0G
CSqGSIb3DQEBCwUAA4IBAQBgKIEsGjH1Cd5qrpRdjbNQPQ3dQcy0EtxQqUKcWMYE
DlYbBczvnKyWVcinJsl4J3HytYU1aV46IXHiOEDhSnXYGQd98+BL1Ygef3MDR2zj
fXaRELYwVraI3GVtb2qztCOChGQJJMn7hzFD2X8gmvi/nj9aLrLAffSJqScMP8w+
ogfJFmcxunqz1D+ngm2nG4xBFUkAy9xBzm/sqY6udC4uEiPzjEdyW4MVCb3N0twL
axLM0KuZMzvhwl6oBFlbfNLBuEBWX22WJnBeGfBSdgoc3imZQH2sD8aj46mVtqI/
Jve5an7mpYbB1F8Uxv0maUdNzmXZx6ll+BgZE8cJt0y3
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:55:28 2025 by rpki-client