Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/4Me7TRr9qSaKn0KEnXeR7Y99jp8.roa
File: 4Me7TRr9qSaKn0KEnXeR7Y99jp8.roa (raw, json)
Hash identifier: Pl0nM7bvihz37ilMs1tb8qu2gkAJPiNixtefnUvuOw8=
Subject key identifier: E0:C7:BB:4D:1A:FD:A9:26:8A:9F:42:84:9D:77:91:ED:8F:7D:8E:9F
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0193DB042CD62A2B482E4E85E5F1E5E889A6
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/4Me7TRr9qSaKn0KEnXeR7Y99jp8.roa
Signing time: Wed 18 Dec 2024 18:25:04 +0000
ROA not before: Wed 18 Dec 2024 18:25:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.180.33.0/24 maxlen: 24
5.180.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Dec 2024 08:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:db:04:2c:d6:2a:2b:48:2e:4e:85:e5:f1:e5:e8:89:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Dec 18 18:25:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0c7bb4d1afda9268a9f42849d7791ed8f7d8e9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:82:71:2f:62:fc:8d:61:59:44:79:43:22:48:
0f:a7:4b:ba:4a:c6:11:fc:7b:5f:82:89:d4:53:22:
3a:66:50:35:32:6c:e6:55:de:b4:68:f1:3d:3b:7f:
81:86:ab:a3:b8:8b:89:33:35:ce:30:40:12:eb:36:
08:d8:6b:38:aa:86:f3:53:78:c4:b4:26:d1:c7:22:
c2:8a:6b:d1:44:05:e6:a0:19:c7:17:34:bc:fd:14:
09:72:75:2c:4b:f4:a9:6d:53:f4:45:7c:c4:42:58:
1d:42:d7:b3:18:88:e4:07:05:25:53:ea:d3:c7:11:
ba:1e:b9:71:79:79:f5:ca:37:2f:4d:7f:0e:39:60:
6a:b8:75:8e:37:53:ae:0d:30:21:0c:42:a0:e7:64:
0c:93:c9:12:3d:3b:c2:f3:7c:28:21:b5:10:f7:66:
88:c9:52:17:00:2e:c8:3a:74:8a:88:19:2a:4a:ad:
c7:8d:26:d9:01:d9:f6:36:9b:9f:2c:10:18:2b:66:
bb:c4:09:34:9b:21:fa:33:8d:6b:bc:2d:70:dc:38:
c3:ac:78:55:2c:12:0e:08:36:99:f6:cc:82:19:6c:
72:9d:bd:d6:4d:5b:44:7b:14:15:4f:b2:4b:7d:72:
47:69:a5:17:80:d0:07:e9:f3:15:77:f9:9c:7b:2c:
cd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C7:BB:4D:1A:FD:A9:26:8A:9F:42:84:9D:77:91:ED:8F:7D:8E:9F
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/4Me7TRr9qSaKn0KEnXeR7Y99jp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.33.0/24
5.180.82.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:05:f7:d2:a8:b5:d1:d4:81:cb:54:26:45:ae:3d:38:da:e1:
13:76:d5:70:01:2b:13:d3:ea:4a:ea:94:4c:3a:5a:fd:ca:f9:
cc:86:2f:c1:6a:ab:ba:bc:dc:b9:50:0a:d5:de:d5:b6:6c:40:
48:ff:c6:47:af:49:1d:25:17:52:d7:6e:c6:d1:76:62:9c:6f:
90:87:b5:b0:99:6d:2b:4d:28:69:cd:b0:1b:d3:0f:9d:5b:a9:
25:ca:00:c6:7a:12:d7:5d:30:11:27:ae:39:5d:29:c4:6d:02:
ec:c5:90:c1:8a:ca:16:e1:fc:b5:1c:83:5d:aa:dd:cf:4d:e1:
3d:00:80:b3:ed:e9:4b:39:84:62:80:b4:3b:31:5b:5f:af:52:
d8:4f:3d:f7:34:f8:e6:4e:fa:d9:16:3e:d6:4a:9b:32:ec:56:
58:50:c0:e0:3b:11:ee:50:b2:b5:42:19:4f:90:6f:ac:d3:13:
4e:d7:e1:3e:ec:93:47:b1:a4:04:19:e3:b7:d2:b8:41:7f:c8:
e0:bc:d9:cc:28:a1:d8:03:9b:fc:22:cc:9a:d4:a1:a5:04:3a:
d2:66:e4:2d:70:3f:8b:e7:92:8a:b3:d5:14:2a:d9:2f:c4:2c:
83:4b:b1:4c:20:e1:3e:d8:e1:b9:dd:5f:bc:63:1f:00:17:58:
6d:87:14:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPbBCzWKitILk6F5fHl6ImmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQxMjE4MTgyNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGM3YmI0ZDFhZmRhOTI2OGE5ZjQyODQ5ZDc3OTFlZDhmN2Q4ZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYJxL2L8jWFZRHlDIkgPp0u6SsYR
/HtfgonUUyI6ZlA1MmzmVd60aPE9O3+BhqujuIuJMzXOMEAS6zYI2Gs4qobzU3jE
tCbRxyLCimvRRAXmoBnHFzS8/RQJcnUsS/SpbVP0RXzEQlgdQtezGIjkBwUlU+rT
xxG6HrlxeXn1yjcvTX8OOWBquHWON1OuDTAhDEKg52QMk8kSPTvC83woIbUQ92aI
yVIXAC7IOnSKiBkqSq3HjSbZAdn2NpufLBAYK2a7xAk0myH6M41rvC1w3DjDrHhV
LBIOCDaZ9syCGWxynb3WTVtEexQVT7JLfXJHaaUXgNAH6fMVd/mceyzNaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFODHu00a/akmip9ChJ13ke2PfY6fMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvNE1lN1RScjlxU2FLbjBLRW5YZVI3WTk5anA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbQhAwQA
BbRSMA0GCSqGSIb3DQEBCwUAA4IBAQBLBffSqLXR1IHLVCZFrj042uETdtVwASsT
0+pK6pRMOlr9yvnMhi/Baqu6vNy5UArV3tW2bEBI/8ZHr0kdJRdS127G0XZinG+Q
h7WwmW0rTShpzbAb0w+dW6klygDGehLXXTARJ645XSnEbQLsxZDBisoW4fy1HINd
qt3PTeE9AICz7elLOYRigLQ7MVtfr1LYTz33NPjmTvrZFj7WSpsy7FZYUMDgOxHu
ULK1QhlPkG+s0xNO1+E+7JNHsaQEGeO30rhBf8jgvNnMKKHYA5v8Isya1KGlBDrS
ZuQtcD+L55KKs9UUKtkvxCyDS7FMIOE+2OG53V+8Yx8AF1hthxQt
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:32:40 2025 by rpki-client