Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/q69iEnVql1VER2wi0Y6CnSv3LsI.roa
File: q69iEnVql1VER2wi0Y6CnSv3LsI.roa (raw, json)
Hash identifier: haQ0Ul5g63+kcbOo5zePEaM0471k7DvMIHL1O6W2/l8=
Subject key identifier: AB:AF:62:12:75:6A:97:55:44:47:6C:22:D1:8E:82:9D:2B:F7:2E:C2
Certificate issuer: /CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Certificate serial: 019420D60855AE10E30C3DA27BEF88CD270B
Authority key identifier: 38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/q69iEnVql1VER2wi0Y6CnSv3LsI.roa
Signing time: Wed 01 Jan 2025 07:48:05 +0000
ROA not before: Wed 01 Jan 2025 07:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201148
IP address blocks: 5.63.19.0/24 maxlen: 24
2a13:3f40::/29 maxlen: 29
2a13:3f40:1000::/48 maxlen: 48
2a13:3f40:1001::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 08 Jan 2025 21:13:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:08:55:ae:10:e3:0c:3d:a2:7b:ef:88:cd:27:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Validity
Not Before: Jan 1 07:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abaf6212756a975544476c22d18e829d2bf72ec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e6:b2:8d:3b:df:31:dd:9c:9a:5f:9d:c3:7d:
17:48:12:50:6a:fc:9f:e3:5c:e6:dc:da:21:8a:4b:
e5:f0:bf:75:39:9a:63:47:00:69:1c:fe:a1:4b:42:
9d:9c:eb:5e:7e:85:e0:47:2c:98:43:e0:47:64:ec:
ae:3a:8f:a9:ec:4b:9c:0a:8a:ba:10:78:c8:0f:32:
e8:67:cc:0a:1a:46:f4:0f:9d:51:8e:23:5a:8b:26:
d3:69:98:f9:a9:8b:80:13:eb:6c:8e:b2:83:7a:c5:
6c:dd:cd:23:7b:e1:52:e6:d5:0f:62:91:92:b7:70:
f4:77:18:85:07:21:a6:61:00:d2:cd:82:cb:38:43:
6e:4f:90:f2:d6:78:4a:2b:4f:05:0d:1f:d3:71:c3:
a4:b4:66:4c:a9:ea:4a:e9:01:68:4f:71:0c:58:8a:
83:3f:77:82:44:12:4b:f0:bb:98:5c:2e:71:a8:58:
14:a3:15:b6:9f:3d:f1:97:4a:c0:37:79:c1:91:8b:
8d:ed:78:a6:04:98:b8:bf:1b:a2:72:1a:81:06:1d:
fa:15:d0:26:ad:9d:55:10:08:57:4b:99:2a:68:9e:
81:53:c1:d5:cc:dc:95:a8:55:f8:98:a4:7f:54:b2:
60:01:4c:9a:f5:ae:9a:95:e3:3e:b4:89:e1:a2:9e:
75:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:AF:62:12:75:6A:97:55:44:47:6C:22:D1:8E:82:9D:2B:F7:2E:C2
X509v3 Authority Key Identifier:
keyid:38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/q69iEnVql1VER2wi0Y6CnSv3LsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.19.0/24
IPv6:
2a13:3f40::/29
Signature Algorithm: sha256WithRSAEncryption
00:62:ca:39:4e:d8:c0:e3:88:83:e6:db:65:f4:3f:88:2c:25:
b5:ba:2a:c6:18:d0:36:74:23:e4:ec:7c:d5:9a:cf:19:f1:13:
fa:d6:a0:0c:72:b6:5f:55:72:69:4d:7b:91:91:2e:2b:2b:69:
7a:97:3e:00:f5:58:07:10:0b:9b:57:08:a0:ea:b9:99:73:cb:
64:49:c9:1e:ea:1d:91:17:fa:29:73:34:c4:0d:cd:fd:82:84:
be:51:38:96:c8:3e:42:a6:9c:cc:4f:9a:85:d6:3d:77:da:68:
c3:cc:ba:0d:0c:ad:22:dc:c1:52:7b:36:11:eb:62:91:d3:b3:
00:18:57:2a:2f:66:d9:b1:35:25:aa:38:1b:98:fa:33:30:a6:
13:d4:f9:af:05:c2:fc:5a:a2:81:bc:c6:39:7e:1e:43:56:d9:
50:02:a1:34:0c:2e:5d:c6:d2:a7:0a:94:0f:4f:f4:b6:4f:87:
b2:55:f3:c4:97:3d:4f:a4:8c:fb:17:1d:91:3c:54:bb:e2:85:
77:15:f0:95:5f:5c:2a:ca:50:d9:c4:2c:50:82:99:c8:21:f2:
e3:96:fb:b4:3a:ad:5a:7c:d3:28:c9:89:67:9d:d8:16:02:31:
f7:92:49:19:72:40:a9:97:3b:9d:e9:bc:2e:f6:ce:e7:3c:d8:
86:3e:52:f4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1ghVrhDjDD2ie++IzScLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmU1MzMwMzNiM2NlOTVlNDk3MmJmMjM4MmRkYWMyOTNj
MmRjMDEwHhcNMjUwMTAxMDc0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmFmNjIxMjc1NmE5NzU1NDQ0NzZjMjJkMThlODI5ZDJiZjcyZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueayjTvfMd2cml+dw30XSBJQavyf
41zm3Nohikvl8L91OZpjRwBpHP6hS0KdnOtefoXgRyyYQ+BHZOyuOo+p7EucCoq6
EHjIDzLoZ8wKGkb0D51RjiNaiybTaZj5qYuAE+tsjrKDesVs3c0je+FS5tUPYpGS
t3D0dxiFByGmYQDSzYLLOENuT5Dy1nhKK08FDR/TccOktGZMqepK6QFoT3EMWIqD
P3eCRBJL8LuYXC5xqFgUoxW2nz3xl0rAN3nBkYuN7XimBJi4vxuichqBBh36FdAm
rZ1VEAhXS5kqaJ6BU8HVzNyVqFX4mKR/VLJgAUya9a6aleM+tInhop51SwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKuvYhJ1apdVREdsItGOgp0r9y7CMB8GA1UdIwQY
MBaAFDguUzAzs86V5Jcr8jgt2sKTwtwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQt
ZWFhMDkwNTE0YjUyLzEvcTY5aUVuVnFsMVZFUjJ3aTBZNkNuU3YzTHNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQtZWFhMDkwNTE0YjUy
LzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQABT8TMA0E
AgACMAcDBQMqEz9AMA0GCSqGSIb3DQEBCwUAA4IBAQAAYso5TtjA44iD5ttl9D+I
LCW1uirGGNA2dCPk7HzVms8Z8RP61qAMcrZfVXJpTXuRkS4rK2l6lz4A9VgHEAub
Vwig6rmZc8tkScke6h2RF/opczTEDc39goS+UTiWyD5CppzMT5qF1j132mjDzLoN
DK0i3MFSezYR62KR07MAGFcqL2bZsTUlqjgbmPozMKYT1PmvBcL8WqKBvMY5fh5D
VtlQAqE0DC5dxtKnCpQPT/S2T4eyVfPElz1PpIz7Fx2RPFS74oV3FfCVX1wqylDZ
xCxQgpnIIfLjlvu0Oq1afNMoyYlnndgWAjH3kkkZckCplzud6bwu9s7nPNiGPlL0
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:12:14 2025 by rpki-client