Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Vb2PGRYk99DnAKKynNdJoOOSXHI.roa
File: Vb2PGRYk99DnAKKynNdJoOOSXHI.roa (raw, json)
Hash identifier: IQqmhXVM+Y/YXSfn0J2j7BUMFCDmC67I5MEmhaLX9a8=
Subject key identifier: 55:BD:8F:19:16:24:F7:D0:E7:00:A2:B2:9C:D7:49:A0:E3:92:5C:72
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0193F404F272B6344093D012CF83C5B9D557
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Vb2PGRYk99DnAKKynNdJoOOSXHI.roa
Signing time: Mon 23 Dec 2024 14:56:25 +0000
ROA not before: Mon 23 Dec 2024 14:56:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40065
IP address blocks: 5.253.16.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f4:04:f2:72:b6:34:40:93:d0:12:cf:83:c5:b9:d5:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Dec 23 14:56:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55bd8f191624f7d0e700a2b29cd749a0e3925c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6e:7c:b4:63:9d:ed:34:70:7e:1a:41:dd:0d:
88:8f:31:af:12:aa:34:d8:90:5c:3b:72:0d:35:17:
90:2b:ef:6f:9d:83:fc:53:d8:4a:35:05:c4:8a:67:
23:2e:12:5e:ff:17:30:34:de:5d:fc:c2:9c:31:2e:
54:8d:1f:fd:b6:f3:6c:d0:1f:f1:c6:4d:65:d0:a8:
9b:66:74:6a:73:fd:f1:da:87:1d:e8:ef:1f:67:c2:
76:f3:85:53:9f:c1:cf:6c:af:ac:c8:40:5e:04:c5:
72:00:f0:99:be:d1:27:90:9e:94:26:c2:09:f6:6b:
62:db:db:cb:86:75:05:c0:a9:9b:79:21:c5:55:a4:
7c:d6:f3:97:77:79:75:d5:b9:91:19:4b:d2:e6:5b:
b7:01:ee:3b:aa:b1:34:6a:0e:56:34:91:3e:68:6a:
17:a7:bf:38:6f:5f:db:05:9d:ec:1e:d2:77:a8:28:
cb:d4:a4:12:d9:90:09:ba:65:b4:7a:26:8c:c9:e9:
1e:42:57:dc:72:27:02:14:b2:38:98:72:20:a4:9e:
4d:55:c7:92:bf:56:17:15:f0:73:8c:8c:80:51:d5:
7f:1c:68:07:3b:90:80:4e:bb:e1:a4:fe:31:1f:45:
49:8f:ae:9a:17:a5:9f:07:ee:59:c3:b2:3a:61:aa:
63:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:BD:8F:19:16:24:F7:D0:E7:00:A2:B2:9C:D7:49:A0:E3:92:5C:72
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Vb2PGRYk99DnAKKynNdJoOOSXHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.16.0/23
Signature Algorithm: sha256WithRSAEncryption
75:bd:63:db:be:7b:32:7a:a5:82:10:53:e4:04:5a:07:2e:e6:
e8:b4:b4:65:8d:20:70:f6:59:d1:be:a0:09:73:3b:a7:af:fb:
33:68:09:25:b1:f5:13:89:43:cb:6c:37:59:f5:bc:73:8b:3b:
9f:9c:69:8a:4e:55:d4:26:bd:15:43:b4:44:c2:9f:4e:84:df:
2e:a0:52:0b:c7:2d:ea:98:21:29:32:9a:97:ac:c3:18:45:b9:
49:8f:b9:4b:ec:55:22:57:ea:d8:83:ae:e7:65:5e:ff:f0:53:
d7:11:a0:95:00:61:94:28:5b:bc:80:ba:63:dd:81:96:22:d3:
6c:31:43:e6:7a:a4:5a:76:bb:1d:a3:0c:74:39:ca:76:bf:4e:
3d:35:ea:94:d1:83:59:67:75:01:94:d1:54:c0:f4:55:da:48:
ed:32:4f:db:c2:28:59:3b:58:b0:cd:f1:14:5a:59:71:23:b4:
43:bf:ad:77:8c:7b:06:c6:34:1c:ae:c5:98:fd:1f:d1:c2:19:
5b:29:ff:b9:3a:5e:4f:4a:ca:cc:fe:04:73:e3:8e:c2:6c:7e:
a2:ff:64:5a:ff:8d:87:e5:8b:98:89:c4:01:5c:7d:75:46:d2:
03:ab:52:a2:f9:22:3a:ac:b9:e7:eb:50:a3:98:5a:13:b1:f0:
8b:de:0d:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZP0BPJytjRAk9ASz4PFudVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQxMjIzMTQ1NjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWJkOGYxOTE2MjRmN2QwZTcwMGEyYjI5Y2Q3NDlhMGUzOTI1YzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm58tGOd7TRwfhpB3Q2IjzGvEqo0
2JBcO3INNReQK+9vnYP8U9hKNQXEimcjLhJe/xcwNN5d/MKcMS5UjR/9tvNs0B/x
xk1l0KibZnRqc/3x2ocd6O8fZ8J284VTn8HPbK+syEBeBMVyAPCZvtEnkJ6UJsIJ
9mti29vLhnUFwKmbeSHFVaR81vOXd3l11bmRGUvS5lu3Ae47qrE0ag5WNJE+aGoX
p784b1/bBZ3sHtJ3qCjL1KQS2ZAJumW0eiaMyekeQlfccicCFLI4mHIgpJ5NVceS
v1YXFfBzjIyAUdV/HGgHO5CATrvhpP4xH0VJj66aF6WfB+5Zw7I6YapjgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFW9jxkWJPfQ5wCispzXSaDjklxyMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvVmIyUEdSWWs5OURuQUtLeW5OZEpvT09TWEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBf0QMA0G
CSqGSIb3DQEBCwUAA4IBAQB1vWPbvnsyeqWCEFPkBFoHLubotLRljSBw9lnRvqAJ
czunr/szaAklsfUTiUPLbDdZ9bxzizufnGmKTlXUJr0VQ7REwp9OhN8uoFILxy3q
mCEpMpqXrMMYRblJj7lL7FUiV+rYg67nZV7/8FPXEaCVAGGUKFu8gLpj3YGWItNs
MUPmeqRadrsdowx0Ocp2v049NeqU0YNZZ3UBlNFUwPRV2kjtMk/bwihZO1iwzfEU
WllxI7RDv613jHsGxjQcrsWY/R/RwhlbKf+5Ol5PSsrM/gRz447CbH6i/2Ra/42H
5YuYicQBXH11RtIDq1Ki+SI6rLnn61CjmFoTsfCL3g0N
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:08:16 2025 by rpki-client