Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/5PWkkAy9byFdZsCLDLZ5puLJE34.roa
File: 5PWkkAy9byFdZsCLDLZ5puLJE34.roa (raw, json)
Hash identifier: 8oD22wQHWTNWVcwnJ0xjcn4GT4lWc21p6M7517NKIaI=
Subject key identifier: E4:F5:A4:90:0C:BD:6F:21:5D:66:C0:8B:0C:B6:79:A6:E2:C9:13:7E
Certificate issuer: /CN=9bad10f972e6789e2a4377a2c29ee08bc3a367ca
Certificate serial: 018CC3494E0B7A166244A94062491B6819ED
Authority key identifier: 9B:AD:10:F9:72:E6:78:9E:2A:43:77:A2:C2:9E:E0:8B:C3:A3:67:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/5PWkkAy9byFdZsCLDLZ5puLJE34.roa
Signing time: Mon 01 Jan 2024 04:30:10 +0000
ROA not before: Mon 01 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205908
IP address blocks: 23.252.72.0/24 maxlen: 24
167.160.18.0/24 maxlen: 24
2a10:4cc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4e:0b:7a:16:62:44:a9:40:62:49:1b:68:19:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bad10f972e6789e2a4377a2c29ee08bc3a367ca
Validity
Not Before: Jan 1 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4f5a4900cbd6f215d66c08b0cb679a6e2c9137e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8e:65:01:0f:77:9e:78:d0:e2:b2:47:f2:49:
cf:93:7d:96:86:23:1a:9f:30:10:c0:9d:24:31:aa:
83:d7:c7:38:7c:33:1b:9f:33:bb:7e:2d:11:b0:7e:
ad:23:22:fa:b6:4c:bc:16:15:7e:43:f4:64:37:0f:
a0:80:f0:15:66:08:6f:9b:a2:d0:f2:fe:7b:07:ca:
1a:11:c8:b3:3c:3a:e9:61:69:92:c5:db:4c:56:13:
13:35:9d:52:3a:39:a7:ab:a3:d3:4f:79:09:a6:1e:
78:50:aa:0d:71:9d:41:39:29:8b:8a:86:29:bc:f3:
0d:28:01:ed:e4:be:19:ff:d5:7b:d8:eb:dd:c2:84:
a3:b8:37:bd:0c:9d:02:1b:67:cd:b5:bc:82:93:d2:
04:a1:2e:0c:c0:6f:7e:6c:bf:af:97:82:d7:88:1e:
97:3e:45:fb:3d:1f:8a:d3:e3:29:b3:dc:52:9b:b9:
67:af:22:89:b8:64:b3:bc:ee:6c:34:21:f7:d5:9a:
ce:ba:29:da:68:20:9a:84:4c:9e:dc:a1:45:52:0c:
46:be:b8:c1:87:6d:46:e5:fb:30:c2:81:ff:f5:00:
29:9b:ce:ab:15:1c:c3:93:16:80:e2:b4:b0:39:07:
99:1a:c7:43:c4:0f:9d:02:a2:71:88:55:3b:95:fd:
89:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F5:A4:90:0C:BD:6F:21:5D:66:C0:8B:0C:B6:79:A6:E2:C9:13:7E
X509v3 Authority Key Identifier:
keyid:9B:AD:10:F9:72:E6:78:9E:2A:43:77:A2:C2:9E:E0:8B:C3:A3:67:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/5PWkkAy9byFdZsCLDLZ5puLJE34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.252.72.0/24
167.160.18.0/24
IPv6:
2a10:4cc0::/29
Signature Algorithm: sha256WithRSAEncryption
0c:f1:b5:8a:c0:2d:7f:d9:ca:35:1b:4c:be:7c:f9:a2:0f:d1:
39:d6:12:27:b1:d5:8e:34:60:3d:85:14:f1:f0:df:8d:6e:e3:
9d:86:fe:63:9a:28:c5:00:4c:fd:23:2e:8b:f6:25:eb:a3:3b:
ac:75:94:16:d0:01:ac:1b:9d:a0:59:9b:0f:14:9f:4a:8b:44:
ab:a7:ad:ad:5c:89:1a:7a:fe:4e:8b:13:fe:cf:3a:1e:34:2d:
86:84:10:d3:0e:ca:c2:2e:fd:a0:00:91:bf:a1:70:e3:eb:12:
ae:06:bb:82:d4:56:31:c8:72:80:f7:1d:a6:0a:3f:c1:c5:cd:
cd:5f:ed:42:8c:c1:c1:f3:0e:9f:01:de:3d:b6:99:c1:88:3a:
fb:9d:c2:8a:a8:b0:17:0f:af:62:ce:da:d5:c1:e8:3c:24:e6:
c9:39:46:ce:09:44:ee:61:d4:b7:1a:52:cb:c3:cd:c3:0a:14:
bc:cc:e4:21:18:43:67:ce:11:d1:e1:c0:91:18:68:53:92:56:
6a:73:ec:62:5e:19:c4:f5:2e:9f:39:f1:ee:98:0c:d2:00:5f:
07:e5:d1:dd:9e:39:32:fa:98:8c:c0:46:5f:5a:6c:5b:11:22:
ee:28:40:20:07:bc:8f:13:49:be:e2:0b:3d:e7:77:75:ea:89:
9d:8e:65:fa
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSU4LehZiRKlAYkkbaBntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYWQxMGY5NzJlNjc4OWUyYTQzNzdhMmMyOWVlMDhiYzNh
MzY3Y2EwHhcNMjQwMTAxMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGY1YTQ5MDBjYmQ2ZjIxNWQ2NmMwOGIwY2I2NzlhNmUyYzkxMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo5lAQ93nnjQ4rJH8knPk32WhiMa
nzAQwJ0kMaqD18c4fDMbnzO7fi0RsH6tIyL6tky8FhV+Q/RkNw+ggPAVZghvm6LQ
8v57B8oaEcizPDrpYWmSxdtMVhMTNZ1SOjmnq6PTT3kJph54UKoNcZ1BOSmLioYp
vPMNKAHt5L4Z/9V72OvdwoSjuDe9DJ0CG2fNtbyCk9IEoS4MwG9+bL+vl4LXiB6X
PkX7PR+K0+Mps9xSm7lnryKJuGSzvO5sNCH31ZrOuinaaCCahEye3KFFUgxGvrjB
h21G5fswwoH/9QApm86rFRzDkxaA4rSwOQeZGsdDxA+dAqJxiFU7lf2JEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOT1pJAMvW8hXWbAiwy2eabiyRN+MB8GA1UdIwQY
MBaAFJutEPly5nieKkN3osKe4IvDo2fKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTYwUS1YTG1lSjRxUTNlaXdwN2dpOE9qWjhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9iNGY2ZDMtYTRjMC00MzdjLWI0YzYt
MGQzODE0ZWE3M2M3LzEvNVBXa2tBeTlieUZkWnNDTERMWjVwdUxKRTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9iNGY2ZDMtYTRjMC00MzdjLWI0YzYtMGQzODE0ZWE3M2M3
LzEvbTYwUS1YTG1lSjRxUTNlaXdwN2dpOE9qWjhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAF/xIAwQA
p6ASMA0EAgACMAcDBQMqEEzAMA0GCSqGSIb3DQEBCwUAA4IBAQAM8bWKwC1/2co1
G0y+fPmiD9E51hInsdWONGA9hRTx8N+NbuOdhv5jmijFAEz9Iy6L9iXrozusdZQW
0AGsG52gWZsPFJ9Ki0Srp62tXIkaev5OixP+zzoeNC2GhBDTDsrCLv2gAJG/oXDj
6xKuBruC1FYxyHKA9x2mCj/Bxc3NX+1CjMHB8w6fAd49tpnBiDr7ncKKqLAXD69i
ztrVweg8JObJOUbOCUTuYdS3GlLLw83DChS8zOQhGENnzhHR4cCRGGhTklZqc+xi
XhnE9S6fOfHumAzSAF8H5dHdnjky+piMwEZfWmxbESLuKEAgB7yPE0m+4gs953d1
6omdjmX6
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:35:34 2025 by rpki-client