Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/5nawHqmvm8lKdeR0s7RVRAYdjIk.roa
File: 5nawHqmvm8lKdeR0s7RVRAYdjIk.roa (raw, json)
Hash identifier: Eb37EKRc21ilBLRXKxj3j61vscEZ3er9UGl/hZ3Qh44=
Subject key identifier: E6:76:B0:1E:A9:AF:9B:C9:4A:75:E4:74:B3:B4:55:44:06:1D:8C:89
Certificate issuer: /CN=090e592a2e0d427a09aa2de1b9baf08ccd14f0a0
Certificate serial: 01939A333EBD0FE17F220D4487D4C5441EBE
Authority key identifier: 09:0E:59:2A:2E:0D:42:7A:09:AA:2D:E1:B9:BA:F0:8C:CD:14:F0:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/5nawHqmvm8lKdeR0s7RVRAYdjIk.roa
Signing time: Fri 06 Dec 2024 04:21:09 +0000
ROA not before: Fri 06 Dec 2024 04:21:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214623
IP address blocks: 199.244.102.0/24 maxlen: 24
199.244.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Dec 2024 16:34:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9a:33:3e:bd:0f:e1:7f:22:0d:44:87:d4:c5:44:1e:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090e592a2e0d427a09aa2de1b9baf08ccd14f0a0
Validity
Not Before: Dec 6 04:21:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e676b01ea9af9bc94a75e474b3b45544061d8c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7c:0f:ab:29:f5:ef:d5:bf:8c:d0:ad:a6:6e:
0d:6d:dc:8f:a0:aa:22:4d:e9:d9:10:f7:f1:c8:1f:
38:35:50:a8:1c:e3:10:1d:3c:a2:a3:df:74:03:fe:
38:fa:77:7f:8e:45:10:bf:8d:2e:ea:19:79:82:92:
8b:24:c9:d9:6c:92:4b:fd:d9:eb:45:97:70:d8:59:
53:d5:61:e5:c5:e7:18:54:54:63:b9:fe:9b:60:4e:
b6:aa:57:28:d7:39:2b:c4:12:bf:1d:7a:b2:71:0b:
89:be:ff:b2:6e:9f:ba:11:d9:06:9f:11:94:c6:f1:
48:79:fc:2d:9e:15:8d:68:04:88:56:35:03:38:bb:
d9:f3:e9:dd:de:d9:57:83:6b:02:31:97:5b:1b:28:
ff:d8:10:ea:10:bd:01:b2:f2:90:8b:21:e3:35:75:
98:cb:18:e2:b9:3e:b9:f4:4b:7a:45:82:6e:1a:84:
22:ac:ac:26:0d:16:08:26:2b:96:52:0d:66:00:e9:
8f:43:b9:ae:8a:c4:49:74:92:5a:f0:91:91:47:1a:
4b:ae:6b:0c:7d:61:9d:ff:5a:15:6f:2c:fa:00:e3:
5a:63:54:5d:ba:ad:dd:3f:52:9a:c1:c7:e7:98:19:
3d:f0:2a:f6:17:a6:75:2c:f4:e4:69:d3:85:4a:7e:
6b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:76:B0:1E:A9:AF:9B:C9:4A:75:E4:74:B3:B4:55:44:06:1D:8C:89
X509v3 Authority Key Identifier:
keyid:09:0E:59:2A:2E:0D:42:7A:09:AA:2D:E1:B9:BA:F0:8C:CD:14:F0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/5nawHqmvm8lKdeR0s7RVRAYdjIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.244.102.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:51:0e:a8:83:1a:cc:f9:13:a0:02:a9:10:78:c2:44:67:59:
c6:11:be:76:2f:e1:45:84:f8:d0:dd:ac:f4:11:ae:88:1d:0f:
66:d4:f6:00:6e:75:da:4f:6b:02:2d:70:42:4b:1e:41:72:61:
12:b6:df:29:99:47:17:1c:6d:45:a9:58:6c:83:51:24:3c:2d:
4c:41:60:f0:b2:ca:21:8a:3c:fb:20:74:7f:03:7a:40:5f:2a:
14:d9:0a:b4:c3:73:28:85:ee:74:31:00:9d:d1:15:ff:67:27:
18:02:8e:a5:5b:33:95:ea:81:f9:db:c9:22:12:2c:95:a4:9c:
a2:80:af:e2:7d:f2:9d:16:d7:8c:02:ef:a2:33:3b:d2:89:91:
c3:2b:e0:02:03:5c:77:89:3b:51:9b:0a:62:2e:f3:eb:72:43:
c1:8a:a7:be:72:a1:8a:28:70:b0:aa:e9:e5:91:16:a1:d1:84:
5e:bc:82:75:b3:96:f1:8d:b4:92:75:9b:6a:b7:de:68:e3:05:
5d:43:66:f5:57:2f:cc:9f:b7:63:be:d3:3b:ab:1c:8b:d1:5b:
a0:34:5f:8f:3c:9b:f7:30:87:44:5d:23:7b:2a:e3:5a:24:a5:
9c:50:8f:e4:9c:fe:a9:59:8d:5c:e3:43:3b:a8:98:86:b2:97:
11:46:aa:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOaMz69D+F/Ig1Eh9TFRB6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MGU1OTJhMmUwZDQyN2EwOWFhMmRlMWI5YmFmMDhjY2Qx
NGYwYTAwHhcNMjQxMjA2MDQyMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjc2YjAxZWE5YWY5YmM5NGE3NWU0NzRiM2I0NTU0NDA2MWQ4Yzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nwPqyn179W/jNCtpm4NbdyPoKoi
TenZEPfxyB84NVCoHOMQHTyio990A/44+nd/jkUQv40u6hl5gpKLJMnZbJJL/dnr
RZdw2FlT1WHlxecYVFRjuf6bYE62qlco1zkrxBK/HXqycQuJvv+ybp+6EdkGnxGU
xvFIefwtnhWNaASIVjUDOLvZ8+nd3tlXg2sCMZdbGyj/2BDqEL0BsvKQiyHjNXWY
yxjiuT659Et6RYJuGoQirKwmDRYIJiuWUg1mAOmPQ7muisRJdJJa8JGRRxpLrmsM
fWGd/1oVbyz6AONaY1Rduq3dP1KawcfnmBk98Cr2F6Z1LPTkadOFSn5rowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZ2sB6pr5vJSnXkdLO0VUQGHYyJMB8GA1UdIwQY
MBaAFAkOWSouDUJ6Caot4bm68IzNFPCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1E1WktpNE5Rbm9KcWkzaHVicndqTTBVOEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xNWY2OTAtNWFkZC00NzBkLWEyODYt
MzNiZGM3M2VkMGVhLzEvNW5hd0hxbXZtOGxLZGVSMHM3UlZSQVlkaklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xNWY2OTAtNWFkZC00NzBkLWEyODYtMzNiZGM3M2VkMGVh
LzEvQ1E1WktpNE5Rbm9KcWkzaHVicndqTTBVOEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBx/RmMA0G
CSqGSIb3DQEBCwUAA4IBAQB6UQ6ogxrM+ROgAqkQeMJEZ1nGEb52L+FFhPjQ3az0
Ea6IHQ9m1PYAbnXaT2sCLXBCSx5BcmEStt8pmUcXHG1FqVhsg1EkPC1MQWDwssoh
ijz7IHR/A3pAXyoU2Qq0w3Mohe50MQCd0RX/ZycYAo6lWzOV6oH528kiEiyVpJyi
gK/iffKdFteMAu+iMzvSiZHDK+ACA1x3iTtRmwpiLvPrckPBiqe+cqGKKHCwqunl
kRah0YRevIJ1s5bxjbSSdZtqt95o4wVdQ2b1Vy/Mn7djvtM7qxyL0VugNF+PPJv3
MIdEXSN7KuNaJKWcUI/knP6pWY1c40M7qJiGspcRRqqS
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:33:42 2025 by rpki-client