Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/4GKDY33uSx4_OudQCoWJkjfHaUA.roa
File: 4GKDY33uSx4_OudQCoWJkjfHaUA.roa (raw, json)
Hash identifier: cTHLe2ULYQuAZQaXg3GSMPmLpmiHKIfbtF9orLEy+Pc=
Subject key identifier: E0:62:83:63:7D:EE:4B:1E:3F:3A:E7:50:0A:85:89:92:37:C7:69:40
Certificate issuer: /CN=beb12ce6a91030e27d5abad146df27bc2880652b
Certificate serial: 0193445680656E9A7B3FED1397C35252856F
Authority key identifier: BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/4GKDY33uSx4_OudQCoWJkjfHaUA.roa
Signing time: Tue 19 Nov 2024 12:12:19 +0000
ROA not before: Tue 19 Nov 2024 12:12:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 5.11.20.0/24 maxlen: 24
5.11.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:56:80:65:6e:9a:7b:3f:ed:13:97:c3:52:52:85:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beb12ce6a91030e27d5abad146df27bc2880652b
Validity
Not Before: Nov 19 12:12:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e06283637dee4b1e3f3ae7500a85899237c76940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9c:ae:a8:ed:31:e2:da:79:0b:eb:5c:b9:7a:
ab:42:7f:2f:29:2e:29:14:14:ba:70:aa:28:83:69:
46:e7:2d:6a:9f:2a:69:7f:26:28:ac:07:43:73:ce:
2f:88:76:fa:7d:98:21:2f:85:a5:8a:99:d3:46:1c:
d4:c8:53:8a:83:03:fb:c9:b9:44:0b:48:f0:b7:d8:
be:cd:c9:be:8a:e6:7a:42:55:ec:c1:12:c1:a2:21:
d1:fd:13:35:9d:e6:f7:c0:fc:ec:5b:7e:fa:58:65:
d6:52:90:2a:74:f2:68:b3:4f:af:a1:f0:a9:84:66:
8e:a6:9a:86:ad:d0:a2:a8:2b:c4:bc:89:35:c2:61:
b1:79:1d:fc:ce:2c:0c:87:52:d9:45:cb:f7:ac:0b:
ac:4a:4f:e8:51:87:26:8a:05:a6:46:97:90:70:bc:
89:a3:82:09:56:32:c5:c8:d5:e8:22:bd:9f:89:97:
98:3c:ce:90:47:67:00:0a:57:9a:dd:0f:8b:2a:99:
c5:57:37:73:ee:0e:b8:5c:39:e6:f7:b3:01:c3:54:
4e:88:2d:47:f4:31:40:3b:1e:c2:ad:62:47:72:85:
f8:08:5c:9b:88:8c:4c:12:73:b3:89:bc:19:db:74:
34:47:35:4f:82:3d:7a:b9:92:55:fa:80:e5:72:f9:
b7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:62:83:63:7D:EE:4B:1E:3F:3A:E7:50:0A:85:89:92:37:C7:69:40
X509v3 Authority Key Identifier:
keyid:BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/4GKDY33uSx4_OudQCoWJkjfHaUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.20.0/24
5.11.23.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:69:75:a2:7d:f5:6f:00:6f:6a:a7:82:ec:d2:47:5d:8f:f3:
66:89:00:9f:ec:b3:c4:a0:5b:ff:2c:8c:69:37:13:13:95:51:
50:3f:6c:70:19:30:af:48:7d:88:96:f1:33:a4:a7:52:e0:c1:
24:a2:e2:43:12:2d:94:49:1d:d7:fb:10:03:be:79:94:af:3d:
c3:3e:6c:aa:3e:3d:0e:2a:c4:0c:6c:dd:ed:94:95:de:5d:fd:
3e:48:00:1c:e2:82:77:10:4a:21:07:b3:46:9c:3c:9c:20:70:
65:45:aa:a2:08:b3:08:b6:b9:aa:24:ca:5b:a6:fd:50:59:73:
be:73:38:47:5d:23:64:18:a0:24:3a:35:3f:17:62:f3:ef:87:
7c:02:35:a3:b8:d6:0a:75:e7:0a:d6:e3:d5:b1:fb:54:c2:64:
35:f0:9b:61:45:89:b6:b2:1a:32:24:ab:5c:40:20:b7:8b:67:
8d:c3:58:1b:94:33:a8:d0:db:4c:9c:dc:c1:69:bf:30:9e:dc:
9e:6f:7a:ad:57:4e:2e:01:7b:fd:f8:17:a4:a9:0f:0c:66:5c:
3f:49:d0:54:ff:64:4b:79:27:7f:b8:e5:52:e7:46:13:c5:41:
52:6c:65:32:a0:73:da:eb:93:b1:5b:d4:2c:55:17:28:6a:9c:
b4:4f:09:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNEVoBlbpp7P+0Tl8NSUoVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYjEyY2U2YTkxMDMwZTI3ZDVhYmFkMTQ2ZGYyN2JjMjg4
MDY1MmIwHhcNMjQxMTE5MTIxMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDYyODM2MzdkZWU0YjFlM2YzYWU3NTAwYTg1ODk5MjM3Yzc2OTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5yuqO0x4tp5C+tcuXqrQn8vKS4p
FBS6cKoog2lG5y1qnyppfyYorAdDc84viHb6fZghL4WlipnTRhzUyFOKgwP7yblE
C0jwt9i+zcm+iuZ6QlXswRLBoiHR/RM1neb3wPzsW376WGXWUpAqdPJos0+vofCp
hGaOppqGrdCiqCvEvIk1wmGxeR38ziwMh1LZRcv3rAusSk/oUYcmigWmRpeQcLyJ
o4IJVjLFyNXoIr2fiZeYPM6QR2cAClea3Q+LKpnFVzdz7g64XDnm97MBw1ROiC1H
9DFAOx7CrWJHcoX4CFybiIxMEnOzibwZ23Q0RzVPgj16uZJV+oDlcvm3VQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOBig2N97ksePzrnUAqFiZI3x2lAMB8GA1UdIwQY
MBaAFL6xLOapEDDifVq60UbfJ7wogGUrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMt
YTdhZGU0MzRkNDUxLzEvNEdLRFkzM3VTeDRfT3VkUUNvV0pramZIYVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMtYTdhZGU0MzRkNDUx
LzEvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQsUAwQA
BQsXMA0GCSqGSIb3DQEBCwUAA4IBAQCkaXWiffVvAG9qp4Ls0kddj/NmiQCf7LPE
oFv/LIxpNxMTlVFQP2xwGTCvSH2IlvEzpKdS4MEkouJDEi2USR3X+xADvnmUrz3D
PmyqPj0OKsQMbN3tlJXeXf0+SAAc4oJ3EEohB7NGnDycIHBlRaqiCLMItrmqJMpb
pv1QWXO+czhHXSNkGKAkOjU/F2Lz74d8AjWjuNYKdecK1uPVsftUwmQ18JthRYm2
shoyJKtcQCC3i2eNw1gblDOo0NtMnNzBab8wntyeb3qtV04uAXv9+BekqQ8MZlw/
SdBU/2RLeSd/uOVS50YTxUFSbGUyoHPa65OxW9QsVRcoapy0TwlS
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:10 2025 by rpki-client