Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/C4glvAvQbRxQMmj-QKbcmFUvJlE.roa
File: C4glvAvQbRxQMmj-QKbcmFUvJlE.roa (raw, json)
Hash identifier: y5TaRT5+Q7mWr6V0myRTOGSnmFQIxM1jBaM1ayxp01I=
Subject key identifier: 0B:88:25:BC:0B:D0:6D:1C:50:32:68:FE:40:A6:DC:98:55:2F:26:51
Certificate issuer: /CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Certificate serial: 019706F787FB5054F9F81314C952921AA304
Authority key identifier: EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/C4glvAvQbRxQMmj-QKbcmFUvJlE.roa
Signing time: Sun 25 May 2025 10:22:54 +0000
ROA not before: Sun 25 May 2025 10:22:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.56.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 May 2025 18:58:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:06:f7:87:fb:50:54:f9:f8:13:14:c9:52:92:1a:a3:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Validity
Not Before: May 25 10:22:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b8825bc0bd06d1c503268fe40a6dc98552f2651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:69:28:85:44:a4:64:11:eb:5a:a6:9c:53:c5:
28:55:10:59:fd:d1:fa:d7:ab:77:40:85:f4:c8:c9:
88:56:a6:7c:a8:cd:01:14:40:59:a6:8a:88:ed:ba:
24:7c:97:5d:44:21:65:6d:79:33:cc:91:c3:b6:3d:
f4:a6:7a:c9:36:cb:a0:ff:94:bd:60:23:10:38:f1:
f4:d7:fe:3a:f6:7a:21:a3:be:62:22:07:8b:85:6e:
b9:bc:5b:b5:9b:a8:48:f1:e0:cd:4f:94:d2:d2:dc:
48:55:02:b8:de:b2:d3:12:84:fa:65:bb:bc:52:5d:
03:b1:01:cc:76:60:cc:98:1c:28:66:cc:80:57:71:
9c:ab:eb:64:4e:02:69:ab:e6:74:8e:ba:13:21:1d:
99:84:f2:72:b7:04:f2:a4:54:79:6c:23:96:74:8a:
1a:9d:f5:df:4b:c9:d1:1b:d2:de:b0:41:86:51:18:
ab:1c:49:3d:d5:da:0b:b9:1e:b1:14:9e:44:23:a2:
0b:17:ad:96:10:7b:10:56:a2:b0:9f:6a:f4:53:85:
0a:53:b9:84:5b:b9:37:87:b1:ed:62:14:c2:c7:cc:
70:2c:a5:6b:c2:3b:78:10:4e:52:69:c4:b8:18:09:
fd:03:84:12:a1:25:f4:77:31:2d:63:a3:0f:a4:44:
aa:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:88:25:BC:0B:D0:6D:1C:50:32:68:FE:40:A6:DC:98:55:2F:26:51
X509v3 Authority Key Identifier:
keyid:EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/C4glvAvQbRxQMmj-QKbcmFUvJlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.29.0/24
Signature Algorithm: sha256WithRSAEncryption
43:2d:42:01:0a:8f:8c:93:7f:02:fd:37:5e:50:75:5a:69:ca:
f5:a0:64:11:db:39:ce:47:5a:79:0c:f5:dc:56:9f:9e:88:3d:
fe:18:ca:3e:74:45:0d:97:42:1d:0e:0f:24:e2:47:d3:8e:95:
c6:70:1a:17:ed:a6:a9:47:d0:b6:91:3b:e7:5e:b8:30:45:3a:
9e:56:21:90:68:26:10:ca:f6:e1:38:5e:68:88:02:68:44:9b:
6d:d9:36:13:8d:cf:97:31:3a:27:0f:a1:a4:ab:5c:e6:dc:11:
f0:15:ea:3c:4a:69:ae:f6:2c:08:d7:36:b6:db:d6:4d:a9:14:
4d:94:6e:eb:60:14:26:bf:c0:ca:65:75:b7:f8:72:bb:76:90:
e6:ff:5d:38:fe:6c:48:82:60:0b:c3:f1:6a:00:53:35:bb:1d:
0f:db:67:b6:43:33:ff:b9:2d:c9:c0:49:3d:66:e0:04:7e:1e:
3b:61:4d:1f:37:11:0d:22:11:d6:c7:bc:21:bc:b2:12:7d:5b:
9a:39:75:4a:7e:43:16:d6:d8:3a:f3:21:0d:c8:cd:1c:fa:d1:
79:a3:0f:d4:14:8a:d2:88:f3:95:0e:f5:7a:61:bc:ba:96:fa:
91:cd:82:c9:be:35:6d:0d:a6:56:c7:35:06:8d:44:56:08:d7:
8c:d0:79:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcG94f7UFT5+BMUyVKSGqMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMzQ5YWYyYWYxMTEzNjFiMjlmY2ZlZjJlMDQzZDViZTc1
ZTNmOTgwHhcNMjUwNTI1MTAyMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjg4MjViYzBiZDA2ZDFjNTAzMjY4ZmU0MGE2ZGM5ODU1MmYyNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA92kohUSkZBHrWqacU8UoVRBZ/dH6
16t3QIX0yMmIVqZ8qM0BFEBZpoqI7bokfJddRCFlbXkzzJHDtj30pnrJNsug/5S9
YCMQOPH01/469noho75iIgeLhW65vFu1m6hI8eDNT5TS0txIVQK43rLTEoT6Zbu8
Ul0DsQHMdmDMmBwoZsyAV3Gcq+tkTgJpq+Z0jroTIR2ZhPJytwTypFR5bCOWdIoa
nfXfS8nRG9LesEGGURirHEk91doLuR6xFJ5EI6ILF62WEHsQVqKwn2r0U4UKU7mE
W7k3h7HtYhTCx8xwLKVrwjt4EE5SacS4GAn9A4QSoSX0dzEtY6MPpESqLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAuIJbwL0G0cUDJo/kCm3JhVLyZRMB8GA1UdIwQY
MBaAFOs0mvKvERNhsp/P7y4EPVvnXj+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgt
OWNkNjYyYmM4MzIwLzEvQzRnbHZBdlFiUnhRTW1qLVFLYmNtRlV2SmxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgtOWNkNjYyYmM4MzIw
LzEvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABTgdMA0G
CSqGSIb3DQEBCwUAA4IBAQBDLUIBCo+Mk38C/TdeUHVaacr1oGQR2znOR1p5DPXc
Vp+eiD3+GMo+dEUNl0IdDg8k4kfTjpXGcBoX7aapR9C2kTvnXrgwRTqeViGQaCYQ
yvbhOF5oiAJoRJtt2TYTjc+XMTonD6Gkq1zm3BHwFeo8Smmu9iwI1za229ZNqRRN
lG7rYBQmv8DKZXW3+HK7dpDm/104/mxIgmALw/FqAFM1ux0P22e2QzP/uS3JwEk9
ZuAEfh47YU0fNxENIhHWx7whvLISfVuaOXVKfkMW1tg68yENyM0c+tF5ow/UFIrS
iPOVDvV6Yby6lvqRzYLJvjVtDaZWxzUGjURWCNeM0HkY
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:20:59 2025 by rpki-client