Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/0G7F5D8Ah5Gsi2modeC6X38s5x8.roa
File: 0G7F5D8Ah5Gsi2modeC6X38s5x8.roa (raw, json)
Hash identifier: KEm6JJ1Gw8+KSL5xoGGE2Jl97YK10LBUs6PveEU4i9c=
Subject key identifier: D0:6E:C5:E4:3F:00:87:91:AC:8B:69:A8:75:E0:BA:5F:7F:2C:E7:1F
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 0194126D96276677FDBF8B4729DC1AFF00EB
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/0G7F5D8Ah5Gsi2modeC6X38s5x8.roa
Signing time: Sun 29 Dec 2024 12:39:19 +0000
ROA not before: Sun 29 Dec 2024 12:39:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60811
IP address blocks: 5.160.192.0/24 maxlen: 24
5.160.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:12:6d:96:27:66:77:fd:bf:8b:47:29:dc:1a:ff:00:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Dec 29 12:39:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d06ec5e43f008791ac8b69a875e0ba5f7f2ce71f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:de:2b:f0:60:e8:a3:e4:c2:f1:a9:d0:1c:77:
9d:3c:09:7d:3d:ea:73:39:2d:85:0e:56:57:f3:9b:
ed:3f:35:39:8a:be:2f:bf:46:2a:d2:c3:4e:47:44:
47:11:d2:60:fd:83:01:a6:74:42:82:2d:e0:ad:d5:
ab:ca:c6:94:85:11:7f:b6:fa:25:91:1b:ee:d5:f5:
ef:d5:9a:ca:4c:a6:cf:a8:02:22:24:a0:be:ca:1f:
f9:ca:1b:7b:29:d2:f4:de:29:44:50:26:86:fa:7a:
2c:b6:a6:94:03:5e:ac:cd:8d:7a:11:f1:d5:ff:73:
31:07:ff:6e:2a:e0:3a:52:01:cc:4e:b0:1b:73:af:
ea:ed:a6:9d:36:02:f3:3c:c7:5d:4f:46:f7:91:79:
1a:5c:f1:d0:75:57:62:e6:85:13:3a:fd:ba:27:8e:
1a:37:4d:5e:3a:9f:62:87:ec:93:11:ab:04:4b:21:
2e:20:cc:b7:d7:db:2e:76:9d:a1:dd:67:72:62:d4:
dd:af:22:0d:a1:90:b2:e1:5f:4d:75:e6:e3:e5:e9:
f3:93:07:69:7e:8a:05:75:b4:49:6a:64:91:f8:fb:
f7:0a:77:03:46:24:37:07:8a:5e:8e:7d:82:21:52:
da:12:e3:85:e3:74:e9:75:8b:da:9b:51:a3:d1:a4:
ce:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:6E:C5:E4:3F:00:87:91:AC:8B:69:A8:75:E0:BA:5F:7F:2C:E7:1F
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/0G7F5D8Ah5Gsi2modeC6X38s5x8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.192.0/23
Signature Algorithm: sha256WithRSAEncryption
35:2f:ef:71:03:58:99:00:76:f5:b5:6f:f8:64:8d:5b:3b:7a:
7d:7f:e6:27:13:81:88:84:61:21:56:a1:d7:fd:64:39:dd:45:
b4:ac:86:d5:55:96:cd:61:d5:f6:95:cf:bc:05:be:ef:d3:0d:
11:c3:1a:36:45:b4:6d:e2:36:05:89:88:99:98:63:3b:c7:33:
75:9e:22:b1:43:c6:4d:3e:ba:5e:fb:59:a9:e7:ae:0e:49:7e:
c1:a1:4b:98:af:42:e5:b6:68:18:cc:2b:fc:36:ac:fe:00:96:
7e:e5:cf:8f:5e:8c:a8:24:86:2b:f8:02:12:e8:3d:13:6e:ff:
11:32:6c:94:0d:40:b3:f2:67:b5:4c:54:ba:cd:8b:58:08:72:
a6:b4:38:b1:3e:6b:c2:6e:d6:83:c8:1a:3f:af:a7:f5:ce:8c:
1f:a6:3f:bd:d1:e5:b1:28:29:27:15:22:30:75:e8:4c:d9:e9:
f6:6e:73:20:38:58:24:49:18:90:dd:29:92:ea:66:3f:99:87:
19:4f:b5:06:7a:06:0a:f8:e9:f9:5d:55:43:d9:40:3e:69:bd:
34:6c:99:2d:e1:c9:0b:c9:39:52:c3:86:b2:47:92:3b:53:1a:
cc:61:5f:5f:4c:65:55:18:d1:7f:f5:c5:e1:d0:9c:81:7b:0e:
14:18:0d:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQSbZYnZnf9v4tHKdwa/wDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjQxMjI5MTIzOTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDZlYzVlNDNmMDA4NzkxYWM4YjY5YTg3NWUwYmE1ZjdmMmNlNzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN4r8GDoo+TC8anQHHedPAl9Pepz
OS2FDlZX85vtPzU5ir4vv0Yq0sNOR0RHEdJg/YMBpnRCgi3grdWrysaUhRF/tvol
kRvu1fXv1ZrKTKbPqAIiJKC+yh/5yht7KdL03ilEUCaG+nostqaUA16szY16EfHV
/3MxB/9uKuA6UgHMTrAbc6/q7aadNgLzPMddT0b3kXkaXPHQdVdi5oUTOv26J44a
N01eOp9ih+yTEasESyEuIMy319sudp2h3WdyYtTdryINoZCy4V9Ndebj5enzkwdp
fooFdbRJamSR+Pv3CncDRiQ3B4pejn2CIVLaEuOF43TpdYvam1Gj0aTOaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNBuxeQ/AIeRrItpqHXgul9/LOcfMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvMEc3RjVEOEFoNUdzaTJtb2RlQzZYMzhzNXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBaDAMA0G
CSqGSIb3DQEBCwUAA4IBAQA1L+9xA1iZAHb1tW/4ZI1bO3p9f+YnE4GIhGEhVqHX
/WQ53UW0rIbVVZbNYdX2lc+8Bb7v0w0Rwxo2RbRt4jYFiYiZmGM7xzN1niKxQ8ZN
Prpe+1mp564OSX7BoUuYr0LltmgYzCv8Nqz+AJZ+5c+PXoyoJIYr+AIS6D0Tbv8R
MmyUDUCz8me1TFS6zYtYCHKmtDixPmvCbtaDyBo/r6f1zowfpj+90eWxKCknFSIw
dehM2en2bnMgOFgkSRiQ3SmS6mY/mYcZT7UGegYK+On5XVVD2UA+ab00bJkt4ckL
yTlSw4ayR5I7UxrMYV9fTGVVGNF/9cXh0JyBew4UGA3X
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:30:55 2025 by rpki-client