Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/5xgNikA3gHIsU0DTRhBt_3dTUlw.roa
File: 5xgNikA3gHIsU0DTRhBt_3dTUlw.roa (raw, json)
Hash identifier: 31g09cTJxOPylRCbeY6z+3/+0bfyHInxfQpUOFbMF9c=
Subject key identifier: E7:18:0D:8A:40:37:80:72:2C:53:40:D3:46:10:6D:FF:77:53:52:5C
Certificate issuer: /CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Certificate serial: 0195781D616AAD1003B113EFD63BAF6F6249
Authority key identifier: CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/5xgNikA3gHIsU0DTRhBt_3dTUlw.roa
Signing time: Sat 08 Mar 2025 23:35:46 +0000
ROA not before: Sat 08 Mar 2025 23:35:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210924
IP address blocks: 185.210.157.0/24 maxlen: 24
2a14:c100::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 06 Apr 2025 10:49:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:78:1d:61:6a:ad:10:03:b1:13:ef:d6:3b:af:6f:62:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Validity
Not Before: Mar 8 23:35:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7180d8a403780722c5340d346106dff7753525c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5b:85:39:fa:8c:95:17:e7:af:6e:31:47:f9:
c0:70:a6:9b:8a:ed:6e:02:5c:07:f4:c7:99:7c:9c:
c8:cc:57:9f:d3:d7:d5:75:c5:69:79:ed:09:24:80:
d8:c3:45:06:ec:3b:7e:8a:59:f5:f3:d3:55:98:6b:
17:3b:e1:9c:81:38:4c:91:16:b6:a8:84:e4:af:22:
32:a2:99:d0:48:28:bf:da:b2:9b:92:14:ce:01:6f:
38:30:71:bd:65:60:d2:a9:d7:a6:03:8e:b0:66:c1:
df:8c:bc:19:69:95:94:e9:13:84:c7:d6:ee:77:27:
87:e8:12:75:3e:a0:83:6b:7b:e0:4b:87:86:5f:16:
ca:f5:3f:65:3b:f1:06:de:48:ae:a0:be:1a:b9:b5:
b0:bd:38:f6:c5:6f:9f:b3:f5:28:0c:f5:f9:dc:73:
06:a4:c0:7f:60:ff:58:2d:f4:2d:94:37:e5:b3:ba:
d5:6c:56:ad:ff:1e:bc:75:a5:e4:0a:f4:eb:82:87:
11:92:c7:5c:0a:59:04:b6:1e:7b:e2:51:b5:02:1c:
8b:fe:45:6d:7f:72:88:05:20:d7:3f:c2:bc:55:6a:
c1:72:cf:75:c1:52:a8:56:fb:63:b5:6c:7c:40:5f:
eb:fb:0b:3c:71:4e:3f:38:0b:3a:9d:e3:0a:d0:73:
8b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:18:0D:8A:40:37:80:72:2C:53:40:D3:46:10:6D:FF:77:53:52:5C
X509v3 Authority Key Identifier:
keyid:CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/5xgNikA3gHIsU0DTRhBt_3dTUlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.157.0/24
IPv6:
2a14:c100::/29
Signature Algorithm: sha256WithRSAEncryption
3e:9d:d9:1b:9f:52:a9:c1:c1:17:b7:68:8c:41:90:4d:c6:0c:
b5:c2:51:0a:11:ab:87:f8:a0:62:0e:0c:f9:98:5d:ee:02:ac:
f3:55:55:df:0d:d4:09:bd:f1:51:6b:7f:4f:95:a3:41:49:d3:
f6:40:85:ae:9b:c2:9c:2a:32:69:7a:97:d8:46:41:bb:f7:f0:
23:ce:b0:b2:a4:d6:ae:53:52:27:3c:b5:ad:4c:d6:65:ec:6f:
4b:32:59:63:ad:2b:62:e0:73:3b:f7:68:16:89:77:2d:41:60:
ff:16:6c:99:d0:3c:3d:93:be:24:4c:4d:6a:88:0c:25:cf:2d:
9d:88:77:c4:60:83:a2:42:6e:d1:24:23:91:a6:b3:b6:ed:d2:
b4:84:fc:5e:6d:f7:16:5d:e2:09:08:85:2c:1e:90:0d:77:59:
ca:c4:aa:e5:fa:79:01:9d:f2:bb:cf:3a:d3:15:b0:b6:49:9b:
83:c9:a2:f4:26:d9:85:94:6f:4e:b4:eb:e1:a7:44:d5:1e:ac:
93:7d:29:de:0e:37:07:e1:81:aa:f1:8d:7b:a1:da:56:ae:f0:
83:e9:d3:43:51:82:ac:a9:b8:97:60:2e:fe:15:c4:4e:74:a3:
80:d4:04:dd:55:6e:c6:0f:e1:7b:66:51:6c:49:62:a4:36:6f:
3d:0f:26:52
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZV4HWFqrRADsRPv1juvb2JJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNjQ1YmMwZmRiODYyNmJjZTJjMDQyNWM0MDg3YjU0ZTE1
MGQzODYwHhcNMjUwMzA4MjMzNTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzE4MGQ4YTQwMzc4MDcyMmM1MzQwZDM0NjEwNmRmZjc3NTM1MjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VuFOfqMlRfnr24xR/nAcKabiu1u
AlwH9MeZfJzIzFef09fVdcVpee0JJIDYw0UG7Dt+iln189NVmGsXO+GcgThMkRa2
qITkryIyopnQSCi/2rKbkhTOAW84MHG9ZWDSqdemA46wZsHfjLwZaZWU6ROEx9bu
dyeH6BJ1PqCDa3vgS4eGXxbK9T9lO/EG3kiuoL4aubWwvTj2xW+fs/UoDPX53HMG
pMB/YP9YLfQtlDfls7rVbFat/x68daXkCvTrgocRksdcClkEth574lG1AhyL/kVt
f3KIBSDXP8K8VWrBcs91wVKoVvtjtWx8QF/r+ws8cU4/OAs6neMK0HOLRQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOcYDYpAN4ByLFNA00YQbf93U1JcMB8GA1UdIwQY
MBaAFMtkW8D9uGJrziwEJcQIe1ThUNOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmIt
ZTg3NTRkMDA1ZWJlLzEvNXhnTmlrQTNnSElzVTBEVFJoQnRfM2RUVWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmItZTg3NTRkMDA1ZWJl
LzEveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudKdMA0E
AgACMAcDBQMqFMEAMA0GCSqGSIb3DQEBCwUAA4IBAQA+ndkbn1KpwcEXt2iMQZBN
xgy1wlEKEauH+KBiDgz5mF3uAqzzVVXfDdQJvfFRa39PlaNBSdP2QIWum8KcKjJp
epfYRkG79/AjzrCypNauU1InPLWtTNZl7G9LMlljrSti4HM792gWiXctQWD/FmyZ
0Dw9k74kTE1qiAwlzy2diHfEYIOiQm7RJCORprO27dK0hPxebfcWXeIJCIUsHpAN
d1nKxKrl+nkBnfK7zzrTFbC2SZuDyaL0JtmFlG9OtOvhp0TVHqyTfSneDjcH4YGq
8Y17odpWrvCD6dNDUYKsqbiXYC7+FcROdKOA1ATdVW7GD+F7ZlFsSWKkNm89DyZS
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:53:10 2025 by rpki-client