Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/r7tQ7t-KYHdsm1G2juriWQ9PZwg.roa
File: r7tQ7t-KYHdsm1G2juriWQ9PZwg.roa (raw, json)
Hash identifier: RpZv58wCjIdzDHJagsDbfrA7wJuk6EFtsTqJJxRzUkQ=
Subject key identifier: AF:BB:50:EE:DF:8A:60:77:6C:9B:51:B6:8E:EA:E2:59:0F:4F:67:08
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 018F346E0548D19ED4D1CF0840B26A101F4D
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/r7tQ7t-KYHdsm1G2juriWQ9PZwg.roa
Signing time: Wed 01 May 2024 13:52:56 +0000
ROA not before: Wed 01 May 2024 13:52:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 5.253.63.0/24 maxlen: 24
79.133.180.0/24 maxlen: 24
185.244.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 13:32:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:34:6e:05:48:d1:9e:d4:d1:cf:08:40:b2:6a:10:1f:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: May 1 13:52:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afbb50eedf8a60776c9b51b68eeae2590f4f6708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:df:96:29:8e:14:90:1d:41:f5:f6:92:33:5f:
77:fa:0a:d8:fa:5c:be:b6:87:cb:df:1e:ec:2e:50:
e2:d8:8f:fe:99:6f:0e:d9:1e:ef:1b:06:3c:c2:f4:
99:79:15:26:9f:35:99:d6:18:71:6d:0f:38:09:03:
67:b9:84:34:cf:2a:0d:17:e5:99:3c:e6:9e:94:21:
8b:38:06:43:89:19:85:e0:d4:e9:34:d0:bd:d1:12:
9b:06:4b:dc:5b:94:cf:37:31:20:3f:97:8a:c7:37:
8d:1c:47:6e:fb:12:2d:33:2b:00:06:0e:4d:b3:6f:
79:20:ea:f1:6a:8c:8e:84:f1:7b:34:d3:8b:16:5d:
ac:81:4e:ef:e5:ed:90:33:03:cb:bc:c9:f8:98:b2:
a8:71:14:2c:73:2b:3f:3a:1e:85:43:51:1f:3d:ba:
30:be:bc:31:f8:55:41:33:37:e3:be:f0:49:8b:24:
19:36:08:f6:29:ca:2a:39:95:60:0e:db:f3:b2:ee:
8f:91:42:4a:b9:93:9c:34:97:60:b9:12:5d:ec:31:
95:41:22:df:53:d2:2c:9d:9a:ff:5e:3f:45:d6:d3:
ad:b9:1b:78:ba:ae:ea:11:d1:da:cd:94:60:c6:a5:
88:3a:20:a6:74:91:49:f6:b4:53:f8:94:57:13:80:
ce:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:BB:50:EE:DF:8A:60:77:6C:9B:51:B6:8E:EA:E2:59:0F:4F:67:08
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/r7tQ7t-KYHdsm1G2juriWQ9PZwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.63.0/24
79.133.180.0/24
185.244.48.0/24
Signature Algorithm: sha256WithRSAEncryption
16:18:dc:d9:0b:57:aa:77:6b:d1:bb:d6:c4:38:d3:b7:d7:18:
d3:a2:4d:d6:0b:fc:45:39:20:76:20:cf:2d:d8:22:c6:e9:40:
7e:84:38:ba:4f:62:75:4c:0e:d3:fe:94:f4:3d:8f:9a:4c:bc:
91:0f:d6:60:ca:19:41:16:cb:a1:17:ef:ad:33:7a:0b:b4:de:
fd:81:23:ae:4a:21:81:78:31:9b:52:a1:cc:25:e8:8e:32:61:
03:bd:f2:d0:f5:3f:fd:05:db:48:29:25:55:23:7e:c8:63:51:
90:02:5b:1d:31:22:ba:0c:fc:ec:86:30:f0:6c:f1:2c:90:48:
63:84:8e:98:c8:a3:1c:b4:37:ed:e1:55:30:2a:3d:b8:56:0e:
c7:f1:9a:91:f5:be:09:e9:99:b3:6a:85:db:e4:44:5f:6d:da:
0d:a9:8b:c0:b2:4a:a8:33:3b:a6:b3:0b:e4:bd:5b:87:03:77:
61:76:5e:bb:66:25:4e:84:d9:a8:f7:d3:dc:98:ff:77:29:5f:
fc:19:73:02:7c:31:17:78:64:1e:b7:da:c6:d6:d0:22:fe:d0:
70:16:2c:06:81:1b:f0:78:23:4c:06:dd:ee:c9:bb:3c:15:a7:
cd:ff:00:2e:1f:30:24:80:c2:7d:e8:fa:95:4f:14:17:f4:2a:
b6:ce:ed:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY80bgVI0Z7U0c8IQLJqEB9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjQwNTAxMTM1MjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmJiNTBlZWRmOGE2MDc3NmM5YjUxYjY4ZWVhZTI1OTBmNGY2NzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArt+WKY4UkB1B9faSM193+grY+ly+
tofL3x7sLlDi2I/+mW8O2R7vGwY8wvSZeRUmnzWZ1hhxbQ84CQNnuYQ0zyoNF+WZ
POaelCGLOAZDiRmF4NTpNNC90RKbBkvcW5TPNzEgP5eKxzeNHEdu+xItMysABg5N
s295IOrxaoyOhPF7NNOLFl2sgU7v5e2QMwPLvMn4mLKocRQscys/Oh6FQ1EfPbow
vrwx+FVBMzfjvvBJiyQZNgj2KcoqOZVgDtvzsu6PkUJKuZOcNJdguRJd7DGVQSLf
U9IsnZr/Xj9F1tOtuRt4uq7qEdHazZRgxqWIOiCmdJFJ9rRT+JRXE4DOPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK+7UO7fimB3bJtRto7q4lkPT2cIMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvcjd0UTd0LUtZSGRzbTFHMmp1cmlXUTlQWndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABf0/AwQA
T4W0AwQAufQwMA0GCSqGSIb3DQEBCwUAA4IBAQAWGNzZC1eqd2vRu9bEONO31xjT
ok3WC/xFOSB2IM8t2CLG6UB+hDi6T2J1TA7T/pT0PY+aTLyRD9ZgyhlBFsuhF++t
M3oLtN79gSOuSiGBeDGbUqHMJeiOMmEDvfLQ9T/9BdtIKSVVI37IY1GQAlsdMSK6
DPzshjDwbPEskEhjhI6YyKMctDft4VUwKj24Vg7H8ZqR9b4J6ZmzaoXb5ERfbdoN
qYvAskqoMzumswvkvVuHA3dhdl67ZiVOhNmo99PcmP93KV/8GXMCfDEXeGQet9rG
1tAi/tBwFiwGgRvweCNMBt3uybs8FafN/wAuHzAkgMJ96PqVTxQX9Cq2zu1G
-----END CERTIFICATE-----
Generated at Thu May 2 16:58:45 2024 by rpki-client on console-fra.rpki-client.org