Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/I1jNB7kCLZySyO_WE1OaFPL7U6s.roa
File: I1jNB7kCLZySyO_WE1OaFPL7U6s.roa (raw, json)
Hash identifier: XU6w4XlaesswW63uBj4WXK4u+ovc0HiGeDyXrs/+HAk=
Subject key identifier: 23:58:CD:07:B9:02:2D:9C:92:C8:EF:D6:13:53:9A:14:F2:FB:53:AB
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 0194126D9D3D48FD9BACD074B5516C28AB8E
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/I1jNB7kCLZySyO_WE1OaFPL7U6s.roa
Signing time: Sun 29 Dec 2024 12:39:20 +0000
ROA not before: Sun 29 Dec 2024 12:39:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214184
IP address blocks: 5.160.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:12:6d:9d:3d:48:fd:9b:ac:d0:74:b5:51:6c:28:ab:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Dec 29 12:39:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2358cd07b9022d9c92c8efd613539a14f2fb53ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:aa:b6:6e:e1:dd:b6:73:7b:63:2a:eb:f7:e4:
13:42:d9:87:6d:31:1f:7b:ab:f8:74:cc:16:fb:e6:
63:32:cd:db:3e:73:6b:cc:e6:3e:68:21:a1:12:09:
c3:e5:24:c6:00:ad:59:c1:09:e3:f1:74:12:e6:27:
23:6e:b5:d5:bd:fd:06:f8:61:64:f0:e6:86:fe:a0:
eb:e5:2e:9b:9c:2d:7b:9e:48:cc:60:fc:8e:80:c8:
19:fe:88:bc:05:01:66:dd:6f:93:f0:d1:0a:7a:ec:
39:af:c3:a8:9e:34:71:3a:5b:bb:81:03:40:c2:df:
97:47:b7:ef:cc:f4:b1:2d:02:af:b1:60:8a:27:e0:
0d:40:13:7b:8c:e6:ed:20:ea:8a:42:da:21:a3:ed:
ae:d3:5b:6a:a5:01:22:c1:80:0f:de:eb:89:dc:d2:
94:7e:62:48:48:af:65:65:85:a0:5c:57:4d:e4:01:
2c:96:6a:24:5d:f6:3d:e0:b3:27:b1:8f:12:21:2f:
a4:be:3e:02:6b:7e:0a:78:d6:a7:6c:fd:4e:98:84:
f0:9e:97:fd:16:a0:47:d1:f9:3b:7f:65:83:a2:08:
88:1a:e9:6e:45:38:37:f1:78:09:4d:e1:fa:72:50:
95:ed:91:80:1c:bf:54:e0:b9:7b:55:8d:97:ec:9f:
ef:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:58:CD:07:B9:02:2D:9C:92:C8:EF:D6:13:53:9A:14:F2:FB:53:AB
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/I1jNB7kCLZySyO_WE1OaFPL7U6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.145.0/24
Signature Algorithm: sha256WithRSAEncryption
66:95:ac:8a:5f:1a:0c:b1:62:3a:5d:7b:59:87:56:cf:c1:0f:
52:1b:5d:9b:71:e9:62:f6:01:07:b4:06:be:8a:c5:f7:77:02:
a1:c0:a8:fe:0f:a8:64:8d:11:55:7c:5a:b0:a7:a4:63:93:64:
04:23:d7:d3:8d:ba:db:06:94:ce:19:e4:88:12:42:05:76:d1:
88:33:4f:26:b1:12:e6:fb:0e:13:00:b7:83:50:75:98:ae:50:
ca:59:b8:8c:12:46:d6:c9:7e:e3:ba:ca:34:c5:ba:81:d4:7d:
44:48:92:89:65:81:cf:93:d7:ae:95:b4:0d:21:e7:bb:bb:5f:
48:6d:19:66:80:d2:5d:e5:52:e7:9f:1f:6c:49:01:3a:bd:93:
c4:8e:59:6e:86:32:9c:71:95:18:16:25:84:93:74:c6:54:06:
e3:49:2d:ff:b9:10:62:fa:f2:84:61:e5:84:cd:07:64:7d:e5:
b5:7c:e9:72:a7:69:2c:d8:c1:25:c8:d1:64:82:de:59:fe:7f:
b7:78:af:cc:4d:7c:ce:85:70:f4:68:8d:ac:7c:d0:2d:87:cf:
20:04:a0:d4:6e:dc:67:1a:6b:7b:9c:fa:00:f2:f5:d6:91:e7:
1c:2f:98:e8:ec:14:c3:a9:10:2b:8b:5e:b7:f0:84:38:c4:74:
83:f6:8a:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQSbZ09SP2brNB0tVFsKKuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjQxMjI5MTIzOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzU4Y2QwN2I5MDIyZDljOTJjOGVmZDYxMzUzOWExNGYyZmI1M2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaq2buHdtnN7Yyrr9+QTQtmHbTEf
e6v4dMwW++ZjMs3bPnNrzOY+aCGhEgnD5STGAK1ZwQnj8XQS5icjbrXVvf0G+GFk
8OaG/qDr5S6bnC17nkjMYPyOgMgZ/oi8BQFm3W+T8NEKeuw5r8OonjRxOlu7gQNA
wt+XR7fvzPSxLQKvsWCKJ+ANQBN7jObtIOqKQtoho+2u01tqpQEiwYAP3uuJ3NKU
fmJISK9lZYWgXFdN5AEslmokXfY94LMnsY8SIS+kvj4Ca34KeNanbP1OmITwnpf9
FqBH0fk7f2WDogiIGuluRTg38XgJTeH6clCV7ZGAHL9U4Ll7VY2X7J/vzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCNYzQe5Ai2cksjv1hNTmhTy+1OrMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvSTFqTkI3a0NMWnlTeU9fV0UxT2FGUEw3VTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaCRMA0G
CSqGSIb3DQEBCwUAA4IBAQBmlayKXxoMsWI6XXtZh1bPwQ9SG12bceli9gEHtAa+
isX3dwKhwKj+D6hkjRFVfFqwp6Rjk2QEI9fTjbrbBpTOGeSIEkIFdtGIM08msRLm
+w4TALeDUHWYrlDKWbiMEkbWyX7juso0xbqB1H1ESJKJZYHPk9eulbQNIee7u19I
bRlmgNJd5VLnnx9sSQE6vZPEjlluhjKccZUYFiWEk3TGVAbjSS3/uRBi+vKEYeWE
zQdkfeW1fOlyp2ks2MElyNFkgt5Z/n+3eK/MTXzOhXD0aI2sfNAth88gBKDUbtxn
Gmt7nPoA8vXWkeccL5jo7BTDqRAri1638IQ4xHSD9orB
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:13:02 2025 by rpki-client