Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/eA3XvUzA8rU0zk1uxW-x6eqZwV8.roa
File: eA3XvUzA8rU0zk1uxW-x6eqZwV8.roa (raw, json)
Hash identifier: XXNn6NHlNjF+Tkj5FxN4rNYejajXM81qbW7yrvpO2f4=
Subject key identifier: 78:0D:D7:BD:4C:C0:F2:B5:34:CE:4D:6E:C5:6F:B1:E9:EA:99:C1:5F
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 0194228D1715F0220DFAB3F1A9C6C3E3F96E
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/eA3XvUzA8rU0zk1uxW-x6eqZwV8.roa
Signing time: Wed 01 Jan 2025 15:47:39 +0000
ROA not before: Wed 01 Jan 2025 15:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41039
IP address blocks: 5.153.176.0/23 maxlen: 23
5.153.178.0/24 maxlen: 24
5.153.179.0/24 maxlen: 24
5.153.181.0/24 maxlen: 24
5.153.185.0/24 maxlen: 24
5.153.186.0/24 maxlen: 24
5.153.187.0/24 maxlen: 24
5.153.188.0/24 maxlen: 24
92.242.96.0/19 maxlen: 24
128.0.93.0/24 maxlen: 24
195.184.192.0/19 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Apr 2025 13:36:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:17:15:f0:22:0d:fa:b3:f1:a9:c6:c3:e3:f9:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Jan 1 15:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=780dd7bd4cc0f2b534ce4d6ec56fb1e9ea99c15f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3f:49:77:07:2d:b2:14:2c:62:ef:66:ed:65:
c2:75:4b:61:cc:dd:4d:8d:72:dc:94:2d:0a:0e:12:
16:82:20:81:d0:76:71:53:d2:18:cf:d0:99:02:02:
bb:38:70:58:80:5d:a1:44:73:ac:70:a4:5e:2b:ef:
d6:b2:c6:9f:37:f2:ba:a2:ee:a9:7c:51:21:18:be:
75:ed:68:e9:9a:9d:bf:67:3a:dc:7d:e3:7d:74:aa:
63:e4:b8:51:23:4f:98:87:87:f3:eb:24:43:5c:c7:
40:f7:52:20:35:91:f1:42:75:7f:fe:90:85:ec:c6:
53:08:ec:5a:6d:ae:76:4d:62:33:f1:f5:60:14:1e:
23:5b:96:33:62:32:00:b4:2e:9c:19:bf:f9:b3:72:
c1:f2:b1:35:7d:e2:df:36:5e:62:3d:9e:e0:17:a2:
29:52:df:16:6b:60:f3:8f:e3:9e:f8:98:c7:20:ac:
24:32:f8:79:81:e5:ed:82:c1:42:b5:47:87:6b:34:
3b:29:3e:c2:88:45:cd:af:b1:d1:23:7a:0e:ea:20:
41:23:c9:dc:c7:3e:c9:5f:34:1e:64:aa:82:7e:e0:
23:c1:ff:00:28:4f:f5:7d:d9:b3:03:63:79:13:e0:
42:bf:bd:d7:89:a7:50:15:02:b1:5f:2a:51:c4:fa:
91:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:0D:D7:BD:4C:C0:F2:B5:34:CE:4D:6E:C5:6F:B1:E9:EA:99:C1:5F
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/eA3XvUzA8rU0zk1uxW-x6eqZwV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.176.0/22
5.153.181.0/24
5.153.185.0-5.153.188.255
92.242.96.0/19
128.0.93.0/24
195.184.192.0/19
Signature Algorithm: sha256WithRSAEncryption
24:ba:88:b9:c6:c1:80:4c:39:5f:54:e4:f3:51:85:21:d6:b1:
6e:65:78:ea:70:af:5d:fd:4a:89:9e:5b:ce:aa:4b:a9:59:aa:
3d:35:0a:df:b3:8b:9f:0d:b9:4d:4d:3c:90:d3:20:31:7f:e3:
72:ab:fb:37:6e:16:e6:5c:c6:57:11:2c:b0:84:d6:e1:c2:da:
7e:c9:31:6d:f2:0b:8b:05:37:6b:ba:a2:ae:b7:a5:c0:d7:b9:
16:1e:c1:ed:dc:63:4f:0d:41:e7:fd:88:0a:7c:8a:3b:9a:4c:
9e:d6:77:ed:0e:c6:01:4d:3b:0d:5f:e9:15:bc:8f:f5:74:cc:
0a:2c:92:bf:8d:a9:eb:8a:5f:c4:7c:ef:73:f0:ff:83:f4:57:
d0:09:67:f7:ca:bc:71:ad:9e:6c:bb:28:56:74:c7:80:a5:ef:
db:75:99:44:27:2c:43:f5:47:d7:2f:4d:16:7d:e4:6c:7c:96:
ef:10:56:ad:ac:b7:88:9a:d1:77:ad:68:98:40:67:6f:2e:34:
86:80:b2:84:28:d3:ac:38:50:2d:67:e5:6d:37:ba:71:af:bb:
a0:29:63:d3:ad:c7:3a:c4:4a:b2:f7:76:67:4e:d9:d4:41:d8:
d7:9c:83:5a:6a:8d:d5:75:7f:b8:e4:a5:9f:8d:dd:c7:68:54:
96:7d:86:9a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQijRcV8CIN+rPxqcbD4/luMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjUwMTAxMTU0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODBkZDdiZDRjYzBmMmI1MzRjZTRkNmVjNTZmYjFlOWVhOTljMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyT9JdwctshQsYu9m7WXCdUthzN1N
jXLclC0KDhIWgiCB0HZxU9IYz9CZAgK7OHBYgF2hRHOscKReK+/WssafN/K6ou6p
fFEhGL517Wjpmp2/ZzrcfeN9dKpj5LhRI0+Yh4fz6yRDXMdA91IgNZHxQnV//pCF
7MZTCOxaba52TWIz8fVgFB4jW5YzYjIAtC6cGb/5s3LB8rE1feLfNl5iPZ7gF6Ip
Ut8Wa2Dzj+Oe+JjHIKwkMvh5geXtgsFCtUeHazQ7KT7CiEXNr7HRI3oO6iBBI8nc
xz7JXzQeZKqCfuAjwf8AKE/1fdmzA2N5E+BCv73XiadQFQKxXypRxPqRtQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFHgN171MwPK1NM5NbsVvsenqmcFfMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvZUEzWHZVekE4clUwemsxdXhXLXg2ZXFad1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCBZmwAwQA
BZm1MAwDBAAFmbkDBAAFmbwDBAVc8mADBACAAF0DBAXDuMAwDQYJKoZIhvcNAQEL
BQADggEBACS6iLnGwYBMOV9U5PNRhSHWsW5leOpwr139SomeW86qS6lZqj01Ct+z
i58NuU1NPJDTIDF/43Kr+zduFuZcxlcRLLCE1uHC2n7JMW3yC4sFN2u6oq63pcDX
uRYewe3cY08NQef9iAp8ijuaTJ7Wd+0OxgFNOw1f6RW8j/V0zAoskr+NqeuKX8R8
73Pw/4P0V9AJZ/fKvHGtnmy7KFZ0x4Cl79t1mUQnLEP1R9cvTRZ95Gx8lu8QVq2s
t4ia0XetaJhAZ28uNIaAsoQo06w4UC1n5W03unGvu6ApY9OtxzrESrL3dmdO2dRB
2Necg1pqjdV1f7jkpZ+N3cdoVJZ9hpo=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:45:46 2025 by rpki-client