Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/t7czZOllO-k2naZkhHoeU-7FBKI.roa
File: t7czZOllO-k2naZkhHoeU-7FBKI.roa (raw, json)
Hash identifier: 1yTWpUdEO0CnpVbeRahY1AjIAs9BF6RRdhKaeTUI+qI=
Subject key identifier: B7:B7:33:64:E9:65:3B:E9:36:9D:A6:64:84:7A:1E:53:EE:C5:04:A2
Certificate issuer: /CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Certificate serial: 0190BF50633FBBD719C2E8A33631B9EBFC49
Authority key identifier: DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/t7czZOllO-k2naZkhHoeU-7FBKI.roa
Signing time: Wed 17 Jul 2024 06:10:34 +0000
ROA not before: Wed 17 Jul 2024 06:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51074
IP address blocks: 5.221.0.0/16 maxlen: 16
31.184.128.0/18 maxlen: 24
37.130.200.0/21 maxlen: 24
178.252.128.0/18 maxlen: 24
185.115.148.0/22 maxlen: 24
2a02:2b58::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 03 Nov 2024 07:37:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:50:63:3f:bb:d7:19:c2:e8:a3:36:31:b9:eb:fc:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Validity
Not Before: Jul 17 06:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7b73364e9653be9369da664847a1e53eec504a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:74:8d:72:4f:7e:d5:3e:f5:45:07:8b:6b:cb:
c9:d3:2c:90:3b:cc:32:f4:b5:22:62:ce:85:de:48:
a2:92:e5:ef:82:b6:f3:a6:36:0a:2a:9b:d4:a9:51:
9e:d0:ca:8c:87:8b:3d:80:c6:2a:4e:5d:dd:5a:94:
d6:8d:52:c1:81:af:19:37:76:6d:51:7a:c6:2d:4e:
70:bf:5b:e7:dd:5e:50:4f:af:28:ec:04:ee:fd:c2:
2e:a8:6b:5c:19:54:e8:9a:b7:d4:dd:b4:4d:55:ee:
86:d3:c8:fe:c5:29:0a:40:50:98:02:cc:3e:19:fe:
60:2a:fe:e8:f1:ac:e3:63:e8:91:73:1b:c6:5c:15:
c2:4a:ec:a7:f7:4a:8c:8c:90:29:f0:f9:e9:8c:a9:
05:a7:77:ae:16:07:1e:79:e6:9a:52:88:ce:0f:e3:
f0:2c:1a:e6:d3:50:fe:b4:27:93:16:7e:bf:7a:37:
39:0a:8f:0f:a7:ad:f5:0e:39:8d:ae:23:7e:5c:7f:
e4:03:9f:7e:e1:19:0d:05:66:17:c4:43:26:d3:8b:
3a:2b:6f:fd:c3:b9:bc:0b:b2:54:c8:6f:fc:f5:88:
07:cc:b3:9d:3b:97:09:22:61:ae:03:2f:06:b7:5f:
46:2f:43:51:e6:d7:16:41:cf:c7:a6:ee:41:5d:21:
09:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B7:33:64:E9:65:3B:E9:36:9D:A6:64:84:7A:1E:53:EE:C5:04:A2
X509v3 Authority Key Identifier:
keyid:DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/t7czZOllO-k2naZkhHoeU-7FBKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.221.0.0/16
31.184.128.0/18
37.130.200.0/21
178.252.128.0/18
185.115.148.0/22
IPv6:
2a02:2b58::/29
Signature Algorithm: sha256WithRSAEncryption
16:29:90:c9:6d:16:2b:62:30:32:0d:b1:ff:2c:1c:c2:e8:81:
de:43:84:19:ba:d7:ea:50:76:fa:23:f2:8f:90:19:f1:72:0a:
9e:02:e8:96:c0:06:25:59:2f:88:c1:95:64:df:36:d6:ec:a7:
38:55:d7:3a:65:0b:49:2a:0e:0c:f9:c3:30:c6:09:e5:d9:e6:
ef:e5:7c:1f:27:d8:f9:ee:4d:9e:0a:98:4b:47:f4:fd:bc:20:
0e:9e:a1:ef:02:5e:5a:42:3a:a8:cc:19:bb:b3:62:61:ea:ab:
ca:f7:de:93:1d:23:3b:86:83:b3:70:6e:57:62:e3:74:02:57:
ea:bf:f8:a8:f0:f8:de:43:25:2a:6e:14:5a:19:a4:64:49:23:
e2:5c:2e:f3:ad:33:76:89:ae:d4:f0:4a:3f:21:d1:1b:dd:ce:
ff:a1:51:58:5c:96:15:f0:cb:ca:25:49:cb:5a:bb:5b:3f:78:
77:fd:7e:5a:15:aa:13:a6:59:ce:e3:b2:96:8f:1f:ad:97:5d:
04:8f:e0:ce:58:06:70:0d:25:00:2d:93:03:12:39:2f:f0:4f:
24:ee:1d:29:83:a6:ba:c8:8f:b1:99:fb:1a:cf:3d:69:12:77:
cf:90:02:c4:7f:33:29:55:02:91:e0:59:99:2c:67:b1:ed:25:
b8:d3:12:b0
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZC/UGM/u9cZwuijNjG56/xJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmI2NDVmMTM0ZjRmZGFkYTQ1ZTcwYmNmY2Q5M2I4OTdk
YmQ3MjUwHhcNMjQwNzE3MDYxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2I3MzM2NGU5NjUzYmU5MzY5ZGE2NjQ4NDdhMWU1M2VlYzUwNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnSNck9+1T71RQeLa8vJ0yyQO8wy
9LUiYs6F3kiikuXvgrbzpjYKKpvUqVGe0MqMh4s9gMYqTl3dWpTWjVLBga8ZN3Zt
UXrGLU5wv1vn3V5QT68o7ATu/cIuqGtcGVTomrfU3bRNVe6G08j+xSkKQFCYAsw+
Gf5gKv7o8azjY+iRcxvGXBXCSuyn90qMjJAp8PnpjKkFp3euFgceeeaaUojOD+Pw
LBrm01D+tCeTFn6/ejc5Co8Pp631DjmNriN+XH/kA59+4RkNBWYXxEMm04s6K2/9
w7m8C7JUyG/89YgHzLOdO5cJImGuAy8Gt19GL0NR5tcWQc/Hpu5BXSEJewIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLe3M2TpZTvpNp2mZIR6HlPuxQSiMB8GA1UdIwQY
MBaAFNr7ZF8TT0/a2kXnC8/Nk7iX29clMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2Et
NmJhMGEwY2UwMWVkLzEvdDdjelpPbGxPLWsybmFaa2hIb2VVLTdGQktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2EtNmJhMGEwY2UwMWVk
LzEvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMABd0DBAYf
uIADBAMlgsgDBAay/IADBAK5c5QwDQQCAAIwBwMFAyoCK1gwDQYJKoZIhvcNAQEL
BQADggEBABYpkMltFitiMDINsf8sHMLogd5DhBm61+pQdvoj8o+QGfFyCp4C6JbA
BiVZL4jBlWTfNtbspzhV1zplC0kqDgz5wzDGCeXZ5u/lfB8n2PnuTZ4KmEtH9P28
IA6eoe8CXlpCOqjMGbuzYmHqq8r33pMdIzuGg7Nwbldi43QCV+q/+Kjw+N5DJSpu
FFoZpGRJI+JcLvOtM3aJrtTwSj8h0Rvdzv+hUVhclhXwy8olSctau1s/eHf9floV
qhOmWc7jspaPH62XXQSP4M5YBnANJQAtkwMSOS/wTyTuHSmDprrIj7GZ+xrPPWkS
d8+QAsR/MylVApHgWZksZ7HtJbjTErA=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:45:25 2025 by rpki-client