Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/dd704b-c735-44df-a796-f86243a9c2b3/1/5QnHh-rYJ8FYGd3-7WndxtMWj0A.roa
File: 5QnHh-rYJ8FYGd3-7WndxtMWj0A.roa (raw, json)
Hash identifier: VkJO4flb5xcBlciInEnPCSahr9rkWKy+zrwIaTJa5tc=
Subject key identifier: E5:09:C7:87:EA:D8:27:C1:58:19:DD:FE:ED:69:DD:C6:D3:16:8F:40
Certificate issuer: /CN=f031c2da6bb9a56c28efeec4e4df0758cc24eb26
Certificate serial: 018DD15D98F5CF8A59BE4185FA686417F48D
Authority key identifier: F0:31:C2:DA:6B:B9:A5:6C:28:EF:EE:C4:E4:DF:07:58:CC:24:EB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DHC2mu5pWwo7-7E5N8HWMwk6yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/dd704b-c735-44df-a796-f86243a9c2b3/1/5QnHh-rYJ8FYGd3-7WndxtMWj0A.roa
Signing time: Thu 22 Feb 2024 15:09:48 +0000
ROA not before: Thu 22 Feb 2024 15:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198320
IP address blocks: 130.255.117.0/24 maxlen: 24
130.255.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 07:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d1:5d:98:f5:cf:8a:59:be:41:85:fa:68:64:17:f4:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f031c2da6bb9a56c28efeec4e4df0758cc24eb26
Validity
Not Before: Feb 22 15:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e509c787ead827c15819ddfeed69ddc6d3168f40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c2:88:1b:8f:e3:3a:b6:d2:26:c7:1a:6b:14:
10:81:85:91:94:24:d0:24:b1:b0:40:e3:d7:b3:59:
03:e2:ed:31:9d:e9:6d:c1:73:ba:8c:b9:ee:cd:92:
47:51:5e:72:56:e9:62:b6:45:04:b7:8e:98:07:df:
d9:75:04:ef:8f:df:7e:79:4f:8c:6e:8c:2a:3f:61:
5b:9e:fa:e4:c5:69:7a:89:b4:49:7c:49:5b:eb:9d:
de:b1:aa:88:88:1b:b2:03:a3:e7:bc:4d:15:d1:68:
d8:68:b0:14:8c:b6:eb:73:88:71:77:d2:53:23:1c:
51:d5:67:75:57:c9:01:f5:2b:6d:7c:db:34:2a:d8:
02:d1:98:73:2a:dc:5c:59:49:82:d0:ba:b4:2f:53:
88:9f:a6:41:e5:0e:38:2d:90:07:6b:a2:82:82:13:
93:66:de:cc:9d:81:cb:e0:68:97:69:0a:a0:12:5d:
8c:d1:38:68:e4:df:6f:85:f2:07:31:6d:f2:62:1b:
82:12:72:65:25:be:b6:21:3e:91:e7:98:44:c9:de:
55:ba:fa:ae:62:7f:9e:9c:1e:be:34:c4:5b:67:a3:
a0:d7:42:2e:b2:91:3a:4c:8a:23:75:f9:ee:6f:a9:
0a:81:09:b1:bc:7c:c5:10:07:46:75:e0:b1:92:18:
f8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:09:C7:87:EA:D8:27:C1:58:19:DD:FE:ED:69:DD:C6:D3:16:8F:40
X509v3 Authority Key Identifier:
keyid:F0:31:C2:DA:6B:B9:A5:6C:28:EF:EE:C4:E4:DF:07:58:CC:24:EB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DHC2mu5pWwo7-7E5N8HWMwk6yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/dd704b-c735-44df-a796-f86243a9c2b3/1/5QnHh-rYJ8FYGd3-7WndxtMWj0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/dd704b-c735-44df-a796-f86243a9c2b3/1/8DHC2mu5pWwo7-7E5N8HWMwk6yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.117.0-130.255.118.255
Signature Algorithm: sha256WithRSAEncryption
4d:14:4e:81:ae:2e:c0:45:f6:c0:0c:fe:99:88:70:a1:75:b7:
6f:0c:93:53:72:de:dc:bd:2b:63:48:e7:6a:2c:2e:0a:0d:90:
97:13:7d:30:aa:d1:a9:d1:c9:01:b6:56:a4:b7:0e:dc:da:1b:
33:ae:63:56:ab:31:f2:6d:29:c4:8e:cb:68:8c:02:72:48:4f:
28:51:87:f0:c7:2d:31:f2:e0:2a:6f:d8:7f:7b:bd:ba:36:8f:
de:4f:2c:c7:45:62:ca:59:9c:5f:11:88:f0:ed:06:31:34:0a:
f5:12:95:27:b9:6f:97:48:9f:68:c3:37:12:b9:7d:d1:ab:39:
5c:f0:61:c6:f5:46:6d:6b:e4:66:45:4b:87:d2:80:68:4b:ba:
24:66:6d:10:8c:53:81:d6:f1:e9:b9:19:2c:7e:bd:75:44:0f:
75:28:f0:b4:60:6d:52:4b:be:7a:f8:e6:c9:c7:53:fc:6b:50:
45:16:c1:4c:ec:73:7d:19:e6:bf:3a:f6:d5:dc:4c:28:6b:8a:
75:fe:6e:1e:9b:0b:9b:2a:8d:b3:61:57:08:54:3d:2c:d2:2f:
5c:fb:e6:44:66:b5:77:96:01:c3:2d:96:c8:f9:b3:73:49:33:
c4:d6:27:18:55:90:e2:d1:e7:66:cb:3a:02:bc:6a:e5:9b:7a:
9d:0b:17:85
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY3RXZj1z4pZvkGF+mhkF/SNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzFjMmRhNmJiOWE1NmMyOGVmZWVjNGU0ZGYwNzU4Y2My
NGViMjYwHhcNMjQwMjIyMTUwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTA5Yzc4N2VhZDgyN2MxNTgxOWRkZmVlZDY5ZGRjNmQzMTY4ZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsKIG4/jOrbSJscaaxQQgYWRlCTQ
JLGwQOPXs1kD4u0xneltwXO6jLnuzZJHUV5yVulitkUEt46YB9/ZdQTvj99+eU+M
bowqP2FbnvrkxWl6ibRJfElb653esaqIiBuyA6PnvE0V0WjYaLAUjLbrc4hxd9JT
IxxR1Wd1V8kB9SttfNs0KtgC0ZhzKtxcWUmC0Lq0L1OIn6ZB5Q44LZAHa6KCghOT
Zt7MnYHL4GiXaQqgEl2M0Tho5N9vhfIHMW3yYhuCEnJlJb62IT6R55hEyd5Vuvqu
Yn+enB6+NMRbZ6Og10IuspE6TIojdfnub6kKgQmxvHzFEAdGdeCxkhj4fQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOUJx4fq2CfBWBnd/u1p3cbTFo9AMB8GA1UdIwQY
MBaAFPAxwtpruaVsKO/uxOTfB1jMJOsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERIQzJtdTVwV3dvNy03RTVOOEhXTXdrNnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kZDcwNGItYzczNS00NGRmLWE3OTYt
Zjg2MjQzYTljMmIzLzEvNVFuSGgtcllKOEZZR2QzLTdXbmR4dE1XajBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kZDcwNGItYzczNS00NGRmLWE3OTYtZjg2MjQzYTljMmIz
LzEvOERIQzJtdTVwV3dvNy03RTVOOEhXTXdrNnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACC/3UD
BACC/3YwDQYJKoZIhvcNAQELBQADggEBAE0UToGuLsBF9sAM/pmIcKF1t28Mk1Ny
3ty9K2NI52osLgoNkJcTfTCq0anRyQG2VqS3DtzaGzOuY1arMfJtKcSOy2iMAnJI
TyhRh/DHLTHy4Cpv2H97vbo2j95PLMdFYspZnF8RiPDtBjE0CvUSlSe5b5dIn2jD
NxK5fdGrOVzwYcb1Rm1r5GZFS4fSgGhLuiRmbRCMU4HW8em5GSx+vXVED3Uo8LRg
bVJLvnr45snHU/xrUEUWwUzsc30Z5r869tXcTChrinX+bh6bC5sqjbNhVwhUPSzS
L1z75kRmtXeWAcMtlsj5s3NJM8TWJxhVkOLR52bLOgK8auWbep0LF4U=
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:11:25 2025 by rpki-client