Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/1r-Yk2ZAW2zSXB_g1KCEFo2u6aE.roa
File: 1r-Yk2ZAW2zSXB_g1KCEFo2u6aE.roa (raw, json)
Hash identifier: P7t1vtJmYJe7pI1aQQV6O21vDhQr/HnuGDcgowfRDVs=
Subject key identifier: D6:BF:98:93:66:40:5B:6C:D2:5C:1F:E0:D4:A0:84:16:8D:AE:E9:A1
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 0194228D190393A9DD9A9630F7A6A48E2EEF
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/1r-Yk2ZAW2zSXB_g1KCEFo2u6aE.roa
Signing time: Wed 01 Jan 2025 15:47:39 +0000
ROA not before: Wed 01 Jan 2025 15:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196977
IP address blocks: 5.153.190.0/23 maxlen: 23
5.153.190.0/24 maxlen: 24
5.153.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Jan 2025 15:10:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:19:03:93:a9:dd:9a:96:30:f7:a6:a4:8e:2e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Jan 1 15:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6bf989366405b6cd25c1fe0d4a084168daee9a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d3:7d:35:65:d9:d7:53:98:1b:53:ba:ce:0f:
aa:d8:d0:e4:81:d6:15:37:b0:27:78:d1:51:da:11:
48:c8:b8:e4:bb:2e:9a:52:6f:5d:0f:2a:25:72:6b:
91:d3:38:8a:5b:bf:3c:83:2f:85:f6:cc:75:8d:80:
dc:c8:f6:92:90:1f:63:24:70:d4:d1:d4:b4:bc:9e:
e8:b1:c0:99:83:2c:4b:3c:d4:60:d2:5b:61:d9:b3:
30:64:9b:dc:28:d2:87:04:19:f4:d3:c5:be:12:25:
77:29:83:38:58:71:81:a2:89:94:82:5e:e1:dd:16:
d7:50:96:38:af:15:a0:61:d2:35:e7:da:97:8a:7e:
1e:d5:c6:fe:c4:8f:b0:2d:3f:aa:fb:e7:9c:d7:25:
91:b7:0f:c2:03:1a:7e:1a:77:c7:72:23:60:9e:16:
90:f7:28:51:b2:30:31:e9:a1:df:55:1a:46:ee:66:
b1:84:6f:57:e4:14:06:70:2d:69:5e:6e:cf:36:40:
b7:1b:00:f1:ea:e8:28:70:fb:6d:9d:89:d3:44:c6:
c5:24:95:f6:24:86:10:fc:de:ff:95:f9:fb:bf:f3:
b4:3d:7e:2a:e4:e8:c8:7e:ea:ea:52:ba:1d:9e:b8:
b3:0d:7e:9d:d4:ec:bc:1f:73:88:82:27:db:bb:4d:
ff:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:BF:98:93:66:40:5B:6C:D2:5C:1F:E0:D4:A0:84:16:8D:AE:E9:A1
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/1r-Yk2ZAW2zSXB_g1KCEFo2u6aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.190.0/23
Signature Algorithm: sha256WithRSAEncryption
08:57:3f:21:7a:4c:58:c2:76:cf:2e:05:6f:65:57:21:c6:47:
95:46:04:c1:73:d7:80:07:b3:2d:52:13:fa:04:c2:71:a1:99:
9a:67:2e:ee:a6:ff:3d:49:e5:f6:f0:ab:c1:fb:af:39:c1:8e:
e9:f2:53:a5:95:5a:07:e5:a3:35:d2:e6:22:3e:19:9c:e8:48:
d3:be:46:ad:55:51:10:e4:c0:5a:ca:e8:a1:23:b1:6a:a2:3e:
80:77:0b:ba:15:ec:7a:ef:7a:5f:98:de:2e:ea:1d:d9:82:ca:
9f:d1:09:e6:d0:f6:7a:4f:a2:4c:1a:89:c2:46:8d:36:b4:8c:
8a:ef:9d:16:94:7e:e7:ca:ee:57:d2:c9:b1:2a:7b:6b:d7:11:
e4:f0:6d:70:00:03:a1:09:75:96:2a:bb:c9:88:d4:a5:64:f3:
16:21:7e:ec:dc:9d:ab:80:22:ae:55:74:ee:9c:e2:c3:81:b1:
a4:1c:d8:b0:61:ca:8c:f7:9e:da:9e:6e:97:97:ac:c5:76:2d:
55:36:05:e1:e4:9a:4a:c6:99:75:42:ce:c2:48:cb:c3:28:52:
67:d7:3a:3c:4c:28:6d:96:14:1d:b1:3b:00:e6:8a:d4:e0:bc:
e3:a2:54:55:8b:ae:ae:fa:dd:6d:df:87:65:57:7a:c0:09:a4:
a7:72:e4:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijRkDk6ndmpYw96akji7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjUwMTAxMTU0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmJmOTg5MzY2NDA1YjZjZDI1YzFmZTBkNGEwODQxNjhkYWVlOWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dN9NWXZ11OYG1O6zg+q2NDkgdYV
N7AneNFR2hFIyLjkuy6aUm9dDyolcmuR0ziKW788gy+F9sx1jYDcyPaSkB9jJHDU
0dS0vJ7oscCZgyxLPNRg0lth2bMwZJvcKNKHBBn008W+EiV3KYM4WHGBoomUgl7h
3RbXUJY4rxWgYdI159qXin4e1cb+xI+wLT+q++ec1yWRtw/CAxp+GnfHciNgnhaQ
9yhRsjAx6aHfVRpG7maxhG9X5BQGcC1pXm7PNkC3GwDx6ugocPttnYnTRMbFJJX2
JIYQ/N7/lfn7v/O0PX4q5OjIfurqUrodnrizDX6d1Oy8H3OIgifbu03/yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNa/mJNmQFts0lwf4NSghBaNrumhMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvMXItWWsyWkFXMnpTWEJfZzFLQ0VGbzJ1NmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBZm+MA0G
CSqGSIb3DQEBCwUAA4IBAQAIVz8hekxYwnbPLgVvZVchxkeVRgTBc9eAB7MtUhP6
BMJxoZmaZy7upv89SeX28KvB+685wY7p8lOllVoH5aM10uYiPhmc6EjTvkatVVEQ
5MBayuihI7Fqoj6Adwu6Fex673pfmN4u6h3Zgsqf0Qnm0PZ6T6JMGonCRo02tIyK
750WlH7nyu5X0smxKntr1xHk8G1wAAOhCXWWKrvJiNSlZPMWIX7s3J2rgCKuVXTu
nOLDgbGkHNiwYcqM957anm6Xl6zFdi1VNgXh5JpKxpl1Qs7CSMvDKFJn1zo8TCht
lhQdsTsA5orU4LzjolRVi66u+t1t34dlV3rACaSncuTd
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:39:45 2025 by rpki-client