Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/N5w9vOIP4bzfZdyUPxLbdJ5HnXI.roa
File: N5w9vOIP4bzfZdyUPxLbdJ5HnXI.roa (raw, json)
Hash identifier: HlY98ZE0VoZOr81JFx1pWRECsRAopKPNF1gNrR4drv8=
Subject key identifier: 37:9C:3D:BC:E2:0F:E1:BC:DF:65:DC:94:3F:12:DB:74:9E:47:9D:72
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 01933C44014DE904FE45E5863DE1D32AD72C
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/N5w9vOIP4bzfZdyUPxLbdJ5HnXI.roa
Signing time: Sun 17 Nov 2024 22:35:09 +0000
ROA not before: Sun 17 Nov 2024 22:35:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213999
IP address blocks: 5.10.208.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 21 Nov 2024 21:28:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3c:44:01:4d:e9:04:fe:45:e5:86:3d:e1:d3:2a:d7:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Nov 17 22:35:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=379c3dbce20fe1bcdf65dc943f12db749e479d72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b5:a6:b7:a6:af:1d:b2:4f:0d:29:34:d8:e8:
a2:21:ce:e5:da:8e:b5:1c:0e:db:ea:60:b9:45:19:
dc:18:4d:b2:81:70:25:bd:77:03:c7:03:ca:d6:e0:
07:fe:79:d3:b3:35:91:c2:a6:50:8f:21:33:14:f2:
40:15:b9:1e:e0:dd:2a:59:c9:9b:e5:b7:df:5a:26:
ce:bd:53:66:fe:6e:68:c9:3e:26:fb:e4:9c:a1:b2:
54:b4:f1:6d:58:69:8c:ff:8d:b5:33:7f:a1:77:fa:
8a:3c:97:38:c5:5a:44:79:02:a1:5d:bf:00:24:0b:
45:63:8b:75:c5:0b:5a:d5:2a:84:d0:96:8c:0e:29:
0e:e2:5d:00:2d:ac:e8:8d:55:17:b9:c6:b8:3a:e0:
db:5b:cf:4c:e1:60:95:29:ff:d9:16:d0:2c:bc:55:
3f:d4:19:bb:11:98:83:bf:7b:e6:44:0e:94:47:0c:
74:72:a5:c1:c2:ac:14:1d:0d:a0:c4:1c:6d:87:06:
e0:4a:3a:c0:b9:35:2b:55:f5:eb:76:e1:ef:66:75:
48:0a:fb:02:24:df:4e:eb:98:36:4c:bb:0e:95:0d:
20:02:07:dc:14:a8:4e:b3:76:3e:5f:4a:df:84:03:
07:b0:80:4b:b1:63:6f:06:dd:f3:17:87:67:16:57:
89:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:9C:3D:BC:E2:0F:E1:BC:DF:65:DC:94:3F:12:DB:74:9E:47:9D:72
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/N5w9vOIP4bzfZdyUPxLbdJ5HnXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.208.0/20
Signature Algorithm: sha256WithRSAEncryption
7a:b2:bd:c5:ee:1c:9a:e4:fe:eb:e9:ab:f2:3c:49:2d:d1:bb:
07:0e:7c:3c:f4:4d:93:6d:64:8c:df:f7:25:b7:2d:5f:b5:c0:
a4:71:99:aa:74:f8:40:b3:20:98:99:36:5d:fe:4a:d5:8f:2f:
f8:95:a8:b2:0d:2e:69:57:a3:f5:93:82:ec:e0:12:cb:44:90:
3c:ac:9e:3e:f3:16:bb:78:69:ae:1a:47:5a:a8:8e:27:d1:4d:
0c:3e:3a:83:bb:64:71:29:fc:e7:f7:17:08:47:91:a4:e2:5a:
a4:36:de:92:bf:17:c9:97:c2:c1:6e:9f:98:78:5f:5f:7e:a2:
54:da:db:0c:c0:34:f2:1f:d9:79:d7:3b:a7:d3:ca:54:2b:34:
df:07:04:e7:1c:a4:2c:e3:f4:77:c0:80:e0:7f:90:05:5a:d5:
0f:fb:ba:7a:bc:42:ee:ff:ef:f2:5b:a0:44:69:d9:52:6c:c5:
56:c2:27:97:7f:97:17:f0:a7:f1:72:56:71:8c:b8:ed:b5:b8:
18:2b:1a:f8:92:35:d0:ae:d4:21:4c:59:d8:b1:45:0e:4f:8d:
1b:38:87:ac:4d:a1:b9:b5:2b:55:3a:6b:6e:c4:10:46:ee:55:
6a:17:54:a6:44:ae:39:db:36:6b:cf:5d:6d:c3:16:70:2e:9d:
c5:70:66:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZM8RAFN6QT+ReWGPeHTKtcsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjQxMTE3MjIzNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzljM2RiY2UyMGZlMWJjZGY2NWRjOTQzZjEyZGI3NDllNDc5ZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrWmt6avHbJPDSk02OiiIc7l2o61
HA7b6mC5RRncGE2ygXAlvXcDxwPK1uAH/nnTszWRwqZQjyEzFPJAFbke4N0qWcmb
5bffWibOvVNm/m5oyT4m++ScobJUtPFtWGmM/421M3+hd/qKPJc4xVpEeQKhXb8A
JAtFY4t1xQta1SqE0JaMDikO4l0ALazojVUXuca4OuDbW89M4WCVKf/ZFtAsvFU/
1Bm7EZiDv3vmRA6URwx0cqXBwqwUHQ2gxBxthwbgSjrAuTUrVfXrduHvZnVICvsC
JN9O65g2TLsOlQ0gAgfcFKhOs3Y+X0rfhAMHsIBLsWNvBt3zF4dnFleJywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDecPbziD+G832XclD8S23SeR51yMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvTjV3OXZPSVA0YnpmWmR5VVB4TGJkSjVIblhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEBQrQMA0G
CSqGSIb3DQEBCwUAA4IBAQB6sr3F7hya5P7r6avyPEkt0bsHDnw89E2TbWSM3/cl
ty1ftcCkcZmqdPhAsyCYmTZd/krVjy/4laiyDS5pV6P1k4Ls4BLLRJA8rJ4+8xa7
eGmuGkdaqI4n0U0MPjqDu2RxKfzn9xcIR5Gk4lqkNt6SvxfJl8LBbp+YeF9ffqJU
2tsMwDTyH9l51zun08pUKzTfBwTnHKQs4/R3wIDgf5AFWtUP+7p6vELu/+/yW6BE
adlSbMVWwieXf5cX8KfxclZxjLjttbgYKxr4kjXQrtQhTFnYsUUOT40bOIesTaG5
tStVOmtuxBBG7lVqF1SmRK452zZrz11twxZwLp3FcGal
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:40:20 2025 by rpki-client