Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/cdNk4-Y8fg7MmrrfIg_33r5Y6og.roa
File: cdNk4-Y8fg7MmrrfIg_33r5Y6og.roa (raw, json)
Hash identifier: MJlPzqoa1HjSnmnRSXn2Ws++fx7HYf3n/4tDjz4MNK0=
Subject key identifier: 71:D3:64:E3:E6:3C:7E:0E:CC:9A:BA:DF:22:0F:F7:DE:BE:58:EA:88
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 018D2386EDF02359FB24B2C336195E3C2A6E
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/cdNk4-Y8fg7MmrrfIg_33r5Y6og.roa
Signing time: Fri 19 Jan 2024 21:01:01 +0000
ROA not before: Fri 19 Jan 2024 21:01:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211020
IP address blocks: 5.201.162.0/24 maxlen: 24
89.37.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 07:38:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:23:86:ed:f0:23:59:fb:24:b2:c3:36:19:5e:3c:2a:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Jan 19 21:01:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71d364e3e63c7e0ecc9abadf220ff7debe58ea88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1d:d5:43:ec:db:62:6f:d1:b7:7f:bc:9b:fa:
4f:6e:dc:85:dc:d7:3f:46:5e:3c:8d:a9:88:ff:b9:
d9:85:9a:38:1a:79:29:13:df:0a:ad:f2:51:f0:ec:
17:96:a0:b6:d0:58:f8:36:c9:1c:d3:10:85:5d:d9:
94:b0:1c:48:e0:1e:2e:97:05:aa:79:81:2a:02:ad:
ff:95:d2:9b:6e:1a:7b:3a:97:36:56:16:0d:61:f6:
40:b5:8c:1c:18:07:c7:29:fc:a1:73:56:11:91:8d:
d6:5a:3c:75:23:f1:9e:42:dc:88:29:ef:bc:c0:e9:
36:99:72:5b:8d:93:de:1f:f9:e6:32:be:45:6e:58:
36:4c:81:93:a5:57:63:b5:37:e4:07:d2:0e:c6:9e:
53:76:fd:e2:fe:77:5d:61:c4:3e:f6:e7:a0:70:cb:
23:f6:36:57:d2:b4:7b:49:46:91:b9:cb:fc:ca:34:
9c:6b:c5:0e:e5:99:25:25:d5:e3:1b:ab:64:92:d6:
53:58:14:d4:60:03:85:6c:51:a8:5a:50:4d:17:f9:
dd:5d:85:90:26:e3:26:e2:0c:d8:cb:e8:5e:11:8c:
7d:5a:e1:a2:70:a0:e3:8c:9d:b7:a4:6a:41:e0:84:
7c:1f:82:f7:51:21:95:1b:d0:aa:9c:37:ed:d6:1b:
64:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D3:64:E3:E6:3C:7E:0E:CC:9A:BA:DF:22:0F:F7:DE:BE:58:EA:88
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/cdNk4-Y8fg7MmrrfIg_33r5Y6og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.162.0/24
89.37.12.0/24
Signature Algorithm: sha256WithRSAEncryption
91:2b:56:f0:f6:fc:51:17:8f:1e:fb:95:a6:df:3a:8c:4a:b2:
2f:29:00:3d:0a:87:97:f3:3f:0b:35:a7:5f:0f:7f:cf:ec:e5:
4c:cb:6f:6c:0a:20:59:8f:35:5c:79:29:5b:fa:49:de:25:84:
42:aa:f9:13:17:5c:e6:28:24:92:4f:3c:b3:d7:f6:6b:9e:72:
7e:0b:a4:1f:24:17:d6:70:c3:52:4d:98:8f:c0:01:15:ce:ef:
38:92:7b:e4:3b:af:8e:38:62:01:66:14:d4:d1:3c:f1:cd:f5:
dd:15:40:8f:e4:61:49:0b:17:14:7f:9a:98:cb:05:a0:72:2b:
aa:35:50:37:35:fe:9a:7f:a6:e5:11:ff:2e:de:0b:e5:18:e8:
58:47:23:f2:63:47:bd:24:2f:7e:bb:35:42:bd:25:75:29:53:
6c:aa:13:1d:39:91:24:eb:2a:66:8e:8e:07:63:59:10:0a:de:
03:31:e1:5d:3d:43:99:bf:90:0e:e1:1b:04:a8:45:20:eb:05:
7c:99:3c:dc:9b:00:76:7b:81:72:08:9b:21:00:27:4d:3f:da:
19:75:6b:17:eb:77:93:bb:36:ed:1a:cc:3b:1d:af:29:16:7f:
1d:1b:3e:7f:cd:90:d2:67:36:ec:d0:29:88:f3:44:40:91:90:
4b:ce:47:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0jhu3wI1n7JLLDNhlePCpuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjQwMTE5MjEwMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQzNjRlM2U2M2M3ZTBlY2M5YWJhZGYyMjBmZjdkZWJlNThlYTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux3VQ+zbYm/Rt3+8m/pPbtyF3Nc/
Rl48jamI/7nZhZo4GnkpE98KrfJR8OwXlqC20Fj4Nskc0xCFXdmUsBxI4B4ulwWq
eYEqAq3/ldKbbhp7Opc2VhYNYfZAtYwcGAfHKfyhc1YRkY3WWjx1I/GeQtyIKe+8
wOk2mXJbjZPeH/nmMr5Fblg2TIGTpVdjtTfkB9IOxp5Tdv3i/nddYcQ+9uegcMsj
9jZX0rR7SUaRucv8yjSca8UO5ZklJdXjG6tkktZTWBTUYAOFbFGoWlBNF/ndXYWQ
JuMm4gzYy+heEYx9WuGicKDjjJ23pGpB4IR8H4L3USGVG9CqnDft1htkCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHHTZOPmPH4OzJq63yIP996+WOqIMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvY2ROazQtWThmZzdNbXJyZklnXzMzcjVZNm9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABcmiAwQA
WSUMMA0GCSqGSIb3DQEBCwUAA4IBAQCRK1bw9vxRF48e+5Wm3zqMSrIvKQA9CoeX
8z8LNadfD3/P7OVMy29sCiBZjzVceSlb+kneJYRCqvkTF1zmKCSSTzyz1/ZrnnJ+
C6QfJBfWcMNSTZiPwAEVzu84knvkO6+OOGIBZhTU0TzxzfXdFUCP5GFJCxcUf5qY
ywWgciuqNVA3Nf6af6blEf8u3gvlGOhYRyPyY0e9JC9+uzVCvSV1KVNsqhMdOZEk
6ypmjo4HY1kQCt4DMeFdPUOZv5AO4RsEqEUg6wV8mTzcmwB2e4FyCJshACdNP9oZ
dWsX63eTuzbtGsw7Ha8pFn8dGz5/zZDSZzbs0CmI80RAkZBLzkeK
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:05:56 2025 by rpki-client