Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/c59162-7bd1-4b8a-a9e3-21ff1120fb72/1/XqQz5sRVgt-R1mDDMdLho3p9CtU.roa
File: XqQz5sRVgt-R1mDDMdLho3p9CtU.roa (raw, json)
Hash identifier: fInfotx9ZGqRIkHkyre92Bdb8oMV3y8A3RTFHzeQmd0=
Subject key identifier: 5E:A4:33:E6:C4:55:82:DF:91:D6:60:C3:31:D2:E1:A3:7A:7D:0A:D5
Certificate issuer: /CN=b02f0c2a2a51275bee2493a5656ecf1b612f1226
Certificate serial: 018CC56DE6B9F4627EE2ACC39946F7EA6858
Authority key identifier: B0:2F:0C:2A:2A:51:27:5B:EE:24:93:A5:65:6E:CF:1B:61:2F:12:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sC8MKipRJ1vuJJOlZW7PG2EvEiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/c59162-7bd1-4b8a-a9e3-21ff1120fb72/1/XqQz5sRVgt-R1mDDMdLho3p9CtU.roa
Signing time: Mon 01 Jan 2024 14:29:23 +0000
ROA not before: Mon 01 Jan 2024 14:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47123
IP address blocks: 5.253.251.0/24 maxlen: 24
5.253.248.0/24 maxlen: 24
5.253.249.0/24 maxlen: 24
5.253.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e6:b9:f4:62:7e:e2:ac:c3:99:46:f7:ea:68:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b02f0c2a2a51275bee2493a5656ecf1b612f1226
Validity
Not Before: Jan 1 14:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ea433e6c45582df91d660c331d2e1a37a7d0ad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b5:86:a0:0c:50:84:c4:3b:11:c2:1d:8d:ba:
d2:36:c4:d3:6b:2b:18:a5:80:e6:bf:71:cd:94:15:
59:0e:9c:bf:64:46:b8:71:b4:18:df:10:42:84:3e:
e2:b6:4e:a5:bb:b7:13:be:e0:52:59:31:47:f9:d9:
5e:ff:ef:a5:69:b3:7f:74:4c:88:0a:c7:3b:a9:ec:
70:dd:7a:4f:de:4d:05:bf:d8:1f:bc:6d:f8:e4:78:
4f:ab:ed:28:cd:a8:eb:cb:3f:09:57:83:40:dc:2f:
4f:42:16:e9:79:5b:93:a0:b3:a4:fd:22:04:d5:15:
aa:85:d1:84:b6:4f:0a:9d:62:c5:26:40:68:c1:c5:
e8:0a:f4:99:a6:27:af:f8:55:ce:03:48:e3:3e:57:
62:6c:70:42:88:0e:cd:13:5a:40:24:24:12:27:00:
83:12:20:e4:c9:95:27:5a:ba:68:4a:43:a0:23:c9:
cc:e8:39:3c:e9:71:6a:18:28:01:30:1b:0b:83:58:
de:dd:1d:dd:87:b3:5d:46:92:6c:a7:24:a6:8f:5b:
ea:64:11:d3:b3:6f:f5:07:ee:9e:62:28:77:c3:a4:
40:ff:e8:ea:e3:be:86:34:ed:ac:75:68:c4:61:13:
36:d8:b3:10:94:04:16:e6:15:e4:34:08:55:2b:1c:
01:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A4:33:E6:C4:55:82:DF:91:D6:60:C3:31:D2:E1:A3:7A:7D:0A:D5
X509v3 Authority Key Identifier:
keyid:B0:2F:0C:2A:2A:51:27:5B:EE:24:93:A5:65:6E:CF:1B:61:2F:12:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sC8MKipRJ1vuJJOlZW7PG2EvEiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/c59162-7bd1-4b8a-a9e3-21ff1120fb72/1/XqQz5sRVgt-R1mDDMdLho3p9CtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/c59162-7bd1-4b8a-a9e3-21ff1120fb72/1/sC8MKipRJ1vuJJOlZW7PG2EvEiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.248.0/22
Signature Algorithm: sha256WithRSAEncryption
48:67:a2:0c:35:69:f8:72:ce:f3:fa:20:d1:1c:0a:8f:5a:fb:
ec:a8:d8:5a:c7:0a:75:1b:39:93:46:fc:97:97:96:d5:ab:4e:
36:a1:37:e2:28:44:57:1c:b0:5f:07:b1:ac:b7:e4:ea:0a:f4:
26:65:97:23:2f:34:d2:e1:df:af:8a:1e:e1:8a:64:a1:b6:3b:
83:4a:eb:95:d3:31:16:6d:1f:61:e2:5f:64:3a:f3:fa:92:94:
9e:6b:eb:c5:00:5d:ad:76:3f:19:02:00:88:8e:30:e4:57:98:
de:33:73:c2:de:65:12:3e:f4:9c:e7:bf:75:e5:c2:78:33:94:
c9:52:4c:a5:8f:e0:23:b2:46:93:a3:67:22:95:78:6a:ea:da:
9d:c3:15:eb:b3:01:67:73:00:e9:39:d6:8d:69:8c:e0:76:eb:
68:12:cd:dd:95:5c:c4:b6:67:75:c4:8a:62:c0:8a:56:84:f6:
90:22:97:16:f4:87:f5:31:79:45:d8:b2:a7:42:ca:5f:64:b6:
8f:fc:59:32:f9:51:10:f4:9a:6b:f7:c9:78:61:8f:39:b7:bd:
fb:d6:2d:2d:34:ca:54:74:e2:89:3d:f1:16:ad:9f:ea:41:ca:
1f:72:ea:5e:33:d3:f7:ec:f7:f2:7b:5c:e6:4f:13:9c:2b:48:
ad:65:e1:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbea59GJ+4qzDmUb36mhYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMmYwYzJhMmE1MTI3NWJlZTI0OTNhNTY1NmVjZjFiNjEy
ZjEyMjYwHhcNMjQwMTAxMTQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWE0MzNlNmM0NTU4MmRmOTFkNjYwYzMzMWQyZTFhMzdhN2QwYWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLWGoAxQhMQ7EcIdjbrSNsTTaysY
pYDmv3HNlBVZDpy/ZEa4cbQY3xBChD7itk6lu7cTvuBSWTFH+dle/++labN/dEyI
Csc7qexw3XpP3k0Fv9gfvG345HhPq+0ozajryz8JV4NA3C9PQhbpeVuToLOk/SIE
1RWqhdGEtk8KnWLFJkBowcXoCvSZpiev+FXOA0jjPldibHBCiA7NE1pAJCQSJwCD
EiDkyZUnWrpoSkOgI8nM6Dk86XFqGCgBMBsLg1je3R3dh7NdRpJspySmj1vqZBHT
s2/1B+6eYih3w6RA/+jq476GNO2sdWjEYRM22LMQlAQW5hXkNAhVKxwBRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF6kM+bEVYLfkdZgwzHS4aN6fQrVMB8GA1UdIwQY
MBaAFLAvDCoqUSdb7iSTpWVuzxthLxImMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0M4TUtpcFJKMXZ1SkpPbFpXN1BHMkV2RWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9jNTkxNjItN2JkMS00YjhhLWE5ZTMt
MjFmZjExMjBmYjcyLzEvWHFRejVzUlZndC1SMW1ERE1kTGhvM3A5Q3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9jNTkxNjItN2JkMS00YjhhLWE5ZTMtMjFmZjExMjBmYjcy
LzEvc0M4TUtpcFJKMXZ1SkpPbFpXN1BHMkV2RWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf34MA0G
CSqGSIb3DQEBCwUAA4IBAQBIZ6IMNWn4cs7z+iDRHAqPWvvsqNhaxwp1GzmTRvyX
l5bVq042oTfiKERXHLBfB7Gst+TqCvQmZZcjLzTS4d+vih7himShtjuDSuuV0zEW
bR9h4l9kOvP6kpSea+vFAF2tdj8ZAgCIjjDkV5jeM3PC3mUSPvSc57915cJ4M5TJ
Ukylj+AjskaTo2cilXhq6tqdwxXrswFncwDpOdaNaYzgdutoEs3dlVzEtmd1xIpi
wIpWhPaQIpcW9If1MXlF2LKnQspfZLaP/Fky+VEQ9Jpr98l4YY85t7371i0tNMpU
dOKJPfEWrZ/qQcofcupeM9P37Pfye1zmTxOcK0itZeH/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:55 2025 by rpki-client