Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/9D_EhDVy8dbJOoSjnmpCG-EUpQw.roa
File: 9D_EhDVy8dbJOoSjnmpCG-EUpQw.roa (raw, json)
Hash identifier: AFgMjRoOL9tw3ed6NGpRVEvG+6qjycWh1mKuiPh1oTw=
Subject key identifier: F4:3F:C4:84:35:72:F1:D6:C9:3A:84:A3:9E:6A:42:1B:E1:14:A5:0C
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0193E333D1437A7D27DE70987AB3968609BE
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/9D_EhDVy8dbJOoSjnmpCG-EUpQw.roa
Signing time: Fri 20 Dec 2024 08:34:04 +0000
ROA not before: Fri 20 Dec 2024 08:34:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215703
IP address blocks: 5.180.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e3:33:d1:43:7a:7d:27:de:70:98:7a:b3:96:86:09:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Dec 20 08:34:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f43fc4843572f1d6c93a84a39e6a421be114a50c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9e:b3:55:29:b6:cf:b3:df:4b:f1:88:de:1d:
bf:01:4e:c8:62:7e:5c:26:90:12:16:65:9e:d4:82:
15:74:f8:53:ec:89:e0:a1:d0:5a:ec:e8:02:ad:ee:
07:b5:03:9e:21:63:d8:1a:99:f1:d7:e2:78:23:0f:
11:e3:21:4f:ed:89:f8:28:4f:0f:65:5a:20:47:0a:
ff:37:7c:45:ae:cf:2c:4f:21:bd:a3:ba:20:a6:92:
2c:fd:c8:be:42:01:48:40:c6:cf:d2:0a:c3:a8:38:
57:a9:69:27:35:69:85:b9:cc:69:96:2b:df:d8:5b:
fd:ae:28:92:b8:49:f8:5e:06:02:96:22:a1:0c:22:
c8:e0:ba:74:0f:4c:4a:44:d8:a4:8a:70:ac:bb:d6:
c3:8e:06:7a:a2:40:89:93:08:b6:74:dc:69:5c:5f:
66:a7:34:aa:cb:af:f4:71:c8:53:76:8b:72:47:1c:
5e:00:41:78:60:54:fa:cf:60:e2:e7:16:65:33:9a:
05:bb:20:ec:b6:3b:10:ce:01:79:cf:a3:65:81:aa:
16:19:4b:be:dc:36:4c:3d:b6:10:95:4e:ff:46:37:
3b:e9:e5:fa:c0:e1:ec:20:0f:66:95:69:0d:93:17:
6b:88:fe:37:d0:b0:b6:df:a8:a8:17:04:b8:65:37:
26:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:3F:C4:84:35:72:F1:D6:C9:3A:84:A3:9E:6A:42:1B:E1:14:A5:0C
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/9D_EhDVy8dbJOoSjnmpCG-EUpQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.82.0/24
Signature Algorithm: sha256WithRSAEncryption
81:32:79:27:cb:43:5f:6a:38:e6:15:33:7e:77:b9:0f:7f:55:
40:30:5b:f7:dc:5d:ff:3c:c4:b5:f2:65:13:71:ec:8a:4e:84:
70:2c:43:73:28:08:bf:af:9f:39:5d:fb:5c:11:01:13:a0:28:
12:0f:fa:2b:13:32:be:92:18:57:e3:77:e2:ef:ff:3d:81:d1:
6a:12:f5:ab:53:8a:3d:6f:a2:97:9f:54:9e:b9:bf:0a:55:b9:
17:68:43:59:2e:02:95:fb:3d:e8:78:00:e2:28:55:33:d0:7a:
b0:7c:42:17:9c:a0:16:5a:71:9f:46:f5:5e:f1:e4:4c:8a:ef:
e8:a2:a7:84:40:93:5a:78:29:66:d3:70:65:08:aa:a2:48:79:
eb:04:6e:93:60:89:f8:97:e0:40:90:ea:aa:d7:62:13:58:44:
ca:aa:d5:bd:c6:90:7b:34:ba:57:c4:5f:c1:00:0e:78:fe:cc:
0e:79:c0:5f:35:47:57:4c:fe:2a:12:b3:45:7a:ac:f3:97:b9:
8d:3c:39:cf:c7:57:66:90:de:97:dc:0e:c1:68:50:8a:11:bf:
be:54:fe:7d:82:81:16:82:15:33:01:c7:6e:90:1a:86:c8:58:
18:f7:91:a8:43:b7:60:1d:fc:2e:dd:80:df:03:3d:c4:bd:37:
56:df:9e:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPjM9FDen0n3nCYerOWhgm+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQxMjIwMDgzNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDNmYzQ4NDM1NzJmMWQ2YzkzYTg0YTM5ZTZhNDIxYmUxMTRhNTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo56zVSm2z7PfS/GI3h2/AU7IYn5c
JpASFmWe1IIVdPhT7IngodBa7OgCre4HtQOeIWPYGpnx1+J4Iw8R4yFP7Yn4KE8P
ZVogRwr/N3xFrs8sTyG9o7ogppIs/ci+QgFIQMbP0grDqDhXqWknNWmFucxplivf
2Fv9riiSuEn4XgYCliKhDCLI4Lp0D0xKRNikinCsu9bDjgZ6okCJkwi2dNxpXF9m
pzSqy6/0cchTdotyRxxeAEF4YFT6z2Di5xZlM5oFuyDstjsQzgF5z6NlgaoWGUu+
3DZMPbYQlU7/Rjc76eX6wOHsIA9mlWkNkxdriP430LC236ioFwS4ZTcmJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPQ/xIQ1cvHWyTqEo55qQhvhFKUMMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvOURfRWhEVnk4ZGJKT29Tam5tcENHLUVVcFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbRSMA0G
CSqGSIb3DQEBCwUAA4IBAQCBMnkny0NfajjmFTN+d7kPf1VAMFv33F3/PMS18mUT
ceyKToRwLENzKAi/r585XftcEQEToCgSD/orEzK+khhX43fi7/89gdFqEvWrU4o9
b6KXn1Seub8KVbkXaENZLgKV+z3oeADiKFUz0HqwfEIXnKAWWnGfRvVe8eRMiu/o
oqeEQJNaeClm03BlCKqiSHnrBG6TYIn4l+BAkOqq12ITWETKqtW9xpB7NLpXxF/B
AA54/swOecBfNUdXTP4qErNFeqzzl7mNPDnPx1dmkN6X3A7BaFCKEb++VP59goEW
ghUzAcdukBqGyFgY95GoQ7dgHfwu3YDfAz3EvTdW357t
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:46:23 2025 by rpki-client