Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/s5qIsNfJR7P-jv2P9-s9lL2uHis.roa
File: s5qIsNfJR7P-jv2P9-s9lL2uHis.roa (raw, json)
Hash identifier: mtLHUpzUKBcXrWsE4bVmzENhqLYQo0RTHKyGIZTq710=
Subject key identifier: B3:9A:88:B0:D7:C9:47:B3:FE:8E:FD:8F:F7:EB:3D:94:BD:AE:1E:2B
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F14546E70E23E35024187829C364F96D3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/s5qIsNfJR7P-jv2P9-s9lL2uHis.roa
Signing time: Thu 25 Apr 2024 08:17:08 +0000
ROA not before: Thu 25 Apr 2024 08:17:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29066
IP address blocks: 2.56.102.0/24 maxlen: 24
2.59.23.0/24 maxlen: 24
45.9.117.0/24 maxlen: 24
45.9.118.0/24 maxlen: 24
45.9.119.0/24 maxlen: 24
45.9.120.0/24 maxlen: 24
45.152.203.0/24 maxlen: 24
193.39.244.0/24 maxlen: 24
2a0f:4a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 03 May 2024 08:35:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:14:54:6e:70:e2:3e:35:02:41:87:82:9c:36:4f:96:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 25 08:17:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b39a88b0d7c947b3fe8efd8ff7eb3d94bdae1e2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:45:0d:30:f8:ac:7a:05:fa:95:30:41:00:ef:
87:e4:77:e2:4a:0b:87:61:5e:ae:8c:54:58:5f:34:
d2:38:d9:f7:b6:f1:00:f5:27:55:a9:ee:87:65:9e:
80:b7:14:cc:97:6c:3d:3c:ef:c3:5f:28:01:07:54:
6a:10:e5:da:8a:51:f1:54:13:dd:fc:8a:d5:39:14:
97:5e:a5:40:19:e8:cb:6c:db:ad:5d:c7:7b:2b:9f:
15:0a:d0:b8:e9:11:c6:0f:f0:ab:f6:44:ef:60:d9:
0d:89:0d:9c:ba:9a:6c:b9:72:e4:35:01:a5:38:d2:
9c:5e:3c:e5:e6:9e:b3:db:21:76:0c:90:2f:8e:70:
69:86:e0:5f:92:d0:f6:cc:5a:06:c7:78:d0:30:85:
b0:61:92:d8:7d:86:e3:84:95:26:6b:97:5b:80:ae:
3f:81:f1:c3:65:b1:a9:4d:d4:d2:a8:2c:2b:31:c7:
a5:9e:a6:ff:ad:38:77:82:b3:f7:11:ba:54:68:2b:
46:00:76:19:5e:43:87:69:2d:e6:77:64:81:b8:42:
94:f7:cf:98:b2:c3:92:f7:21:44:02:9e:02:73:90:
0d:01:b4:20:7a:26:e4:56:96:f5:96:5b:e9:21:cc:
70:ab:a5:2a:f6:a3:69:e3:68:7e:37:85:fd:15:31:
f9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:9A:88:B0:D7:C9:47:B3:FE:8E:FD:8F:F7:EB:3D:94:BD:AE:1E:2B
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/s5qIsNfJR7P-jv2P9-s9lL2uHis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.102.0/24
2.59.23.0/24
45.9.117.0-45.9.120.255
45.152.203.0/24
193.39.244.0/24
IPv6:
2a0f:4a00::/29
Signature Algorithm: sha256WithRSAEncryption
1c:76:e2:e2:3e:b5:79:1d:6b:5d:21:45:88:05:c0:77:6a:c2:
5c:a5:c7:e0:fd:fd:17:cd:47:d9:4d:f3:e1:0e:22:66:81:cf:
1c:30:b9:33:77:2f:9c:5f:a6:cd:f3:5e:e4:d4:b7:f5:36:4c:
6e:fa:d5:02:32:8b:8d:4e:1e:3c:dd:14:15:c0:33:57:42:7f:
1a:c8:df:a6:4b:9b:39:25:09:4d:5c:a0:0d:74:ef:1f:c9:dd:
23:d7:5c:04:94:a6:b0:d4:11:b0:d6:f3:47:ef:20:0a:25:70:
74:73:63:9c:c3:eb:e5:21:48:fb:5d:bd:5e:b3:31:67:80:f8:
61:d1:9d:e3:44:82:97:0a:ff:ff:c0:1b:0f:24:36:d3:a5:7b:
bd:c4:f9:a1:58:c9:cf:8b:a1:52:c0:22:17:f7:36:09:c0:4b:
77:99:31:2a:7a:09:29:69:e3:4e:4a:6a:e1:c0:f2:3f:d9:80:
a8:13:ac:05:91:5d:1c:5d:82:c1:d7:af:ad:33:a4:cc:2d:d4:
cb:f1:59:6c:12:e0:8b:99:f1:93:4b:c7:1b:ec:5f:be:76:37:
a2:f6:fe:d7:71:7f:a1:ef:7d:30:fc:b6:91:36:1b:25:1d:ee:
91:51:fa:f8:f1:61:0f:ea:c2:ad:3c:c9:fd:c9:79:04:ea:df:
a7:02:73:d2
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY8UVG5w4j41AkGHgpw2T5bTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNDI1MDgxNzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzlhODhiMGQ3Yzk0N2IzZmU4ZWZkOGZmN2ViM2Q5NGJkYWUxZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA90UNMPisegX6lTBBAO+H5HfiSguH
YV6ujFRYXzTSONn3tvEA9SdVqe6HZZ6AtxTMl2w9PO/DXygBB1RqEOXailHxVBPd
/IrVORSXXqVAGejLbNutXcd7K58VCtC46RHGD/Cr9kTvYNkNiQ2cuppsuXLkNQGl
ONKcXjzl5p6z2yF2DJAvjnBphuBfktD2zFoGx3jQMIWwYZLYfYbjhJUma5dbgK4/
gfHDZbGpTdTSqCwrMcelnqb/rTh3grP3EbpUaCtGAHYZXkOHaS3md2SBuEKU98+Y
ssOS9yFEAp4Cc5ANAbQgeibkVpb1llvpIcxwq6Uq9qNp42h+N4X9FTH5JwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFLOaiLDXyUez/o79j/frPZS9rh4rMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvczVxSXNOZkpSN1AtanYyUDktczlsTDJ1SGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQAAjhmAwQA
AjsXMAwDBAAtCXUDBAAtCXgDBAAtmMsDBADBJ/QwDQQCAAIwBwMFAyoPSgAwDQYJ
KoZIhvcNAQELBQADggEBABx24uI+tXkda10hRYgFwHdqwlylx+D9/RfNR9lN8+EO
ImaBzxwwuTN3L5xfps3zXuTUt/U2TG761QIyi41OHjzdFBXAM1dCfxrI36ZLmzkl
CU1coA107x/J3SPXXASUprDUEbDW80fvIAolcHRzY5zD6+UhSPtdvV6zMWeA+GHR
neNEgpcK///AGw8kNtOle73E+aFYyc+LoVLAIhf3NgnAS3eZMSp6CSlp405KauHA
8j/ZgKgTrAWRXRxdgsHXr60zpMwt1MvxWWwS4IuZ8ZNLxxvsX752N6L2/tdxf6Hv
fTD8tpE2GyUd7pFR+vjxYQ/qwq08yf3JeQTq36cCc9I=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:04:51 2025 by rpki-client