Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/5XcYEstCIc12Pw5QngwRWSEzKZ4.roa
File: 5XcYEstCIc12Pw5QngwRWSEzKZ4.roa (raw, json)
Hash identifier: JZuUXddt+klMWpaaRBu7iFq09/Z16HnNv7UE7EPs13Q=
Subject key identifier: E5:77:18:12:CB:42:21:CD:76:3F:0E:50:9E:0C:11:59:21:33:29:9E
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 019515263E5EAB4D4EA51476346162381AEA
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/5XcYEstCIc12Pw5QngwRWSEzKZ4.roa
Signing time: Mon 17 Feb 2025 18:23:02 +0000
ROA not before: Mon 17 Feb 2025 18:23:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a0f:b4c3::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Mar 2025 09:46:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:15:26:3e:5e:ab:4d:4e:a5:14:76:34:61:62:38:1a:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Feb 17 18:23:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5771812cb4221cd763f0e509e0c11592133299e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:46:89:8b:61:90:b3:7f:ab:d9:48:8c:75:12:
46:36:97:01:2f:3b:d6:22:5e:7b:22:f2:ae:11:60:
36:ff:70:f0:3d:49:58:3b:4b:24:79:1e:de:97:07:
de:90:8f:ff:02:f8:dd:cb:4e:92:ba:8a:1b:e6:42:
2f:51:cb:fb:7c:c1:76:ed:cc:59:ba:2d:75:3c:f3:
1d:8c:e8:90:95:be:6e:75:75:48:91:2c:eb:e7:ff:
6e:e4:15:03:9c:ce:ff:a4:ca:b5:d5:a1:f3:d1:21:
dc:61:0f:5e:bd:f0:f2:3f:da:3c:09:16:ba:9c:1d:
3b:ee:98:8c:67:dc:17:4b:5e:8e:38:5c:5b:ca:9b:
91:2c:59:2c:62:d1:82:87:80:49:40:8e:34:87:05:
5d:ab:34:c3:6a:29:ff:5e:b3:04:a8:18:5c:27:ad:
fc:9d:be:63:4f:09:df:60:0a:94:d0:44:30:7a:24:
8b:9e:8b:71:69:31:46:b7:ae:43:8d:27:dd:37:95:
3b:73:44:8f:31:8c:6a:e0:42:c9:c1:b0:07:5c:49:
34:c2:f1:7c:0b:bc:ed:03:fd:55:90:65:23:25:03:
b2:86:31:e5:11:cc:da:98:5d:80:79:57:8d:9a:4c:
bc:a1:2b:28:9b:dc:29:a0:5c:23:e4:a0:26:9c:f9:
ac:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:77:18:12:CB:42:21:CD:76:3F:0E:50:9E:0C:11:59:21:33:29:9E
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/5XcYEstCIc12Pw5QngwRWSEzKZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b4c3::/32
Signature Algorithm: sha256WithRSAEncryption
30:da:c3:09:43:59:f2:39:d5:c7:ab:fd:39:7b:7a:a3:db:ff:
f0:f9:d8:a8:4e:b2:e5:9a:b4:ac:00:fa:47:71:2d:70:db:c3:
3e:c3:26:22:db:58:ed:ef:72:ec:17:9e:95:f1:51:fc:55:3f:
c4:b0:1d:6d:56:6e:17:56:8b:f3:7a:f9:15:c7:00:8d:9a:70:
9e:f8:48:a3:d9:ff:60:45:2d:dc:2e:12:63:30:2a:01:f9:54:
61:5b:07:ec:26:76:b7:2b:c5:a7:94:e3:ac:0a:3a:c9:0c:30:
7a:46:fc:bf:f7:14:d5:1c:19:71:2d:81:6b:d0:b9:3d:58:0a:
ce:cd:67:10:74:28:71:8e:3e:de:c2:3a:d7:fb:44:0f:7f:6b:
dd:98:2a:d8:0d:5c:6c:bf:1a:cf:c1:02:eb:c4:8e:36:e7:c1:
50:9e:8a:bc:97:bc:f1:f1:18:6d:29:d9:dc:b1:b9:0c:67:cc:
04:fa:bf:76:a7:76:ed:fd:bb:ab:44:1f:80:e6:88:23:e2:6f:
67:86:85:90:ed:0c:51:eb:f7:95:d8:ec:8a:63:d1:27:0b:0c:
b0:52:1d:54:d3:27:96:14:f6:f7:21:cc:c9:2a:d8:3b:5d:57:
3e:68:03:da:61:dd:39:21:de:45:fc:11:bd:b7:98:11:53:da:
74:46:df:86
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUVJj5eq01OpRR2NGFiOBrqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjUwMjE3MTgyMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTc3MTgxMmNiNDIyMWNkNzYzZjBlNTA5ZTBjMTE1OTIxMzMyOTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEaJi2GQs3+r2UiMdRJGNpcBLzvW
Il57IvKuEWA2/3DwPUlYO0skeR7elwfekI//Avjdy06Suoob5kIvUcv7fMF27cxZ
ui11PPMdjOiQlb5udXVIkSzr5/9u5BUDnM7/pMq11aHz0SHcYQ9evfDyP9o8CRa6
nB077piMZ9wXS16OOFxbypuRLFksYtGCh4BJQI40hwVdqzTDain/XrMEqBhcJ638
nb5jTwnfYAqU0EQweiSLnotxaTFGt65DjSfdN5U7c0SPMYxq4ELJwbAHXEk0wvF8
C7ztA/1VkGUjJQOyhjHlEczamF2AeVeNmky8oSsom9wpoFwj5KAmnPmsRwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOV3GBLLQiHNdj8OUJ4MEVkhMymeMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvNVhjWUVzdENJYzEyUHc1UW5nd1JXU0V6S1o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg+0wzAN
BgkqhkiG9w0BAQsFAAOCAQEAMNrDCUNZ8jnVx6v9OXt6o9v/8PnYqE6y5Zq0rAD6
R3EtcNvDPsMmIttY7e9y7BeelfFR/FU/xLAdbVZuF1aL83r5FccAjZpwnvhIo9n/
YEUt3C4SYzAqAflUYVsH7CZ2tyvFp5TjrAo6yQwwekb8v/cU1RwZcS2Ba9C5PVgK
zs1nEHQocY4+3sI61/tED39r3Zgq2A1cbL8az8EC68SONufBUJ6KvJe88fEYbSnZ
3LG5DGfMBPq/dqd27f27q0QfgOaII+JvZ4aFkO0MUev3ldjsimPRJwsMsFIdVNMn
lhT29yHMySrYO11XPmgD2mHdOSHeRfwRvbeYEVPadEbfhg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:32:21 2025 by rpki-client