Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/AmXOX1jx4bz9R5TKvxQi4dWS15k.roa
File: AmXOX1jx4bz9R5TKvxQi4dWS15k.roa (raw, json)
Hash identifier: ehKxlEuzywlfiEorpNst4qiCX570vM58xxnIqxTp3/Y=
Subject key identifier: 02:65:CE:5F:58:F1:E1:BC:FD:47:94:CA:BF:14:22:E1:D5:92:D7:99
Certificate issuer: /CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Certificate serial: 0195C49193AA104346560BC9990EAB5ECD99
Authority key identifier: EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/AmXOX1jx4bz9R5TKvxQi4dWS15k.roa
Signing time: Sun 23 Mar 2025 19:53:49 +0000
ROA not before: Sun 23 Mar 2025 19:53:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 5.56.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 14:09:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c4:91:93:aa:10:43:46:56:0b:c9:99:0e:ab:5e:cd:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Validity
Not Before: Mar 23 19:53:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0265ce5f58f1e1bcfd4794cabf1422e1d592d799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f2:4d:b4:51:b9:e2:8c:cf:c5:7f:1a:e9:cf:
8b:5b:7c:6d:a8:b2:c4:54:87:bc:e3:02:b8:ab:36:
31:c8:f7:a4:ba:53:34:39:a4:5d:8b:4d:12:47:ba:
46:0f:be:56:5e:8d:49:9a:08:78:01:10:b9:08:dd:
7a:17:c6:3a:f9:c9:ff:09:5a:ff:c3:39:81:aa:b5:
2a:9c:57:b7:16:e8:23:9f:d9:3f:47:71:8b:0b:64:
59:9a:41:17:ec:45:ba:c7:58:29:fa:ed:6a:05:08:
bc:40:b2:36:b3:96:a5:47:2b:0b:bc:64:84:bf:74:
47:73:0f:e6:d5:78:40:db:6c:a0:b4:5a:ff:57:95:
ff:0d:e4:5d:59:fb:89:78:e7:46:82:60:34:78:44:
21:d9:80:57:7a:36:3a:1c:d4:fc:01:24:5a:dd:da:
38:7d:cf:a7:ad:c6:c9:18:be:b9:84:19:bb:1a:39:
9e:80:d3:ac:a8:c9:86:7f:e3:0e:96:f7:52:61:c5:
24:e0:eb:88:0a:d1:3b:8c:d2:a5:0c:b1:9e:23:93:
ce:c8:45:15:af:53:0e:a1:37:47:f4:22:7c:9b:f6:
27:4c:2b:4d:d2:3b:ae:27:5c:33:d5:76:fa:7e:1f:
3d:96:47:a3:82:b2:dd:a8:1e:7e:78:6b:16:52:b7:
6e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:65:CE:5F:58:F1:E1:BC:FD:47:94:CA:BF:14:22:E1:D5:92:D7:99
X509v3 Authority Key Identifier:
keyid:EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/AmXOX1jx4bz9R5TKvxQi4dWS15k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.28.0/24
Signature Algorithm: sha256WithRSAEncryption
24:ac:aa:15:3d:2e:d7:23:e2:32:7f:22:7e:1d:2d:48:34:37:
d3:3f:c7:52:07:75:3e:87:91:45:0d:69:70:46:ea:50:9c:16:
26:8d:6b:56:ab:61:7b:8a:f8:c2:5d:c4:73:d2:5a:95:cb:61:
08:c5:0b:17:fe:61:3f:71:85:26:e3:f5:89:b3:54:f4:0e:21:
0c:dd:ed:30:ff:86:9a:45:81:22:f0:b2:41:93:3e:cc:52:04:
0b:6b:11:57:f5:8a:c8:37:8b:33:56:b1:28:a4:ac:be:d9:dc:
05:7b:34:e9:58:fd:0c:48:f6:04:27:57:f0:bb:4c:82:7d:8a:
39:03:01:d6:42:6c:3c:7e:41:82:47:7c:16:ae:b6:42:41:44:
ac:ff:14:b8:35:29:ce:0c:4f:19:c6:fa:a0:77:b1:e9:33:5e:
88:42:75:56:d7:80:99:77:ca:fd:35:66:b8:f1:4e:41:a6:07:
d3:62:7f:90:e2:14:c7:87:ff:9d:4c:65:3f:7b:3b:30:0a:ec:
4c:0a:34:7f:bd:c9:8f:3b:93:23:8a:22:82:8c:9b:12:dd:f5:
30:2e:7b:d6:ad:35:1f:b3:53:bb:50:05:65:64:94:84:a3:9a:
8c:ab:4d:98:2d:f4:6e:5a:1e:24:d6:99:97:b0:5c:bf:88:7f:
9b:b1:c1:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXEkZOqEENGVgvJmQ6rXs2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMzQ5YWYyYWYxMTEzNjFiMjlmY2ZlZjJlMDQzZDViZTc1
ZTNmOTgwHhcNMjUwMzIzMTk1MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjY1Y2U1ZjU4ZjFlMWJjZmQ0Nzk0Y2FiZjE0MjJlMWQ1OTJkNzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PJNtFG54ozPxX8a6c+LW3xtqLLE
VIe84wK4qzYxyPekulM0OaRdi00SR7pGD75WXo1Jmgh4ARC5CN16F8Y6+cn/CVr/
wzmBqrUqnFe3Fugjn9k/R3GLC2RZmkEX7EW6x1gp+u1qBQi8QLI2s5alRysLvGSE
v3RHcw/m1XhA22ygtFr/V5X/DeRdWfuJeOdGgmA0eEQh2YBXejY6HNT8ASRa3do4
fc+nrcbJGL65hBm7GjmegNOsqMmGf+MOlvdSYcUk4OuICtE7jNKlDLGeI5POyEUV
r1MOoTdH9CJ8m/YnTCtN0juuJ1wz1Xb6fh89lkejgrLdqB5+eGsWUrduGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAJlzl9Y8eG8/UeUyr8UIuHVkteZMB8GA1UdIwQY
MBaAFOs0mvKvERNhsp/P7y4EPVvnXj+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgt
OWNkNjYyYmM4MzIwLzEvQW1YT1gxang0Yno5UjVUS3Z4UWk0ZFdTMTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgtOWNkNjYyYmM4MzIw
LzEvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABTgcMA0G
CSqGSIb3DQEBCwUAA4IBAQAkrKoVPS7XI+IyfyJ+HS1INDfTP8dSB3U+h5FFDWlw
RupQnBYmjWtWq2F7ivjCXcRz0lqVy2EIxQsX/mE/cYUm4/WJs1T0DiEM3e0w/4aa
RYEi8LJBkz7MUgQLaxFX9YrIN4szVrEopKy+2dwFezTpWP0MSPYEJ1fwu0yCfYo5
AwHWQmw8fkGCR3wWrrZCQUSs/xS4NSnODE8Zxvqgd7HpM16IQnVW14CZd8r9NWa4
8U5BpgfTYn+Q4hTHh/+dTGU/ezswCuxMCjR/vcmPO5MjiiKCjJsS3fUwLnvWrTUf
s1O7UAVlZJSEo5qMq02YLfRuWh4k1pmXsFy/iH+bscEd
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:29:46 2025 by rpki-client