Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/5IUyoZ4K9luHhIGl8ZWn3wGrNAA.roa
File: 5IUyoZ4K9luHhIGl8ZWn3wGrNAA.roa (raw, json)
Hash identifier: Nas1K501KoCpSjINQGFCIQjVaClfJkfxlwjT1BMMzDE=
Subject key identifier: E4:85:32:A1:9E:0A:F6:5B:87:84:81:A5:F1:95:A7:DF:01:AB:34:00
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 019421B22582947BC3858D493C119D55FBB1
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/5IUyoZ4K9luHhIGl8ZWn3wGrNAA.roa
Signing time: Wed 01 Jan 2025 11:48:30 +0000
ROA not before: Wed 01 Jan 2025 11:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8618
IP address blocks: 195.130.124.0/22 maxlen: 22
195.251.110.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 08 Jan 2025 07:59:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:25:82:94:7b:c3:85:8d:49:3c:11:9d:55:fb:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 11:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e48532a19e0af65b878481a5f195a7df01ab3400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ee:ab:28:dc:af:1c:39:1c:0b:b8:fd:e5:76:
58:30:61:5d:39:a3:99:73:41:e4:29:dc:17:1d:91:
df:bc:c4:1e:f2:6b:53:ad:0e:dc:e0:fa:8f:83:dc:
92:68:71:4d:73:e0:71:76:4f:ba:09:ae:7d:44:20:
a5:78:a4:7f:db:f4:15:a3:ea:99:e0:1c:ec:74:9f:
44:26:66:2c:e4:3c:89:d0:4a:c9:49:37:c1:46:13:
0c:6e:ac:01:b4:5f:07:35:bd:9c:2d:8c:fe:77:78:
83:0c:0c:73:12:c3:ac:7d:20:72:60:86:78:0c:80:
95:99:8e:a3:aa:38:57:4f:22:d9:91:b8:05:bf:8b:
d5:29:9f:ee:d2:12:f1:c8:ca:a6:66:a6:e1:89:9b:
b2:f1:42:85:20:64:d7:2f:51:bb:5b:a0:1c:ed:ab:
76:29:5d:e4:63:b3:83:d6:61:8c:23:00:34:fe:19:
d9:ec:26:67:c0:d4:68:f6:87:9b:66:73:ef:6e:ba:
2e:09:eb:af:ce:ac:80:75:56:61:a7:dc:80:40:b3:
55:bb:db:c1:ec:b0:75:c5:3e:d0:2c:4c:72:86:fc:
e2:8a:64:d1:99:a3:f5:21:0d:f1:22:ee:ba:27:f4:
64:26:77:e2:3a:9e:bf:75:83:32:57:b5:e0:f3:71:
2c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:85:32:A1:9E:0A:F6:5B:87:84:81:A5:F1:95:A7:DF:01:AB:34:00
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/5IUyoZ4K9luHhIGl8ZWn3wGrNAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.130.124.0/22
195.251.110.0/23
Signature Algorithm: sha256WithRSAEncryption
89:6a:b5:7d:0d:5f:3d:c1:46:d7:fc:cf:86:7c:b9:d6:99:ea:
92:43:3e:06:0b:59:2c:af:cf:1f:15:b2:53:8d:dc:18:45:28:
84:56:49:58:cc:f2:84:ca:a0:58:92:c1:75:d8:6c:ab:9c:8e:
46:ed:85:4f:46:aa:35:5d:eb:f0:95:ea:ab:85:d9:99:e6:5c:
af:ae:85:a5:fe:bb:e1:80:14:4d:69:a8:fe:ec:be:44:fc:53:
74:e3:d3:36:d3:7d:4e:0e:01:a2:41:0d:21:00:1f:a0:e1:f0:
44:19:a5:fd:b5:c6:bf:17:f9:44:14:dd:23:11:48:5e:e3:ca:
0a:7a:85:0e:8a:a8:19:9f:af:cf:05:65:9d:40:6e:d0:e2:2e:
57:ec:7b:b1:db:c4:73:98:7c:f1:bd:99:64:33:27:22:03:b5:
d5:54:db:ec:2d:c0:8c:f2:f5:1a:11:d0:20:17:74:04:6e:4b:
48:d4:d8:6a:93:8e:82:9f:30:1e:b8:f2:03:07:4c:ef:df:38:
6a:5e:49:40:93:4d:e6:37:56:25:af:eb:b8:5b:04:20:c7:1f:
de:68:cf:b8:d2:e7:ec:fd:1e:c8:0c:f5:96:70:2b:92:21:8b:
49:0e:a9:d4:45:97:91:3e:cf:a7:6f:24:bd:5d:82:ed:44:a0:
5a:ad:a0:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsiWClHvDhY1JPBGdVfuxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjUwMTAxMTE0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDg1MzJhMTllMGFmNjViODc4NDgxYTVmMTk1YTdkZjAxYWIzNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme6rKNyvHDkcC7j95XZYMGFdOaOZ
c0HkKdwXHZHfvMQe8mtTrQ7c4PqPg9ySaHFNc+Bxdk+6Ca59RCCleKR/2/QVo+qZ
4BzsdJ9EJmYs5DyJ0ErJSTfBRhMMbqwBtF8HNb2cLYz+d3iDDAxzEsOsfSByYIZ4
DICVmY6jqjhXTyLZkbgFv4vVKZ/u0hLxyMqmZqbhiZuy8UKFIGTXL1G7W6Ac7at2
KV3kY7OD1mGMIwA0/hnZ7CZnwNRo9oebZnPvbrouCeuvzqyAdVZhp9yAQLNVu9vB
7LB1xT7QLExyhvziimTRmaP1IQ3xIu66J/RkJnfiOp6/dYMyV7Xg83EsXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOSFMqGeCvZbh4SBpfGVp98BqzQAMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvNUlVeW9aNEs5bHVIaElHbDhaV24zd0dyTkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw4J8AwQB
w/tuMA0GCSqGSIb3DQEBCwUAA4IBAQCJarV9DV89wUbX/M+GfLnWmeqSQz4GC1ks
r88fFbJTjdwYRSiEVklYzPKEyqBYksF12GyrnI5G7YVPRqo1XevwleqrhdmZ5lyv
roWl/rvhgBRNaaj+7L5E/FN049M2031ODgGiQQ0hAB+g4fBEGaX9tca/F/lEFN0j
EUhe48oKeoUOiqgZn6/PBWWdQG7Q4i5X7Hux28RzmHzxvZlkMyciA7XVVNvsLcCM
8vUaEdAgF3QEbktI1Nhqk46CnzAeuPIDB0zv3zhqXklAk03mN1Ylr+u4WwQgxx/e
aM+40ufs/R7IDPWWcCuSIYtJDqnURZeRPs+nbyS9XYLtRKBaraAB
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:29:16 2025 by rpki-client