Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/94632e-99d3-4c21-b67d-d6b730266e76/1/jO0K0e2ommRxHLcWM6zkW2IvFHA.roa
File: jO0K0e2ommRxHLcWM6zkW2IvFHA.roa (raw, json)
Hash identifier: 5eP2SYza4SJGRGay22zubIY9Jjfsuwmp3gLTjOkaEJw=
Subject key identifier: 8C:ED:0A:D1:ED:A8:9A:64:71:1C:B7:16:33:AC:E4:5B:62:2F:14:70
Certificate issuer: /CN=7c9126732c2f0193bc3de4e8d3abc15f4baed62d
Certificate serial: 018E609953EDD00AAF93B849FF4CAC46C46B
Authority key identifier: 7C:91:26:73:2C:2F:01:93:BC:3D:E4:E8:D3:AB:C1:5F:4B:AE:D6:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fJEmcywvAZO8PeTo06vBX0uu1i0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/94632e-99d3-4c21-b67d-d6b730266e76/1/jO0K0e2ommRxHLcWM6zkW2IvFHA.roa
Signing time: Thu 21 Mar 2024 10:40:44 +0000
ROA not before: Thu 21 Mar 2024 10:40:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215927
IP address blocks: 5.252.8.0/24 maxlen: 24
5.252.9.0/24 maxlen: 24
5.252.10.0/23 maxlen: 23
5.252.10.0/24 maxlen: 24
5.252.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 May 2024 11:44:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:60:99:53:ed:d0:0a:af:93:b8:49:ff:4c:ac:46:c4:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c9126732c2f0193bc3de4e8d3abc15f4baed62d
Validity
Not Before: Mar 21 10:40:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ced0ad1eda89a64711cb71633ace45b622f1470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:15:c3:41:b2:29:3e:60:02:6f:ef:d9:d1:f1:
43:6d:f4:b1:a4:0b:82:da:f8:50:18:70:b8:f2:f4:
73:3a:95:06:25:72:5d:c6:da:29:69:e6:75:d5:de:
da:6f:07:47:57:a9:60:9b:71:a8:7d:9e:39:c4:ba:
17:84:27:34:04:99:6b:37:64:b7:c8:82:8e:82:f9:
f3:77:28:b9:e9:6e:00:64:22:95:47:f2:7b:9d:6d:
c8:ab:85:e2:46:c8:a0:f2:79:d0:32:55:38:fa:a1:
ae:62:fb:70:e7:ac:fd:9e:a1:ea:68:4f:3c:25:3b:
51:c8:41:8c:91:23:7a:fb:f2:23:07:5a:df:0a:6d:
dd:fb:8d:22:58:08:2e:c9:a8:1c:e2:2e:49:80:2b:
a2:25:60:59:5c:c1:46:fb:33:13:be:12:fe:6a:5f:
7e:3e:52:0c:41:a9:98:2b:8e:81:43:5a:98:a9:11:
71:4e:97:8d:e2:b4:12:37:91:89:7b:dc:45:6e:d5:
4c:ab:50:1d:6f:b1:3b:ff:bb:45:2d:a2:d9:ba:f4:
3e:0b:db:76:f6:66:a8:77:a6:e9:ac:92:25:03:1f:
c4:2c:4d:f2:3f:46:bd:cc:d1:90:3a:a7:05:e4:b6:
3e:32:7c:81:46:b3:13:2d:08:87:0b:db:ae:24:8d:
b4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:ED:0A:D1:ED:A8:9A:64:71:1C:B7:16:33:AC:E4:5B:62:2F:14:70
X509v3 Authority Key Identifier:
keyid:7C:91:26:73:2C:2F:01:93:BC:3D:E4:E8:D3:AB:C1:5F:4B:AE:D6:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fJEmcywvAZO8PeTo06vBX0uu1i0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/94632e-99d3-4c21-b67d-d6b730266e76/1/jO0K0e2ommRxHLcWM6zkW2IvFHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/94632e-99d3-4c21-b67d-d6b730266e76/1/fJEmcywvAZO8PeTo06vBX0uu1i0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.8.0/22
Signature Algorithm: sha256WithRSAEncryption
38:cc:df:e9:f3:a9:3a:8d:4c:36:f3:3a:02:21:34:f4:28:e4:
d2:db:b5:d8:0a:e9:ba:4d:13:75:d9:9e:52:08:b1:87:29:ef:
a5:0a:4a:f4:e0:e8:60:8a:60:e2:2e:51:3b:ab:bf:e5:c4:ef:
6f:94:72:2d:67:32:3b:0a:4f:48:b2:a1:56:ec:78:c1:c4:62:
c8:2f:3a:b3:02:eb:b5:ff:d9:47:49:7b:63:5c:f7:a1:ab:c0:
f0:97:09:7b:36:e2:b2:86:59:ad:44:e9:e5:8c:2c:2c:8a:87:
9b:f6:c0:75:ef:7c:ca:02:f6:af:f0:5e:1c:19:df:9b:06:2b:
3a:e1:bb:8a:e1:75:06:93:b0:a3:69:fa:7b:37:96:1c:9e:44:
79:83:06:02:4c:86:55:1b:f9:79:c9:d4:b4:52:db:bb:3b:30:
f2:e3:fb:53:eb:d2:0a:44:17:48:86:ba:27:d5:aa:56:a1:e1:
4b:05:c1:2f:41:ec:32:1c:51:a5:5a:74:bc:8e:8e:2e:c3:81:
80:fb:66:18:da:94:70:9e:e3:c0:68:f3:3a:3a:f1:22:aa:89:
47:21:91:2f:c4:23:8f:79:1b:e4:08:3f:c4:d4:6f:d3:90:a7:
0d:a0:83:e7:89:ad:df:29:d5:0b:fe:f6:04:1e:b8:ee:8f:a9:
d8:44:8d:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5gmVPt0Aqvk7hJ/0ysRsRrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjOTEyNjczMmMyZjAxOTNiYzNkZTRlOGQzYWJjMTVmNGJh
ZWQ2MmQwHhcNMjQwMzIxMTA0MDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2VkMGFkMWVkYTg5YTY0NzExY2I3MTYzM2FjZTQ1YjYyMmYxNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxXDQbIpPmACb+/Z0fFDbfSxpAuC
2vhQGHC48vRzOpUGJXJdxtopaeZ11d7abwdHV6lgm3GofZ45xLoXhCc0BJlrN2S3
yIKOgvnzdyi56W4AZCKVR/J7nW3Iq4XiRsig8nnQMlU4+qGuYvtw56z9nqHqaE88
JTtRyEGMkSN6+/IjB1rfCm3d+40iWAguyagc4i5JgCuiJWBZXMFG+zMTvhL+al9+
PlIMQamYK46BQ1qYqRFxTpeN4rQSN5GJe9xFbtVMq1Adb7E7/7tFLaLZuvQ+C9t2
9maod6bprJIlAx/ELE3yP0a9zNGQOqcF5LY+MnyBRrMTLQiHC9uuJI20sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIztCtHtqJpkcRy3FjOs5FtiLxRwMB8GA1UdIwQY
MBaAFHyRJnMsLwGTvD3k6NOrwV9LrtYtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkpFbWN5d3ZBWk84UGVUbzA2dkJYMHV1MWkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi85NDYzMmUtOTlkMy00YzIxLWI2N2Qt
ZDZiNzMwMjY2ZTc2LzEvak8wSzBlMm9tbVJ4SExjV002emtXMkl2RkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi85NDYzMmUtOTlkMy00YzIxLWI2N2QtZDZiNzMwMjY2ZTc2
LzEvZkpFbWN5d3ZBWk84UGVUbzA2dkJYMHV1MWkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBfwIMA0G
CSqGSIb3DQEBCwUAA4IBAQA4zN/p86k6jUw28zoCITT0KOTS27XYCum6TRN12Z5S
CLGHKe+lCkr04OhgimDiLlE7q7/lxO9vlHItZzI7Ck9IsqFW7HjBxGLILzqzAuu1
/9lHSXtjXPehq8Dwlwl7NuKyhlmtROnljCwsioeb9sB173zKAvav8F4cGd+bBis6
4buK4XUGk7Cjafp7N5YcnkR5gwYCTIZVG/l5ydS0Utu7OzDy4/tT69IKRBdIhron
1apWoeFLBcEvQewyHFGlWnS8jo4uw4GA+2YY2pRwnuPAaPM6OvEiqolHIZEvxCOP
eRvkCD/E1G/TkKcNoIPnia3fKdUL/vYEHrjuj6nYRI2P
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:01 2025 by rpki-client