Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/SI-gFPBtUvcBDOIunp88ZVxp-H0.roa
File: SI-gFPBtUvcBDOIunp88ZVxp-H0.roa (raw, json)
Hash identifier: 9ipsbtOuCe6ErPFAx2kEOEjnniObxj2BQCQhGGpu4bE=
Subject key identifier: 48:8F:A0:14:F0:6D:52:F7:01:0C:E2:2E:9E:9F:3C:65:5C:69:F8:7D
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 0192B513590E70BF7626F5DE7D7B559B5C50
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/SI-gFPBtUvcBDOIunp88ZVxp-H0.roa
Signing time: Tue 22 Oct 2024 16:33:16 +0000
ROA not before: Tue 22 Oct 2024 16:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 5.181.200.0/24 maxlen: 24
45.158.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b5:13:59:0e:70:bf:76:26:f5:de:7d:7b:55:9b:5c:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Oct 22 16:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=488fa014f06d52f7010ce22e9e9f3c655c69f87d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b4:f7:79:9e:1f:20:7a:e2:c4:d5:4e:f2:91:
89:a9:f3:04:6f:9f:f2:6f:63:ba:9c:66:98:15:0d:
e7:ea:52:57:6b:be:d3:e1:69:67:f6:cd:37:a2:77:
bf:c4:5e:e2:86:72:f3:32:7d:5b:b0:6b:95:c3:c9:
89:cd:d6:57:05:ba:8d:64:46:06:cc:3b:6b:4c:47:
57:56:f8:29:4d:20:8a:b9:99:f2:99:fe:3f:4d:1a:
52:38:28:29:f0:e6:3a:0e:1f:64:d3:8b:1f:77:45:
a0:85:cb:b5:f0:a9:f8:13:81:63:b6:00:03:50:7c:
38:5d:84:e4:1f:66:26:7f:d4:90:ed:2e:ba:e3:27:
3f:ed:fe:81:47:c3:a3:33:e4:57:a5:02:1f:96:27:
09:75:32:03:b7:60:ac:7a:e7:a3:c9:66:f1:41:25:
31:16:fa:f0:28:a2:68:c7:8d:08:76:1e:2a:fc:03:
09:9a:71:5a:59:0b:ee:e1:6a:9a:55:19:0f:67:61:
0a:25:df:5d:b1:bc:13:41:4b:30:9b:8a:2b:af:86:
3a:4b:5d:ec:77:1a:ba:07:b9:86:d6:4c:02:9c:9d:
5d:4d:fc:37:d5:a9:51:c5:22:82:1a:40:7b:d4:0a:
87:1f:a4:e4:5b:ab:1a:07:c3:fc:25:d9:65:fd:f7:
ba:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:8F:A0:14:F0:6D:52:F7:01:0C:E2:2E:9E:9F:3C:65:5C:69:F8:7D
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/SI-gFPBtUvcBDOIunp88ZVxp-H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.200.0/24
45.158.83.0/24
Signature Algorithm: sha256WithRSAEncryption
34:5f:19:d6:2f:41:08:d8:ab:14:e8:65:45:54:e7:cb:a7:32:
67:eb:99:a9:08:3e:7d:aa:b7:41:78:58:e4:5a:4b:a1:e8:de:
74:c5:07:23:07:7e:65:4e:8e:6f:76:34:a7:5d:53:6a:ac:ec:
a9:d7:70:4a:04:06:66:d6:78:d1:23:42:66:d4:dc:82:aa:7b:
4c:5b:7c:da:8f:82:be:68:ce:f6:d5:20:5d:cc:fc:e9:70:55:
83:d5:5f:44:ee:cf:ee:02:aa:dd:d4:8e:29:e1:c3:67:af:ef:
56:79:c9:bd:cc:53:30:17:70:79:3c:ea:0c:73:73:e8:d0:c3:
16:26:c6:fa:69:4d:e5:da:b9:ed:a7:07:3a:11:32:9a:55:df:
d6:ec:3e:0e:21:ef:97:36:e3:7d:54:33:bd:4a:00:e6:42:32:
f0:32:78:78:b4:e7:bc:32:57:fc:39:a9:06:74:f6:b4:1c:8e:
9c:f1:0a:54:e9:a6:82:40:56:06:d7:8c:65:4c:b5:63:3c:25:
f1:22:f6:60:f1:f5:00:9c:d4:db:0f:ea:b0:15:4b:36:b0:0a:
35:97:9a:19:79:ba:54:eb:65:37:ae:1e:a7:b7:6b:2b:ba:35:
70:94:b5:47:75:b8:ba:74:d4:e2:c8:af:10:ab:14:b5:f4:06:
c6:2c:08:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZK1E1kOcL92JvXefXtVm1xQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjQxMDIyMTYzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODhmYTAxNGYwNmQ1MmY3MDEwY2UyMmU5ZTlmM2M2NTVjNjlmODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLT3eZ4fIHrixNVO8pGJqfMEb5/y
b2O6nGaYFQ3n6lJXa77T4Wln9s03one/xF7ihnLzMn1bsGuVw8mJzdZXBbqNZEYG
zDtrTEdXVvgpTSCKuZnymf4/TRpSOCgp8OY6Dh9k04sfd0Wghcu18Kn4E4FjtgAD
UHw4XYTkH2Ymf9SQ7S664yc/7f6BR8OjM+RXpQIflicJdTIDt2CseuejyWbxQSUx
FvrwKKJox40Idh4q/AMJmnFaWQvu4WqaVRkPZ2EKJd9dsbwTQUswm4orr4Y6S13s
dxq6B7mG1kwCnJ1dTfw31alRxSKCGkB71AqHH6TkW6saB8P8Jdll/fe6OwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEiPoBTwbVL3AQziLp6fPGVcafh9MB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvU0ktZ0ZQQnRVdmNCRE9JdW5wODhaVnhwLUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbXIAwQA
LZ5TMA0GCSqGSIb3DQEBCwUAA4IBAQA0XxnWL0EI2KsU6GVFVOfLpzJn65mpCD59
qrdBeFjkWkuh6N50xQcjB35lTo5vdjSnXVNqrOyp13BKBAZm1njRI0Jm1NyCqntM
W3zaj4K+aM721SBdzPzpcFWD1V9E7s/uAqrd1I4p4cNnr+9Wecm9zFMwF3B5POoM
c3Po0MMWJsb6aU3l2rntpwc6ETKaVd/W7D4OIe+XNuN9VDO9SgDmQjLwMnh4tOe8
Mlf8OakGdPa0HI6c8QpU6aaCQFYG14xlTLVjPCXxIvZg8fUAnNTbD+qwFUs2sAo1
l5oZebpU62U3rh6nt2srujVwlLVHdbi6dNTiyK8QqxS19AbGLAhJ
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:41 2025 by rpki-client