Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/1f1d43-43db-4f4a-b494-7df9ae53d484/1/v5aYUqXEmyOMPTIq1H95TvMimCA.roa
File: v5aYUqXEmyOMPTIq1H95TvMimCA.roa (raw, json)
Hash identifier: j9k5aXNcaGqDnRMjPTHMxo1Y06g5j+Rs5gVFuEU1224=
Subject key identifier: BF:96:98:52:A5:C4:9B:23:8C:3D:32:2A:D4:7F:79:4E:F3:22:98:20
Certificate issuer: /CN=239d0657eaaef096bec94b11f4d69d0d3ed04ce6
Certificate serial: 018CC2DAECAC0119DED290359C9D54A3F04F
Authority key identifier: 23:9D:06:57:EA:AE:F0:96:BE:C9:4B:11:F4:D6:9D:0D:3E:D0:4C:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I50GV-qu8Ja-yUsR9NadDT7QTOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/1f1d43-43db-4f4a-b494-7df9ae53d484/1/v5aYUqXEmyOMPTIq1H95TvMimCA.roa
Signing time: Mon 01 Jan 2024 02:29:36 +0000
ROA not before: Mon 01 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51289
IP address blocks: 193.58.251.0/24 maxlen: 24
2001:67c:20c::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ec:ac:01:19:de:d2:90:35:9c:9d:54:a3:f0:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=239d0657eaaef096bec94b11f4d69d0d3ed04ce6
Validity
Not Before: Jan 1 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf969852a5c49b238c3d322ad47f794ef3229820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bb:f8:0c:22:88:01:26:0d:74:66:c4:ec:86:
f1:6e:98:7f:96:36:dc:b8:5c:58:51:10:2c:2b:5d:
5d:0e:18:ce:23:96:65:6c:10:6c:9c:14:fa:3b:1b:
03:c9:7e:54:52:6b:94:12:03:21:69:ae:d2:c5:84:
ca:2e:72:9e:8c:35:64:83:3a:cf:af:7a:37:5a:1c:
55:ac:51:f5:92:eb:5a:cd:a5:f4:b5:c8:80:93:a1:
a9:31:4d:e6:74:1d:58:fd:1e:a5:de:fa:0b:9f:a6:
e6:b3:4b:7c:36:6c:51:91:05:21:80:08:24:b4:ae:
d6:d1:21:cd:c8:6f:36:7b:6e:9a:61:3a:76:d5:e6:
70:af:60:78:e2:4a:a6:d7:15:07:27:0b:eb:49:a6:
f5:12:27:6b:8b:10:93:0e:dd:7d:45:58:69:66:2e:
a4:4c:65:6d:27:49:71:a9:6d:92:75:c8:96:10:cb:
76:57:0d:83:a5:67:a9:96:0d:75:2b:80:de:7e:d1:
fa:46:18:4c:06:29:91:e4:8c:96:a7:09:48:c9:f7:
48:51:74:36:6b:c8:ce:7b:af:b5:b1:7d:1f:13:88:
7f:0b:df:13:0a:fe:85:fb:fa:72:ca:2d:f3:ac:c2:
83:dc:e9:36:a4:8e:e7:0d:f4:14:c3:ac:86:9b:d0:
af:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:96:98:52:A5:C4:9B:23:8C:3D:32:2A:D4:7F:79:4E:F3:22:98:20
X509v3 Authority Key Identifier:
keyid:23:9D:06:57:EA:AE:F0:96:BE:C9:4B:11:F4:D6:9D:0D:3E:D0:4C:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I50GV-qu8Ja-yUsR9NadDT7QTOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/1f1d43-43db-4f4a-b494-7df9ae53d484/1/v5aYUqXEmyOMPTIq1H95TvMimCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/1f1d43-43db-4f4a-b494-7df9ae53d484/1/I50GV-qu8Ja-yUsR9NadDT7QTOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.251.0/24
IPv6:
2001:67c:20c::/48
Signature Algorithm: sha256WithRSAEncryption
87:c4:4a:a3:06:61:d6:49:12:b6:bb:9f:9d:c1:10:8a:25:0b:
59:b0:1a:4a:52:ed:23:28:bb:e2:50:78:c6:7d:12:dd:cb:b1:
e4:6d:35:f7:2c:be:88:b5:55:db:f3:cd:84:72:c2:17:aa:a1:
29:dc:2f:cb:59:f2:fa:9e:c5:6d:d8:22:ed:83:c6:c3:f7:20:
80:62:c6:33:9c:f5:ce:e4:37:28:c6:92:48:d0:6d:fe:87:37:
c4:54:6a:1b:7e:9d:20:03:2f:f1:39:51:ee:ba:5b:cc:f9:7b:
d9:d7:03:30:23:db:f4:fb:39:e9:de:b7:7e:b5:be:d6:05:94:
55:a7:ea:c5:3d:56:22:43:27:c3:a9:b7:67:74:44:a6:bb:9a:
5f:6f:2c:dc:27:0a:11:d1:bc:c4:e3:64:0c:b0:ff:35:38:fd:
08:e9:48:12:e7:79:82:9a:53:a3:ab:38:98:21:54:33:63:1f:
7d:17:4f:e2:84:89:a1:f1:93:37:24:a7:27:58:8f:c9:c5:04:
e8:29:6f:18:82:92:1f:71:6a:69:31:3e:d1:91:df:10:78:38:
58:de:3f:65:ab:60:5d:37:cf:0a:11:54:8d:6b:2c:5d:31:86:
26:15:f0:64:b8:1a:fa:4c:da:c6:2a:21:8d:6a:65:b1:aa:b4:
20:4a:d2:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzC2uysARne0pA1nJ1Uo/BPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzOWQwNjU3ZWFhZWYwOTZiZWM5NGIxMWY0ZDY5ZDBkM2Vk
MDRjZTYwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjk2OTg1MmE1YzQ5YjIzOGMzZDMyMmFkNDdmNzk0ZWYzMjI5ODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbv4DCKIASYNdGbE7Ibxbph/ljbc
uFxYURAsK11dDhjOI5ZlbBBsnBT6OxsDyX5UUmuUEgMhaa7SxYTKLnKejDVkgzrP
r3o3WhxVrFH1kutazaX0tciAk6GpMU3mdB1Y/R6l3voLn6bms0t8NmxRkQUhgAgk
tK7W0SHNyG82e26aYTp21eZwr2B44kqm1xUHJwvrSab1EidrixCTDt19RVhpZi6k
TGVtJ0lxqW2SdciWEMt2Vw2DpWeplg11K4DeftH6RhhMBimR5IyWpwlIyfdIUXQ2
a8jOe6+1sX0fE4h/C98TCv6F+/pyyi3zrMKD3Ok2pI7nDfQUw6yGm9CvdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL+WmFKlxJsjjD0yKtR/eU7zIpggMB8GA1UdIwQY
MBaAFCOdBlfqrvCWvslLEfTWnQ0+0EzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTUwR1YtcXU4SmEteVVzUjlOYWREVDdRVE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8xZjFkNDMtNDNkYi00ZjRhLWI0OTQt
N2RmOWFlNTNkNDg0LzEvdjVhWVVxWEVteU9NUFRJcTFIOTVUdk1pbUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8xZjFkNDMtNDNkYi00ZjRhLWI0OTQtN2RmOWFlNTNkNDg0
LzEvSTUwR1YtcXU4SmEteVVzUjlOYWREVDdRVE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwTr7MA8E
AgACMAkDBwAgAQZ8AgwwDQYJKoZIhvcNAQELBQADggEBAIfESqMGYdZJEra7n53B
EIolC1mwGkpS7SMou+JQeMZ9Et3LseRtNfcsvoi1VdvzzYRywheqoSncL8tZ8vqe
xW3YIu2DxsP3IIBixjOc9c7kNyjGkkjQbf6HN8RUaht+nSADL/E5Ue66W8z5e9nX
AzAj2/T7Oenet361vtYFlFWn6sU9ViJDJ8Opt2d0RKa7ml9vLNwnChHRvMTjZAyw
/zU4/QjpSBLneYKaU6OrOJghVDNjH30XT+KEiaHxkzckpydYj8nFBOgpbxiCkh9x
amkxPtGR3xB4OFjeP2WrYF03zwoRVI1rLF0xhiYV8GS4GvpM2sYqIY1qZbGqtCBK
0tk=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:57:24 2025 by rpki-client