Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/xddod013bUYLb3gcKCtHNFF-8Fw.roa
File: xddod013bUYLb3gcKCtHNFF-8Fw.roa (raw, json)
Hash identifier: 9ko7lJ1J2h5vDcMLmX2ewp7QzZrdjEKI0RxAJ5d4j3g=
Subject key identifier: C5:D7:68:77:4D:77:6D:46:0B:6F:78:1C:28:2B:47:34:51:7E:F0:5C
Certificate issuer: /CN=e5825fbee7c43a29838eabe4fc87d794349c0c80
Certificate serial: 018F1B604C8016419A612ED4A895D2C5D10B
Authority key identifier: E5:82:5F:BE:E7:C4:3A:29:83:8E:AB:E4:FC:87:D7:94:34:9C:0C:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YJfvufEOimDjqvk_IfXlDScDIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/xddod013bUYLb3gcKCtHNFF-8Fw.roa
Signing time: Fri 26 Apr 2024 17:07:26 +0000
ROA not before: Fri 26 Apr 2024 17:07:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29436
IP address blocks: 94.240.132.0/22 maxlen: 22
94.240.136.0/21 maxlen: 21
94.240.144.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:51:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1b:60:4c:80:16:41:9a:61:2e:d4:a8:95:d2:c5:d1:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5825fbee7c43a29838eabe4fc87d794349c0c80
Validity
Not Before: Apr 26 17:07:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5d768774d776d460b6f781c282b4734517ef05c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:55:10:9f:51:ec:7e:94:34:43:cf:2c:dd:04:
30:83:64:b9:43:c4:97:64:2a:48:29:00:5b:78:73:
00:7b:75:ff:04:fa:c5:e0:38:69:8e:35:d0:81:bd:
24:b5:d6:1c:5a:f6:8c:c9:90:a4:64:9b:f0:e1:f0:
6b:b9:0a:f8:6c:93:d7:1a:8d:ec:dc:ec:d8:bf:d7:
e6:ab:1f:d8:c9:a8:45:a2:1e:be:54:d3:4e:92:88:
33:11:9f:60:d6:0c:4e:1e:08:5e:b7:d7:91:ea:0a:
13:1c:0f:79:be:b2:f8:68:61:1f:60:3e:82:21:2b:
99:ce:41:23:ac:63:fe:62:6f:05:a8:7d:42:12:fd:
0e:d6:40:3c:e0:93:90:c5:5c:f2:9c:53:7b:70:09:
03:17:20:66:18:f6:d2:87:c9:be:b8:77:d7:dc:07:
e1:25:81:1b:5d:2e:e2:09:67:db:10:9a:dd:b2:95:
37:86:47:08:30:25:1b:29:45:f1:96:1d:41:19:db:
0e:95:6c:64:aa:5a:08:a2:53:0d:fb:68:cf:15:9d:
0a:f1:e6:19:21:5c:b7:19:e1:e0:9e:32:ea:60:04:
88:44:47:27:8e:41:1a:49:9a:7c:4d:90:81:8a:a6:
f6:4a:1f:68:23:7b:cb:d5:ea:d4:63:cd:61:a1:5d:
35:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:D7:68:77:4D:77:6D:46:0B:6F:78:1C:28:2B:47:34:51:7E:F0:5C
X509v3 Authority Key Identifier:
keyid:E5:82:5F:BE:E7:C4:3A:29:83:8E:AB:E4:FC:87:D7:94:34:9C:0C:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YJfvufEOimDjqvk_IfXlDScDIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/xddod013bUYLb3gcKCtHNFF-8Fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/5YJfvufEOimDjqvk_IfXlDScDIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.240.132.0-94.240.159.255
Signature Algorithm: sha256WithRSAEncryption
82:67:6d:4e:b2:59:c3:0a:ac:7f:0c:e3:a9:51:e0:f1:d7:b7:
8e:96:12:df:e6:12:cf:95:dc:85:60:f7:67:f6:ad:44:6c:e6:
17:96:df:1e:06:47:40:db:28:33:58:4f:03:ed:a3:85:5d:47:
15:5b:2e:c7:33:99:74:70:1e:ef:9f:76:4b:ab:75:0b:19:86:
d9:a7:70:27:ca:47:f7:8f:e5:d5:71:f2:19:07:87:88:dc:36:
79:98:0a:8f:7f:ed:26:30:49:54:c4:18:ea:19:34:38:93:c4:
c4:1a:16:67:fb:62:87:ab:43:f7:e5:e2:be:72:b9:df:ff:f6:
33:1f:0f:77:ad:15:e0:e8:a1:a6:cb:20:05:a7:45:d8:f6:5c:
3b:ca:e8:23:1b:1e:5d:04:ee:c9:4a:c0:f3:a2:4c:42:d3:a8:
b8:44:ad:84:74:17:db:95:bf:a4:77:fe:98:34:07:3a:4a:ca:
96:f1:e6:91:37:5e:4e:e4:40:91:63:53:07:b0:b5:09:d4:58:
bb:4e:8a:4b:1c:f7:8d:a6:ae:bc:41:e2:c8:69:df:38:15:49:
9a:b7:c0:89:2d:db:26:2c:2f:b9:01:22:b0:19:16:d4:3f:bd:
37:23:64:e5:9b:93:ee:44:de:26:e3:9b:7e:35:9d:5f:46:46:
8c:76:a6:6a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY8bYEyAFkGaYS7UqJXSxdELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODI1ZmJlZTdjNDNhMjk4MzhlYWJlNGZjODdkNzk0MzQ5
YzBjODAwHhcNMjQwNDI2MTcwNzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWQ3Njg3NzRkNzc2ZDQ2MGI2Zjc4MWMyODJiNDczNDUxN2VmMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolUQn1HsfpQ0Q88s3QQwg2S5Q8SX
ZCpIKQBbeHMAe3X/BPrF4DhpjjXQgb0ktdYcWvaMyZCkZJvw4fBruQr4bJPXGo3s
3OzYv9fmqx/YyahFoh6+VNNOkogzEZ9g1gxOHghet9eR6goTHA95vrL4aGEfYD6C
ISuZzkEjrGP+Ym8FqH1CEv0O1kA84JOQxVzynFN7cAkDFyBmGPbSh8m+uHfX3Afh
JYEbXS7iCWfbEJrdspU3hkcIMCUbKUXxlh1BGdsOlWxkqloIolMN+2jPFZ0K8eYZ
IVy3GeHgnjLqYASIREcnjkEaSZp8TZCBiqb2Sh9oI3vL1erUY81hoV01VwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMXXaHdNd21GC294HCgrRzRRfvBcMB8GA1UdIwQY
MBaAFOWCX77nxDopg46r5PyH15Q0nAyAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlKZnZ1ZkVPaW1EanF2a19JZlhsRFNjRElBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83NThjOTYtNjExZC00MTY3LTgwY2Qt
MDQxYWIzMDJjMmY5LzEveGRkb2QwMTNiVVlMYjNnY0tDdEhORkYtOEZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83NThjOTYtNjExZC00MTY3LTgwY2QtMDQxYWIzMDJjMmY5
LzEvNVlKZnZ1ZkVPaW1EanF2a19JZlhsRFNjRElBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJe8IQD
BAVe8IAwDQYJKoZIhvcNAQELBQADggEBAIJnbU6yWcMKrH8M46lR4PHXt46WEt/m
Es+V3IVg92f2rURs5heW3x4GR0DbKDNYTwPto4VdRxVbLsczmXRwHu+fdkurdQsZ
htmncCfKR/eP5dVx8hkHh4jcNnmYCo9/7SYwSVTEGOoZNDiTxMQaFmf7YoerQ/fl
4r5yud//9jMfD3etFeDooabLIAWnRdj2XDvK6CMbHl0E7slKwPOiTELTqLhErYR0
F9uVv6R3/pg0BzpKypbx5pE3Xk7kQJFjUwewtQnUWLtOiksc942mrrxB4shp3zgV
SZq3wIkt2yYsL7kBIrAZFtQ/vTcjZOWbk+5E3ibjm341nV9GRox2pmo=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:49:20 2025 by rpki-client