Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/1-1KaKc5V-akK43B5amIIZlFvYuQ.roa
File: 1-1KaKc5V-akK43B5amIIZlFvYuQ.roa (raw, json)
Hash identifier: A9QBulCjcXsSItbchOJHLDL2Mg+bm7BbGEfGvH2qo+o=
Subject key identifier: FB:52:9A:29:CE:55:F9:A9:0A:E3:70:79:6A:62:08:66:51:6F:62:E4
Certificate issuer: /CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Certificate serial: 0192F0F59D79B0066578195D73937798D336
Authority key identifier: DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/1-1KaKc5V-akK43B5amIIZlFvYuQ.roa
Signing time: Sun 03 Nov 2024 07:38:01 +0000
ROA not before: Sun 03 Nov 2024 07:38:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51074
IP address blocks: 5.221.0.0/16 maxlen: 16
31.184.128.0/18 maxlen: 24
31.184.145.0/24 maxlen: 24
37.130.200.0/21 maxlen: 24
37.130.202.0/23 maxlen: 23
178.252.128.0/18 maxlen: 24
178.252.138.0/24 maxlen: 24
185.115.148.0/22 maxlen: 24
2a02:2b58::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f0:f5:9d:79:b0:06:65:78:19:5d:73:93:77:98:d3:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Validity
Not Before: Nov 3 07:38:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb529a29ce55f9a90ae370796a620866516f62e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ac:bb:a3:db:89:9a:a0:46:f6:9e:31:c2:f4:
70:f4:90:54:8f:9d:a2:0e:49:89:96:aa:ba:1c:18:
46:78:b0:4c:ee:cb:bd:9d:b8:f9:f5:d0:e4:87:7b:
d8:26:42:d0:31:dd:4a:1b:a1:87:62:65:b2:fa:1e:
b5:31:71:c9:ad:89:b2:46:10:9a:ae:1b:2e:1f:d0:
02:90:f2:af:a4:95:69:60:91:6e:79:a5:7b:fb:a6:
32:9f:d5:8e:c3:76:ea:ff:72:c0:9b:c5:81:81:d4:
31:ec:4d:02:b2:a8:05:d0:0c:28:2e:97:f6:be:f1:
76:3b:17:83:58:ba:b5:b6:8c:e6:ce:d9:f2:b2:71:
78:ec:fb:7b:d6:9b:71:c5:af:da:91:0e:ed:76:82:
76:25:fb:c9:b7:22:1b:93:5d:2b:e7:7d:8c:c7:51:
4d:88:2b:72:31:98:38:4b:da:83:1e:66:5e:5e:e0:
0b:7d:db:7b:52:e5:79:df:df:7a:49:27:c8:96:b7:
09:12:b1:aa:a3:e4:b0:d8:bd:d8:64:40:81:ec:be:
0a:98:97:86:6f:01:9e:f1:eb:95:43:66:6c:56:ea:
ae:0a:89:96:ba:41:b0:01:1d:fc:86:76:86:23:28:
7d:26:a1:30:30:76:11:4e:83:fd:03:5c:00:11:fb:
21:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:52:9A:29:CE:55:F9:A9:0A:E3:70:79:6A:62:08:66:51:6F:62:E4
X509v3 Authority Key Identifier:
keyid:DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/1-1KaKc5V-akK43B5amIIZlFvYuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.221.0.0/16
31.184.128.0/18
37.130.200.0/21
178.252.128.0/18
185.115.148.0/22
IPv6:
2a02:2b58::/29
Signature Algorithm: sha256WithRSAEncryption
69:76:15:94:6a:c6:34:cb:0f:bc:6a:8d:65:a0:c4:d1:06:d1:
f8:e6:a1:76:7f:18:6c:3f:e4:3f:c0:30:ae:bd:4c:9a:28:0f:
24:0d:ee:3e:09:d3:2c:20:bf:18:1a:32:22:8f:b9:9d:55:fd:
83:08:31:2a:02:40:cc:5f:29:7f:5c:57:eb:73:78:08:e4:04:
b2:13:49:b1:53:37:6f:da:ac:37:b3:d6:11:53:5a:e9:c4:07:
5d:16:7d:62:a9:f5:eb:ce:82:4d:42:ea:96:fd:ed:bf:4f:2b:
03:2c:dc:04:1e:72:ae:3b:e3:d0:01:aa:01:8d:06:b7:d8:0d:
1c:8c:f0:71:87:7f:95:a1:ad:41:de:89:cb:bb:18:8a:c6:c4:
92:1d:74:c8:12:61:45:0c:60:6a:d2:42:25:0a:f9:5f:9c:c6:
b8:b9:b4:ea:5f:74:a8:5b:1e:ab:d9:2a:d5:aa:0a:fe:d8:75:
18:37:00:09:cc:37:67:9d:35:ae:68:8b:ad:72:52:1d:fa:97:
7c:c5:7b:72:45:da:df:8a:49:26:d0:69:7d:8f:3d:75:f7:59:
f2:f0:bd:45:c6:75:7e:16:de:09:da:eb:8f:6a:b6:23:fb:2c:
de:18:a5:20:5c:b6:a1:e5:60:82:45:91:6e:9d:ab:bc:82:78:
21:7a:9a:58
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZLw9Z15sAZleBldc5N3mNM2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmI2NDVmMTM0ZjRmZGFkYTQ1ZTcwYmNmY2Q5M2I4OTdk
YmQ3MjUwHhcNMjQxMTAzMDczODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjUyOWEyOWNlNTVmOWE5MGFlMzcwNzk2YTYyMDg2NjUxNmY2MmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6y7o9uJmqBG9p4xwvRw9JBUj52i
DkmJlqq6HBhGeLBM7su9nbj59dDkh3vYJkLQMd1KG6GHYmWy+h61MXHJrYmyRhCa
rhsuH9ACkPKvpJVpYJFueaV7+6Yyn9WOw3bq/3LAm8WBgdQx7E0CsqgF0AwoLpf2
vvF2OxeDWLq1tozmztnysnF47Pt71ptxxa/akQ7tdoJ2JfvJtyIbk10r532Mx1FN
iCtyMZg4S9qDHmZeXuALfdt7UuV53996SSfIlrcJErGqo+Sw2L3YZECB7L4KmJeG
bwGe8euVQ2ZsVuquComWukGwAR38hnaGIyh9JqEwMHYRToP9A1wAEfshZwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPtSminOVfmpCuNweWpiCGZRb2LkMB8GA1UdIwQY
MBaAFNr7ZF8TT0/a2kXnC8/Nk7iX29clMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2Et
NmJhMGEwY2UwMWVkLzEvMS0xS2FLYzVWLWFrSzQzQjVhbUlJWmxGdll1US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTIvN2E0OGY1LWJkMjQtNGRjNC04Y2NhLTZiYTBhMGNlMDFl
ZC8xLzJ2dGtYeE5QVDlyYVJlY0x6ODJUdUpmYjF5VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBFBggrBgEFBQcBBwEB/wQ2MDQwIwQCAAEwHQMDAAXdAwQG
H7iAAwQDJYLIAwQGsvyAAwQCuXOUMA0EAgACMAcDBQMqAitYMA0GCSqGSIb3DQEB
CwUAA4IBAQBpdhWUasY0yw+8ao1loMTRBtH45qF2fxhsP+Q/wDCuvUyaKA8kDe4+
CdMsIL8YGjIij7mdVf2DCDEqAkDMXyl/XFfrc3gI5ASyE0mxUzdv2qw3s9YRU1rp
xAddFn1iqfXrzoJNQuqW/e2/TysDLNwEHnKuO+PQAaoBjQa32A0cjPBxh3+Voa1B
3onLuxiKxsSSHXTIEmFFDGBq0kIlCvlfnMa4ubTqX3SoWx6r2SrVqgr+2HUYNwAJ
zDdnnTWuaIutclId+pd8xXtyRdrfikkm0Gl9jz1191ny8L1FxnV+Ft4J2uuParYj
+yzeGKUgXLah5WCCRZFunau8gngheppY
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:27:54 2025 by rpki-client