Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/ND_C0UgpJcB3naqhBzNDTtELbnc.roa
File: ND_C0UgpJcB3naqhBzNDTtELbnc.roa (raw, json)
Hash identifier: N7S1gnf/CF41X9y9Nf4wIDmT2DEt/bnENA3A9Bj5fEk=
Subject key identifier: 34:3F:C2:D1:48:29:25:C0:77:9D:AA:A1:07:33:43:4E:D1:0B:6E:77
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 019423D74B751DE0B51F2BDB228CF80E4610
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/ND_C0UgpJcB3naqhBzNDTtELbnc.roa
Signing time: Wed 01 Jan 2025 21:48:19 +0000
ROA not before: Wed 01 Jan 2025 21:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201678
IP address blocks: 5.195.16.0/22 maxlen: 22
5.195.16.0/24 maxlen: 24
5.195.17.0/24 maxlen: 24
5.195.18.0/24 maxlen: 24
5.195.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Feb 2025 04:42:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:4b:75:1d:e0:b5:1f:2b:db:22:8c:f8:0e:46:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Jan 1 21:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=343fc2d1482925c0779daaa10733434ed10b6e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:01:62:79:79:b5:4c:db:7b:a5:fb:c9:b4:df:
a7:bc:36:94:13:df:4c:07:d3:80:aa:f1:de:dd:9d:
22:d6:7c:ea:cc:6a:fd:36:ba:7b:ca:b0:dc:8d:06:
b4:6e:32:03:a7:c3:f7:87:37:b8:e7:8f:78:b2:70:
74:89:12:d2:6a:d4:37:23:f2:59:84:f8:61:e8:70:
f2:45:3f:00:61:14:43:91:a1:2d:9c:91:01:a6:67:
5d:bf:cd:db:d6:9b:4b:e4:74:5d:b5:cb:64:fc:35:
70:0f:d8:6b:7b:75:73:9c:3b:ae:4f:26:86:5f:d0:
51:d0:cc:ca:5f:56:f9:d6:41:4d:47:b8:7e:c3:e3:
45:a6:c4:a5:92:58:f1:1e:71:c7:25:21:7f:bb:6d:
f3:9d:df:4d:9d:c6:a7:af:4e:8d:58:06:ec:4f:17:
7c:8b:71:3c:20:28:3b:a4:e2:69:c8:d1:fb:d9:57:
81:ee:e6:7d:69:e0:fe:d3:b0:de:97:1f:5e:94:3f:
9a:51:7e:06:da:fd:5d:22:58:e0:74:5a:8b:5c:99:
e7:e4:75:dd:f0:00:5b:6c:69:b0:e1:37:88:b8:89:
34:18:20:ab:cf:0d:37:19:51:2f:4e:61:be:ea:96:
7d:9f:f2:81:c0:56:5f:8f:ad:08:f2:6c:3f:51:5d:
0f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:3F:C2:D1:48:29:25:C0:77:9D:AA:A1:07:33:43:4E:D1:0B:6E:77
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/ND_C0UgpJcB3naqhBzNDTtELbnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.195.16.0/22
Signature Algorithm: sha256WithRSAEncryption
50:f0:8f:84:e3:8f:72:9a:9b:61:01:ec:da:4f:ea:44:97:79:
66:33:95:18:fd:21:b6:c0:fb:c7:31:90:cf:89:b0:cd:bf:c7:
3e:23:e0:08:b7:fe:d7:a3:f2:dd:ad:f6:c4:61:2b:c5:16:02:
b0:52:44:e3:12:28:54:1c:96:f6:f2:06:98:7e:d0:06:9f:27:
ab:3d:ee:28:e9:9e:e3:e5:5f:fd:1c:bb:e9:c0:75:5c:ee:c3:
ab:9c:79:8f:fe:e3:f9:41:96:6b:20:c6:94:18:9d:59:8e:73:
40:72:12:9d:3e:34:86:3b:f2:64:4b:40:f5:80:c1:0c:0c:6c:
28:b4:0c:5c:f6:35:99:e1:60:12:54:4e:b8:cf:82:71:39:e7:
1f:00:90:10:d5:83:55:25:44:cd:61:b5:c7:29:42:39:c2:d6:
76:5a:81:7c:2e:44:9a:21:76:36:96:82:30:00:9b:35:33:df:
5a:b0:4a:9c:f2:af:c1:45:8f:3f:b4:6a:c3:ea:de:ae:01:71:
9b:28:f5:2a:cf:8b:14:be:db:af:56:83:d3:60:a9:04:d8:14:
7e:e6:c9:6d:fa:ce:9e:f6:13:f7:57:80:35:ec:56:44:29:e6:
a3:01:e8:f2:87:b8:48:09:72:57:79:bb:a9:20:31:f4:bf:18:
2a:75:d0:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj10t1HeC1HyvbIoz4DkYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjUwMTAxMjE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDNmYzJkMTQ4MjkyNWMwNzc5ZGFhYTEwNzMzNDM0ZWQxMGI2ZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwFieXm1TNt7pfvJtN+nvDaUE99M
B9OAqvHe3Z0i1nzqzGr9Nrp7yrDcjQa0bjIDp8P3hze45494snB0iRLSatQ3I/JZ
hPhh6HDyRT8AYRRDkaEtnJEBpmddv83b1ptL5HRdtctk/DVwD9hre3VznDuuTyaG
X9BR0MzKX1b51kFNR7h+w+NFpsSlkljxHnHHJSF/u23znd9Nncanr06NWAbsTxd8
i3E8ICg7pOJpyNH72VeB7uZ9aeD+07Delx9elD+aUX4G2v1dIljgdFqLXJnn5HXd
8ABbbGmw4TeIuIk0GCCrzw03GVEvTmG+6pZ9n/KBwFZfj60I8mw/UV0PSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQ/wtFIKSXAd52qoQczQ07RC253MB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvTkRfQzBVZ3BKY0IzbmFxaEJ6TkRUdEVMYm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBcMQMA0G
CSqGSIb3DQEBCwUAA4IBAQBQ8I+E449ympthAezaT+pEl3lmM5UY/SG2wPvHMZDP
ibDNv8c+I+AIt/7Xo/LdrfbEYSvFFgKwUkTjEihUHJb28gaYftAGnyerPe4o6Z7j
5V/9HLvpwHVc7sOrnHmP/uP5QZZrIMaUGJ1ZjnNAchKdPjSGO/JkS0D1gMEMDGwo
tAxc9jWZ4WASVE64z4JxOecfAJAQ1YNVJUTNYbXHKUI5wtZ2WoF8LkSaIXY2loIw
AJs1M99asEqc8q/BRY8/tGrD6t6uAXGbKPUqz4sUvtuvVoPTYKkE2BR+5slt+s6e
9hP3V4A17FZEKeajAejyh7hICXJXebupIDH0vxgqddAt
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:43:44 2025 by rpki-client