Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/A5OksY7Wsa8TiDNzDoJyDh-xIDQ.roa
File: A5OksY7Wsa8TiDNzDoJyDh-xIDQ.roa (raw, json)
Hash identifier: 4QOYSMCy/fki9YxBw+Gs0mlyLn5lSsrvHryJyl23J44=
Subject key identifier: 03:93:A4:B1:8E:D6:B1:AF:13:88:33:73:0E:82:72:0E:1F:B1:20:34
Certificate issuer: /CN=090e592a2e0d427a09aa2de1b9baf08ccd14f0a0
Certificate serial: 0193C0DF0919490926017D11A3F6883F511F
Authority key identifier: 09:0E:59:2A:2E:0D:42:7A:09:AA:2D:E1:B9:BA:F0:8C:CD:14:F0:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/A5OksY7Wsa8TiDNzDoJyDh-xIDQ.roa
Signing time: Fri 13 Dec 2024 16:34:22 +0000
ROA not before: Fri 13 Dec 2024 16:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21949
IP address blocks: 199.244.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c0:df:09:19:49:09:26:01:7d:11:a3:f6:88:3f:51:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090e592a2e0d427a09aa2de1b9baf08ccd14f0a0
Validity
Not Before: Dec 13 16:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0393a4b18ed6b1af138833730e82720e1fb12034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c5:ae:b1:45:dc:58:24:c1:6e:67:f1:96:44:
f7:e7:30:fa:51:bc:99:fe:96:b2:31:28:ca:76:0d:
49:5b:07:c3:0a:93:40:1c:c5:d8:cd:fd:d2:5a:42:
8f:96:c7:88:65:88:3b:7f:5b:b4:f7:4b:14:6e:9a:
c2:66:4c:e7:28:ef:b9:4e:9c:0e:4e:cb:89:d1:83:
2a:6c:27:3f:7f:4f:b0:ff:c0:0e:ac:d7:e2:77:25:
74:97:fd:d0:c1:5d:4a:b7:f6:fc:3d:8b:bd:25:82:
c9:98:e3:6a:1b:93:3f:88:be:23:4b:f9:0c:41:ce:
d8:29:dd:88:b4:1b:fa:fe:89:1c:24:62:1f:e1:1f:
a6:83:86:5a:c1:92:f7:85:f4:1e:15:d5:fe:05:d7:
2c:f6:25:e4:84:60:ab:e1:07:9d:01:d3:3b:54:23:
5a:3f:9b:d0:ee:2a:1f:9f:0b:b3:23:ae:31:9c:30:
9f:18:72:dc:c3:2a:a1:b1:f5:37:17:06:7e:ed:03:
d9:c6:c3:d9:47:83:9b:ec:9c:31:01:d9:11:81:ef:
a1:51:8c:ec:0d:58:0d:f1:ba:9e:c8:f1:20:cf:38:
26:55:05:7b:18:23:73:08:0e:f0:a3:a4:08:88:fc:
9f:79:16:4f:33:35:04:2c:2d:ac:c0:09:c7:04:7c:
1c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:93:A4:B1:8E:D6:B1:AF:13:88:33:73:0E:82:72:0E:1F:B1:20:34
X509v3 Authority Key Identifier:
keyid:09:0E:59:2A:2E:0D:42:7A:09:AA:2D:E1:B9:BA:F0:8C:CD:14:F0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/A5OksY7Wsa8TiDNzDoJyDh-xIDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.244.102.0/24
Signature Algorithm: sha256WithRSAEncryption
51:36:95:01:e7:e4:39:4e:66:4b:b1:7e:b3:8b:96:c2:28:38:
bf:7d:5f:68:b2:27:66:89:ab:60:e6:0a:a6:69:7f:31:57:de:
04:84:9f:ef:d2:ee:1f:07:11:1b:08:26:9e:78:d3:dc:36:40:
0c:b3:ea:fe:8e:7e:55:d7:50:11:d0:94:5f:82:ed:9e:e2:d7:
85:75:ff:14:4c:da:30:d4:b8:e3:21:e6:1d:87:0e:23:f7:42:
bc:04:5c:2b:c8:97:d1:6e:6b:2a:cd:b5:81:14:6f:65:e9:e1:
27:da:05:a7:f2:f0:1a:57:87:47:2c:3e:fd:69:ce:cb:b2:d3:
03:d5:0f:f8:86:48:e2:3e:60:09:ed:57:5d:59:a7:d8:55:e1:
f3:31:d3:cb:d4:3c:47:10:fe:90:f3:08:f9:e9:4f:6a:db:13:
28:2e:ef:4b:b2:25:92:8c:f3:77:c6:2a:92:47:40:93:1b:4d:
47:ce:b2:f6:0d:b6:e5:f1:49:4c:58:fc:63:8f:fc:13:28:38:
9e:00:37:59:c6:9a:7c:d6:cb:0d:1c:c5:9b:c1:53:73:91:56:
72:8e:51:39:e2:96:ac:57:bb:78:5f:c3:32:d2:b3:cb:b0:64:
ec:14:8a:01:73:23:d5:41:56:9d:ef:c4:23:e5:d8:02:dc:aa:
ea:c0:dd:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPA3wkZSQkmAX0Ro/aIP1EfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MGU1OTJhMmUwZDQyN2EwOWFhMmRlMWI5YmFmMDhjY2Qx
NGYwYTAwHhcNMjQxMjEzMTYzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzkzYTRiMThlZDZiMWFmMTM4ODMzNzMwZTgyNzIwZTFmYjEyMDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcWusUXcWCTBbmfxlkT35zD6UbyZ
/payMSjKdg1JWwfDCpNAHMXYzf3SWkKPlseIZYg7f1u090sUbprCZkznKO+5TpwO
TsuJ0YMqbCc/f0+w/8AOrNfidyV0l/3QwV1Kt/b8PYu9JYLJmONqG5M/iL4jS/kM
Qc7YKd2ItBv6/okcJGIf4R+mg4ZawZL3hfQeFdX+Bdcs9iXkhGCr4QedAdM7VCNa
P5vQ7iofnwuzI64xnDCfGHLcwyqhsfU3FwZ+7QPZxsPZR4Ob7JwxAdkRge+hUYzs
DVgN8bqeyPEgzzgmVQV7GCNzCA7wo6QIiPyfeRZPMzUELC2swAnHBHwcRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAOTpLGO1rGvE4gzcw6Ccg4fsSA0MB8GA1UdIwQY
MBaAFAkOWSouDUJ6Caot4bm68IzNFPCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1E1WktpNE5Rbm9KcWkzaHVicndqTTBVOEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xNWY2OTAtNWFkZC00NzBkLWEyODYt
MzNiZGM3M2VkMGVhLzEvQTVPa3NZN1dzYThUaUROekRvSnlEaC14SURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xNWY2OTAtNWFkZC00NzBkLWEyODYtMzNiZGM3M2VkMGVh
LzEvQ1E1WktpNE5Rbm9KcWkzaHVicndqTTBVOEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAx/RmMA0G
CSqGSIb3DQEBCwUAA4IBAQBRNpUB5+Q5TmZLsX6zi5bCKDi/fV9osidmiatg5gqm
aX8xV94EhJ/v0u4fBxEbCCaeeNPcNkAMs+r+jn5V11AR0JRfgu2e4teFdf8UTNow
1LjjIeYdhw4j90K8BFwryJfRbmsqzbWBFG9l6eEn2gWn8vAaV4dHLD79ac7LstMD
1Q/4hkjiPmAJ7VddWafYVeHzMdPL1DxHEP6Q8wj56U9q2xMoLu9LsiWSjPN3xiqS
R0CTG01HzrL2Dbbl8UlMWPxjj/wTKDieADdZxpp81ssNHMWbwVNzkVZyjlE54pas
V7t4X8My0rPLsGTsFIoBcyPVQVad78Qj5dgC3KrqwN2w
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:44:41 2025 by rpki-client