Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/bK0NZ5JcFHgpJD_vfvpBLH8xGiA.roa
File: bK0NZ5JcFHgpJD_vfvpBLH8xGiA.roa (raw, json)
Hash identifier: mbLK0sqMi5ac2knOqrsKRzi62mcVmbx1adYh9jZByjA=
Subject key identifier: 6C:AD:0D:67:92:5C:14:78:29:24:3F:EF:7E:FA:41:2C:7F:31:1A:20
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 0194120AB4B271C34ADC8A7CCD3A7803FAD6
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/bK0NZ5JcFHgpJD_vfvpBLH8xGiA.roa
Signing time: Sun 29 Dec 2024 10:51:18 +0000
ROA not before: Sun 29 Dec 2024 10:51:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29577
IP address blocks: 5.160.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:12:0a:b4:b2:71:c3:4a:dc:8a:7c:cd:3a:78:03:fa:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Dec 29 10:51:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cad0d67925c147829243fef7efa412c7f311a20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6c:7a:32:12:a9:08:a7:14:4d:8c:27:04:34:
9e:b9:2f:98:8c:9f:aa:99:5e:00:9a:1a:c2:c0:92:
e5:46:9d:c6:c6:a7:90:94:bd:e8:8d:58:97:80:0e:
c0:ad:41:4f:10:82:b5:99:b1:ed:15:65:7a:63:66:
de:bc:aa:90:bd:64:d6:12:25:da:26:91:d4:55:df:
67:9c:a9:04:f6:31:41:1f:9d:44:ea:d5:de:36:3f:
7c:f7:c4:c5:f6:38:42:73:f1:22:95:97:93:00:cb:
12:aa:15:83:1b:90:91:ea:3c:a9:c4:72:9c:c8:a7:
d0:ec:49:5e:e6:a3:10:f5:55:33:c5:5d:f8:dd:f5:
a2:cc:48:ca:ac:7b:2a:01:c4:7f:11:33:1b:bc:02:
49:b9:b3:4b:15:4f:4c:fb:3d:1c:6e:a8:20:9a:0d:
e6:33:2f:46:05:2c:b3:e5:38:85:9d:4c:7f:5e:a0:
3e:58:2a:a5:f6:4c:fa:12:4c:f2:a0:f4:5f:d0:96:
1c:5b:8f:10:f7:8d:82:a0:46:af:21:45:95:11:15:
cc:23:d7:e8:16:9c:8e:8f:cd:1a:11:24:2b:8a:8b:
9f:76:bf:87:9a:ca:50:4f:bf:e0:9f:aa:01:94:a3:
6c:60:7e:bc:8e:e3:fa:fd:98:d8:b2:19:ae:f8:a3:
88:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:AD:0D:67:92:5C:14:78:29:24:3F:EF:7E:FA:41:2C:7F:31:1A:20
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/bK0NZ5JcFHgpJD_vfvpBLH8xGiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.16.0/24
Signature Algorithm: sha256WithRSAEncryption
18:68:f7:22:49:42:01:1a:21:d8:f4:79:76:af:00:60:34:3b:
29:70:91:d7:58:b8:39:2a:8a:9c:19:25:1e:ee:5c:c6:2e:88:
5b:5e:b8:0d:d2:0b:1d:b6:6b:7c:f1:56:10:c2:7e:de:25:a0:
bf:b3:90:0b:de:47:b9:ce:81:80:27:89:26:dc:29:ba:ec:7a:
92:89:45:67:40:70:b2:25:36:07:a3:0f:21:02:00:8c:e7:0d:
90:24:38:fc:7e:00:40:1e:b6:86:d3:b8:fa:8e:3a:59:83:09:
92:2c:70:2f:6e:2b:e6:7b:41:2b:c6:86:9d:9f:03:75:81:93:
07:1b:fa:c5:6b:13:a7:a0:cf:4b:28:05:31:d1:92:ae:22:4e:
4e:df:d1:d4:02:c8:ea:25:bd:85:1e:ea:c4:45:f3:83:d1:2f:
6e:e5:c0:b7:13:4e:05:7e:df:a7:26:ff:37:35:81:0b:10:ff:
34:a2:58:9f:79:80:1b:fc:71:b0:5f:91:f6:73:61:c5:5e:c6:
ca:78:c5:ae:ab:91:c4:6d:e1:89:14:b1:3c:80:9e:58:4e:3b:
1b:7a:20:1b:59:16:d3:91:21:3b:44:d3:83:43:9f:98:d0:28:
8c:3f:86:72:d6:00:6e:58:72:62:5a:a1:bb:50:2a:63:3a:9d:
67:9e:c8:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQSCrSyccNK3Ip8zTp4A/rWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjQxMjI5MTA1MTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2FkMGQ2NzkyNWMxNDc4MjkyNDNmZWY3ZWZhNDEyYzdmMzExYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2x6MhKpCKcUTYwnBDSeuS+YjJ+q
mV4AmhrCwJLlRp3GxqeQlL3ojViXgA7ArUFPEIK1mbHtFWV6Y2bevKqQvWTWEiXa
JpHUVd9nnKkE9jFBH51E6tXeNj9898TF9jhCc/EilZeTAMsSqhWDG5CR6jypxHKc
yKfQ7Ele5qMQ9VUzxV343fWizEjKrHsqAcR/ETMbvAJJubNLFU9M+z0cbqggmg3m
My9GBSyz5TiFnUx/XqA+WCql9kz6EkzyoPRf0JYcW48Q942CoEavIUWVERXMI9fo
FpyOj80aESQrioufdr+HmspQT7/gn6oBlKNsYH68juP6/ZjYshmu+KOI8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGytDWeSXBR4KSQ/7376QSx/MRogMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvYkswTlo1SmNGSGdwSkRfdmZ2cEJMSDh4R2lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaAQMA0G
CSqGSIb3DQEBCwUAA4IBAQAYaPciSUIBGiHY9Hl2rwBgNDspcJHXWLg5KoqcGSUe
7lzGLohbXrgN0gsdtmt88VYQwn7eJaC/s5AL3ke5zoGAJ4km3Cm67HqSiUVnQHCy
JTYHow8hAgCM5w2QJDj8fgBAHraG07j6jjpZgwmSLHAvbivme0ErxoadnwN1gZMH
G/rFaxOnoM9LKAUx0ZKuIk5O39HUAsjqJb2FHurERfOD0S9u5cC3E04Fft+nJv83
NYELEP80olifeYAb/HGwX5H2c2HFXsbKeMWuq5HEbeGJFLE8gJ5YTjsbeiAbWRbT
kSE7RNODQ5+Y0CiMP4Zy1gBuWHJiWqG7UCpjOp1nnsjD
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:02:25 2025 by rpki-client