Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X7BFbXXg3_hjeeOjGZ-6CYO67Ps.roa
File: X7BFbXXg3_hjeeOjGZ-6CYO67Ps.roa (raw, json)
Hash identifier: q1qHJeHaCECAKeNoTPaP0n5CnzG3I/ARPeBlDYevAoE=
Subject key identifier: 5F:B0:45:6D:75:E0:DF:F8:63:79:E3:A3:19:9F:BA:09:83:BA:EC:FB
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 0193FD4811EA8C2AB5B3A031EE47C6BAEEC5
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X7BFbXXg3_hjeeOjGZ-6CYO67Ps.roa
Signing time: Wed 25 Dec 2024 10:06:18 +0000
ROA not before: Wed 25 Dec 2024 10:06:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215272
IP address blocks: 5.44.44.0/24 maxlen: 24
45.129.186.0/24 maxlen: 24
185.244.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fd:48:11:ea:8c:2a:b5:b3:a0:31:ee:47:c6:ba:ee:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Dec 25 10:06:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fb0456d75e0dff86379e3a3199fba0983baecfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:4b:71:9e:06:64:24:cc:91:51:a7:a6:cd:6d:
f8:e5:91:b7:5f:70:63:46:87:43:4e:03:3e:2b:8f:
1b:0b:0b:22:1b:78:da:4f:d8:0b:25:18:5a:40:27:
54:56:5e:38:44:08:df:f9:f6:d8:41:49:76:99:45:
5e:97:73:d6:38:db:07:1f:d2:76:c4:f6:56:51:a5:
bf:fb:04:04:93:5b:25:0c:27:49:e5:68:3d:06:6c:
95:95:23:b5:b5:f6:a2:e3:d3:7e:15:96:44:e4:d0:
b9:6e:ef:d3:db:7c:ac:36:86:dc:d0:8e:af:fe:65:
ce:59:51:2a:83:b8:6a:a5:86:43:f5:25:61:9c:e7:
5f:a0:49:0c:c3:e0:e9:16:5e:76:88:81:8b:67:0f:
7e:80:cd:dc:34:b1:50:8a:30:ef:9d:86:82:48:2d:
1a:33:f5:d7:89:fe:4b:af:c0:a3:cd:a1:a3:3d:17:
78:e6:c1:01:8c:f6:49:a1:ea:fd:95:c8:9e:f1:3e:
28:11:6a:6b:95:bb:2d:25:1d:8b:9a:93:46:d0:04:
99:ca:14:51:44:63:89:7c:09:e1:db:5b:62:6b:af:
16:b2:e7:71:e4:9b:db:bc:f1:33:e7:d4:66:3b:19:
be:bb:bf:7b:05:41:76:ff:19:c7:6c:1e:2b:a7:34:
7c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:B0:45:6D:75:E0:DF:F8:63:79:E3:A3:19:9F:BA:09:83:BA:EC:FB
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X7BFbXXg3_hjeeOjGZ-6CYO67Ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.44.0/24
45.129.186.0/24
185.244.50.0/24
Signature Algorithm: sha256WithRSAEncryption
78:28:eb:43:c8:ee:35:c6:12:5e:ac:1d:e9:a3:b0:da:5c:2e:
1d:9c:0d:fe:5b:2b:c5:99:27:04:a1:3c:44:54:69:32:86:ab:
e7:78:04:88:2c:d8:a9:84:2a:28:4d:6d:a0:86:8b:9c:ff:74:
21:e7:44:e4:f3:5b:2a:b2:47:99:e4:52:c4:15:c5:7b:52:cc:
ae:b9:f8:67:51:cd:a1:7b:60:d0:f9:25:ca:e3:63:6b:ec:1a:
f8:41:45:c1:f9:e2:32:f7:c4:eb:58:4f:fe:4b:14:74:68:a2:
96:65:7d:92:b2:a1:d6:8d:d7:37:9b:13:36:c3:28:ac:2c:d5:
f6:ba:cb:e8:6e:d0:a9:bd:8b:ac:dc:77:29:8d:5b:25:73:f0:
fb:e6:a9:37:be:b5:a0:93:83:bb:51:ba:9b:a0:e1:1c:0b:4a:
ee:cd:88:e2:1e:02:10:e9:63:97:2f:5d:ac:b8:e1:e0:31:70:
5d:e0:5e:45:b2:b3:87:0b:b5:e1:8f:ca:ec:43:98:5e:4b:fa:
9c:0c:82:2e:60:01:dc:94:ed:e4:82:90:d1:90:6d:31:3c:35:
e4:02:37:1f:43:a9:41:e0:bc:dc:41:30:28:f1:d6:30:a5:90:
a0:c4:28:f2:a9:0f:29:38:8e:32:13:0a:49:c0:1f:a5:6d:c1:
3d:05:dd:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZP9SBHqjCq1s6Ax7kfGuu7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjQxMjI1MTAwNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmIwNDU2ZDc1ZTBkZmY4NjM3OWUzYTMxOTlmYmEwOTgzYmFlY2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7UtxngZkJMyRUaemzW345ZG3X3Bj
RodDTgM+K48bCwsiG3jaT9gLJRhaQCdUVl44RAjf+fbYQUl2mUVel3PWONsHH9J2
xPZWUaW/+wQEk1slDCdJ5Wg9BmyVlSO1tfai49N+FZZE5NC5bu/T23ysNobc0I6v
/mXOWVEqg7hqpYZD9SVhnOdfoEkMw+DpFl52iIGLZw9+gM3cNLFQijDvnYaCSC0a
M/XXif5Lr8CjzaGjPRd45sEBjPZJoer9lcie8T4oEWprlbstJR2LmpNG0ASZyhRR
RGOJfAnh21tia68Wsudx5JvbvPEz59RmOxm+u797BUF2/xnHbB4rpzR8bwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF+wRW114N/4Y3njoxmfugmDuuz7MB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvWDdCRmJYWGczX2hqZWVPakdaLTZDWU82N1BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABSwsAwQA
LYG6AwQAufQyMA0GCSqGSIb3DQEBCwUAA4IBAQB4KOtDyO41xhJerB3po7DaXC4d
nA3+WyvFmScEoTxEVGkyhqvneASILNiphCooTW2ghouc/3Qh50Tk81sqskeZ5FLE
FcV7UsyuufhnUc2he2DQ+SXK42Nr7Br4QUXB+eIy98TrWE/+SxR0aKKWZX2SsqHW
jdc3mxM2wyisLNX2usvobtCpvYus3HcpjVslc/D75qk3vrWgk4O7UbqboOEcC0ru
zYjiHgIQ6WOXL12suOHgMXBd4F5FsrOHC7Xhj8rsQ5heS/qcDIIuYAHclO3kgpDR
kG0xPDXkAjcfQ6lB4LzcQTAo8dYwpZCgxCjyqQ8pOI4yEwpJwB+lbcE9Bd1P
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:51:19 2025 by rpki-client