Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/7y5IKD1kLcc1Ql75QS87rtsypk8.roa
File: 7y5IKD1kLcc1Ql75QS87rtsypk8.roa (raw, json)
Hash identifier: 5vLj+zIhNBaiAS3+IZ8E++3c++Hx4kBMgIzC2wL7aIs=
Subject key identifier: EF:2E:48:28:3D:64:2D:C7:35:42:5E:F9:41:2F:3B:AE:DB:32:A6:4F
Certificate issuer: /CN=e5825fbee7c43a29838eabe4fc87d794349c0c80
Certificate serial: 0194282545072CE559ED7042A25B0ADF8A37
Authority key identifier: E5:82:5F:BE:E7:C4:3A:29:83:8E:AB:E4:FC:87:D7:94:34:9C:0C:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YJfvufEOimDjqvk_IfXlDScDIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/7y5IKD1kLcc1Ql75QS87rtsypk8.roa
Signing time: Thu 02 Jan 2025 17:51:58 +0000
ROA not before: Thu 02 Jan 2025 17:51:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29436
IP address blocks: 94.240.132.0/22 maxlen: 22
94.240.136.0/21 maxlen: 21
94.240.144.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 16 Jan 2025 19:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:45:07:2c:e5:59:ed:70:42:a2:5b:0a:df:8a:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5825fbee7c43a29838eabe4fc87d794349c0c80
Validity
Not Before: Jan 2 17:51:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef2e48283d642dc735425ef9412f3baedb32a64f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:21:cb:26:4d:7d:ad:a9:f6:d1:80:b0:a9:ee:
3d:dd:c8:67:f4:96:11:ea:31:66:71:4a:ec:51:b4:
49:da:e1:43:b5:4d:52:2a:ad:b3:91:10:ad:7c:35:
d5:97:9f:9b:78:ae:24:d5:a5:0a:11:9c:39:e7:9d:
bb:95:a7:41:b7:d6:45:5e:c7:03:d8:d4:ad:4e:11:
02:ce:e3:28:1f:a4:78:ce:e9:69:90:94:62:b3:cc:
74:d5:0a:65:51:00:6c:a8:05:ae:7d:a9:a2:ca:0f:
7e:8f:57:aa:cf:15:86:e4:45:fb:cb:ae:84:72:09:
a1:e8:2a:be:8e:58:43:01:1a:1b:cf:82:9b:f0:58:
2b:35:83:31:ab:d8:3e:7c:5f:db:c4:99:4e:ff:b0:
51:a4:df:fc:fe:17:a6:f5:51:df:c9:e8:c7:ad:48:
e6:52:a8:93:1d:29:47:75:70:d2:3e:6c:83:49:45:
a6:12:fb:d4:71:0c:d0:58:3d:8a:11:80:98:dc:6c:
9e:b3:20:8c:2c:e1:a2:14:9c:fc:d9:44:6f:99:bd:
70:02:23:a5:ef:b4:35:8e:49:a5:d1:a6:26:2e:59:
16:1c:1a:72:1d:3a:21:fa:d0:6a:4d:f5:2d:33:fd:
ef:eb:c2:a4:74:d5:99:42:3d:6e:2c:cf:2e:1d:40:
b2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:2E:48:28:3D:64:2D:C7:35:42:5E:F9:41:2F:3B:AE:DB:32:A6:4F
X509v3 Authority Key Identifier:
keyid:E5:82:5F:BE:E7:C4:3A:29:83:8E:AB:E4:FC:87:D7:94:34:9C:0C:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YJfvufEOimDjqvk_IfXlDScDIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/7y5IKD1kLcc1Ql75QS87rtsypk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/5YJfvufEOimDjqvk_IfXlDScDIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.240.132.0-94.240.159.255
Signature Algorithm: sha256WithRSAEncryption
68:db:77:52:f2:b0:8d:67:d0:ce:aa:65:8c:1b:19:38:93:8b:
6d:64:ea:d2:7c:63:b8:18:22:f5:25:cb:63:3d:e0:73:8b:41:
28:d9:eb:67:6b:47:bb:aa:00:77:7a:78:c3:e8:7a:14:eb:6b:
f1:f7:49:42:51:3b:9a:e0:46:cd:07:e1:e0:13:10:bb:c0:cb:
ad:09:9d:ba:46:11:5f:b6:cb:fd:3b:69:3f:9c:03:84:d0:94:
42:6e:bc:07:27:c8:66:fd:b8:7f:05:ee:1c:ff:7d:0f:ab:00:
02:a2:29:11:92:b8:f4:e5:05:b5:6e:53:e6:98:6a:84:4f:6d:
f2:b5:f9:cb:72:22:e8:ef:8f:92:af:b1:38:c1:40:3f:c3:97:
e2:6f:7c:c5:66:b6:df:3e:3b:d2:db:2c:90:7a:1a:ea:e5:4a:
a0:34:98:44:35:45:5b:6e:1e:10:1c:f0:ef:23:9a:59:2b:f6:
46:b5:16:de:b8:27:d1:b7:51:d6:ed:15:7f:b6:74:82:82:fe:
08:fb:3b:60:12:9e:1b:91:79:ec:0b:ce:94:65:cc:34:bd:48:
65:ed:d9:36:76:40:45:f0:0c:2a:0f:3e:ba:13:45:fd:07:4a:
c6:31:da:33:59:ac:cc:4f:6d:9e:41:95:82:06:56:61:7d:9d:
33:9d:66:02
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQoJUUHLOVZ7XBColsK34o3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODI1ZmJlZTdjNDNhMjk4MzhlYWJlNGZjODdkNzk0MzQ5
YzBjODAwHhcNMjUwMTAyMTc1MTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjJlNDgyODNkNjQyZGM3MzU0MjVlZjk0MTJmM2JhZWRiMzJhNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCHLJk19ran20YCwqe493chn9JYR
6jFmcUrsUbRJ2uFDtU1SKq2zkRCtfDXVl5+beK4k1aUKEZw55527ladBt9ZFXscD
2NStThECzuMoH6R4zulpkJRis8x01QplUQBsqAWufamiyg9+j1eqzxWG5EX7y66E
cgmh6Cq+jlhDARobz4Kb8FgrNYMxq9g+fF/bxJlO/7BRpN/8/hem9VHfyejHrUjm
UqiTHSlHdXDSPmyDSUWmEvvUcQzQWD2KEYCY3GyesyCMLOGiFJz82URvmb1wAiOl
77Q1jkml0aYmLlkWHBpyHToh+tBqTfUtM/3v68KkdNWZQj1uLM8uHUCyKwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFO8uSCg9ZC3HNUJe+UEvO67bMqZPMB8GA1UdIwQY
MBaAFOWCX77nxDopg46r5PyH15Q0nAyAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlKZnZ1ZkVPaW1EanF2a19JZlhsRFNjRElBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83NThjOTYtNjExZC00MTY3LTgwY2Qt
MDQxYWIzMDJjMmY5LzEvN3k1SUtEMWtMY2MxUWw3NVFTODdydHN5cGs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83NThjOTYtNjExZC00MTY3LTgwY2QtMDQxYWIzMDJjMmY5
LzEvNVlKZnZ1ZkVPaW1EanF2a19JZlhsRFNjRElBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJe8IQD
BAVe8IAwDQYJKoZIhvcNAQELBQADggEBAGjbd1LysI1n0M6qZYwbGTiTi21k6tJ8
Y7gYIvUly2M94HOLQSjZ62drR7uqAHd6eMPoehTra/H3SUJRO5rgRs0H4eATELvA
y60JnbpGEV+2y/07aT+cA4TQlEJuvAcnyGb9uH8F7hz/fQ+rAAKiKRGSuPTlBbVu
U+aYaoRPbfK1+ctyIujvj5KvsTjBQD/Dl+JvfMVmtt8+O9LbLJB6GurlSqA0mEQ1
RVtuHhAc8O8jmlkr9ka1Ft64J9G3UdbtFX+2dIKC/gj7O2ASnhuReewLzpRlzDS9
SGXt2TZ2QEXwDCoPProTRf0HSsYx2jNZrMxPbZ5BlYIGVmF9nTOdZgI=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:00:00 2025 by rpki-client