Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2rehOClGk15GbKYB4CENy65nkTk.roa
File: 2rehOClGk15GbKYB4CENy65nkTk.roa (raw, json)
Hash identifier: QuSrmxAsWOxpJPYn1v4o3eSxSMqmtTFJBS/21WOlV3E=
Subject key identifier: DA:B7:A1:38:29:46:93:5E:46:6C:A6:01:E0:21:0D:CB:AE:67:91:39
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019425FC76E05335C85EDB6B52C5B7579E26
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2rehOClGk15GbKYB4CENy65nkTk.roa
Signing time: Thu 02 Jan 2025 07:48:10 +0000
ROA not before: Thu 02 Jan 2025 07:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.226.54.0/24 maxlen: 24
46.249.109.0/24 maxlen: 24
82.115.28.0/24 maxlen: 24
89.251.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 01:05:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:76:e0:53:35:c8:5e:db:6b:52:c5:b7:57:9e:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 07:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dab7a1382946935e466ca601e0210dcbae679139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a8:d1:a8:2e:1f:c7:5d:b6:2d:05:03:ef:c2:
2f:6a:c8:5c:4e:ab:00:ba:5e:00:ab:94:24:84:89:
19:09:8d:ee:62:f7:a0:f9:8b:63:8f:96:e8:4f:51:
5d:44:97:9a:cd:22:e2:09:0e:0a:e0:cf:e9:43:be:
53:99:a9:04:37:ad:18:23:52:ae:91:6a:cf:7b:9a:
28:1a:df:b4:3a:75:f5:ac:04:a3:c3:76:36:5e:7e:
e2:25:5d:00:bb:ec:1d:e5:60:d8:1b:38:77:55:a1:
e6:4a:f0:9e:ef:0b:1f:29:38:5b:fc:cc:94:e0:50:
d0:31:a3:a7:03:3d:c5:9e:da:dc:1c:05:64:22:4b:
56:f1:08:b9:f7:64:a6:e6:7c:e4:d0:ef:c9:1c:6e:
3d:0e:ed:e4:8e:d0:d7:d9:27:d7:57:6f:b7:c0:51:
c0:e2:cb:76:e4:e3:2f:92:bc:dc:f6:44:28:7b:d3:
fa:75:b0:9e:9f:43:24:32:ed:df:52:98:00:9b:28:
a2:24:e9:81:37:3c:5b:6d:6e:0c:fe:b0:fe:60:ff:
19:49:1e:33:30:b0:ca:10:3f:f0:8c:14:f1:14:a0:
b8:39:ff:1b:2a:7c:c0:39:6d:c1:42:ad:dd:f8:e9:
b7:3a:42:00:2f:88:e3:06:c1:69:53:a0:49:9d:ba:
30:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B7:A1:38:29:46:93:5E:46:6C:A6:01:E0:21:0D:CB:AE:67:91:39
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2rehOClGk15GbKYB4CENy65nkTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.54.0/24
46.249.109.0/24
82.115.28.0/24
89.251.10.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:0f:b3:06:3e:47:6e:4e:ff:ce:bf:13:03:5d:81:d5:cb:8c:
32:11:81:c4:bb:8e:9b:bc:11:81:52:c5:a9:03:a2:23:d3:74:
a6:09:d8:46:8d:d0:bb:f8:9f:5d:df:f6:64:ae:5d:35:2d:4d:
3c:dc:94:55:7a:13:4c:11:95:d1:8e:42:3d:ae:84:57:71:99:
db:11:2f:35:6a:e8:3b:2c:7b:04:9d:d2:59:a2:92:e1:95:29:
4b:37:aa:3f:1a:71:5f:4e:ad:56:27:bd:9b:47:4a:26:2b:90:
00:c2:fa:25:bd:f5:67:21:e0:ca:0c:03:61:53:36:b1:e0:50:
45:12:f4:b3:cd:95:a4:e4:e7:9e:fe:bd:36:14:91:3c:8f:cb:
ed:ae:29:47:9f:7c:ef:d5:c2:6a:15:99:e3:8f:82:f0:74:db:
3e:a2:8b:d6:b9:67:22:68:81:64:18:a9:dd:a8:14:7b:fd:b1:
03:89:5b:25:d0:2f:19:b8:44:7e:55:38:6e:77:c0:54:47:49:
e2:85:a8:b5:4f:1d:c0:0e:8f:3d:21:5e:4c:67:9c:25:2a:2a:
5b:62:ec:4d:22:b5:27:67:9f:e7:9c:4c:26:ee:1f:c6:dc:5a:
fc:28:69:60:d9:07:56:23:7e:d3:9c:aa:63:e4:cc:c3:17:ed:
aa:3f:45:a9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQl/HbgUzXIXttrUsW3V54mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMTAyMDc0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWI3YTEzODI5NDY5MzVlNDY2Y2E2MDFlMDIxMGRjYmFlNjc5MTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKjRqC4fx122LQUD78IvashcTqsA
ul4Aq5QkhIkZCY3uYveg+Ytjj5boT1FdRJeazSLiCQ4K4M/pQ75TmakEN60YI1Ku
kWrPe5ooGt+0OnX1rASjw3Y2Xn7iJV0Au+wd5WDYGzh3VaHmSvCe7wsfKThb/MyU
4FDQMaOnAz3FntrcHAVkIktW8Qi592Sm5nzk0O/JHG49Du3kjtDX2SfXV2+3wFHA
4st25OMvkrzc9kQoe9P6dbCen0MkMu3fUpgAmyiiJOmBNzxbbW4M/rD+YP8ZSR4z
MLDKED/wjBTxFKC4Of8bKnzAOW3BQq3d+Om3OkIAL4jjBsFpU6BJnbow1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNq3oTgpRpNeRmymAeAhDcuuZ5E5MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvMnJlaE9DbEdrMTVHYktZQjRDRU55NjVua1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABeI2AwQA
LvltAwQAUnMcAwQAWfsKMA0GCSqGSIb3DQEBCwUAA4IBAQDQD7MGPkduTv/OvxMD
XYHVy4wyEYHEu46bvBGBUsWpA6Ij03SmCdhGjdC7+J9d3/Zkrl01LU083JRVehNM
EZXRjkI9roRXcZnbES81aug7LHsEndJZopLhlSlLN6o/GnFfTq1WJ72bR0omK5AA
wvolvfVnIeDKDANhUzax4FBFEvSzzZWk5Oee/r02FJE8j8vtrilHn3zv1cJqFZnj
j4LwdNs+oovWuWciaIFkGKndqBR7/bEDiVsl0C8ZuER+VThud8BUR0nihai1Tx3A
Do89IV5MZ5wlKipbYuxNIrUnZ5/nnEwm7h/G3Fr8KGlg2QdWI37TnKpj5MzDF+2q
P0Wp
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:48:55 2025 by rpki-client