Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/OWr1QTZaI_duPiZFeXmddZCjzu0.roa
File: OWr1QTZaI_duPiZFeXmddZCjzu0.roa (raw, json)
Hash identifier: Apo+DpOY1yhu6e7HNO4Ld4fs3s94WrSCPQAGXhgWuaI=
Subject key identifier: 39:6A:F5:41:36:5A:23:F7:6E:3E:26:45:79:79:9D:75:90:A3:CE:ED
Certificate issuer: /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial: 018CC7945D191858F7FD000B5BA5C7961F57
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/OWr1QTZaI_duPiZFeXmddZCjzu0.roa
Signing time: Tue 02 Jan 2024 00:30:38 +0000
ROA not before: Tue 02 Jan 2024 00:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202813
IP address blocks: 5.59.64.0/22 maxlen: 24
5.59.172.0/24 maxlen: 24
5.59.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jul 2024 15:12:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:5d:19:18:58:f7:fd:00:0b:5b:a5:c7:96:1f:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Validity
Not Before: Jan 2 00:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=396af541365a23f76e3e264579799d7590a3ceed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b5:a4:61:1a:69:fd:c4:73:f3:d0:29:13:d3:
ce:1b:cb:3f:c1:2e:32:3f:58:ee:cb:41:73:77:10:
43:8a:54:eb:80:09:9f:bb:54:df:37:03:51:6f:d9:
a5:56:34:06:1c:78:4f:49:83:08:5f:cb:6d:52:4a:
18:b2:56:0d:f3:16:dc:a7:3b:3d:6d:00:17:c7:90:
df:56:51:07:99:22:57:e4:d9:6d:bf:d4:0b:26:60:
ad:bd:74:01:de:b0:b1:d7:fc:f0:41:e0:0f:88:0f:
e3:76:41:d8:9a:19:79:df:56:b1:6c:70:c0:24:93:
14:1e:df:c2:0d:6b:d4:f9:7a:37:a0:3f:52:36:a2:
8a:36:e1:9b:42:6c:95:3f:59:bf:56:24:0b:4b:a7:
5b:66:4f:bc:b2:80:2b:4e:6f:1c:d2:cd:0d:ba:3a:
3b:1a:ac:75:01:75:6e:bb:22:ac:5e:38:54:49:66:
0c:bf:b1:b9:43:1f:b7:bc:92:c3:73:ce:f6:20:e5:
ef:64:8a:3f:20:53:a2:d0:d3:23:35:85:53:3e:6f:
1c:13:32:51:7b:7d:97:3a:b1:1d:82:23:ea:b4:f9:
d9:ac:68:2c:a2:59:e5:50:e4:04:de:cf:38:99:1a:
fb:8d:4a:17:0f:a6:ed:15:0c:eb:c2:d5:0c:3a:2c:
e9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:6A:F5:41:36:5A:23:F7:6E:3E:26:45:79:79:9D:75:90:A3:CE:ED
X509v3 Authority Key Identifier:
keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/OWr1QTZaI_duPiZFeXmddZCjzu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.59.64.0/22
5.59.172.0/23
Signature Algorithm: sha256WithRSAEncryption
31:2f:e6:11:a1:fb:28:c3:92:92:06:3e:8d:b4:51:73:5a:55:
82:4d:fd:c9:b9:7c:56:3a:73:77:32:df:48:9e:fd:c9:ca:1c:
73:03:c5:8c:32:d9:a7:3a:2c:35:66:44:89:ec:68:be:dd:fc:
7c:67:f3:8c:9a:4f:7d:e4:1b:2c:cd:f6:86:de:4b:ac:86:38:
18:df:e7:ae:17:9d:92:9e:ff:be:79:72:06:c6:93:8a:b8:e8:
cc:75:71:b6:21:c8:fe:a9:48:a1:38:48:57:f2:36:9c:fe:cb:
4c:b8:81:d2:74:a8:94:c6:fc:4c:34:07:06:b2:9f:61:f9:d3:
02:ec:e7:b8:e7:eb:f2:dc:48:d8:b3:4d:16:d3:bb:e9:a7:79:
9a:be:66:fb:d4:eb:5d:2e:2b:fa:ee:11:f5:cc:5e:7b:20:61:
84:ae:f1:75:9b:ad:64:97:ca:e2:55:15:7c:86:84:a9:15:3e:
c3:64:1a:5a:a6:d1:9e:04:0a:ba:74:10:60:00:06:93:de:81:
4a:9d:7e:8d:cb:5c:91:c0:68:22:13:84:57:85:ff:d8:2d:fc:
7f:a6:d2:30:b2:f0:ac:a4:05:06:56:8a:b8:c3:62:01:c1:11:
8f:64:25:57:b7:dc:c0:3e:a6:78:33:80:92:f7:5b:6a:7c:de:
52:90:e5:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlF0ZGFj3/QALW6XHlh9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjQwMTAyMDAzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTZhZjU0MTM2NWEyM2Y3NmUzZTI2NDU3OTc5OWQ3NTkwYTNjZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLWkYRpp/cRz89ApE9POG8s/wS4y
P1juy0FzdxBDilTrgAmfu1TfNwNRb9mlVjQGHHhPSYMIX8ttUkoYslYN8xbcpzs9
bQAXx5DfVlEHmSJX5Nltv9QLJmCtvXQB3rCx1/zwQeAPiA/jdkHYmhl531axbHDA
JJMUHt/CDWvU+Xo3oD9SNqKKNuGbQmyVP1m/ViQLS6dbZk+8soArTm8c0s0Nujo7
Gqx1AXVuuyKsXjhUSWYMv7G5Qx+3vJLDc872IOXvZIo/IFOi0NMjNYVTPm8cEzJR
e32XOrEdgiPqtPnZrGgsolnlUOQE3s84mRr7jUoXD6btFQzrwtUMOizpRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDlq9UE2WiP3bj4mRXl5nXWQo87tMB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEvT1dyMVFUWmFJX2R1UGlaRmVYbWRkWkNqenUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBTtAAwQB
BTusMA0GCSqGSIb3DQEBCwUAA4IBAQAxL+YRofsow5KSBj6NtFFzWlWCTf3JuXxW
OnN3Mt9Inv3JyhxzA8WMMtmnOiw1ZkSJ7Gi+3fx8Z/OMmk995BsszfaG3kushjgY
3+euF52Snv++eXIGxpOKuOjMdXG2Icj+qUihOEhX8jac/stMuIHSdKiUxvxMNAcG
sp9h+dMC7Oe45+vy3EjYs00W07vpp3mavmb71OtdLiv67hH1zF57IGGErvF1m61k
l8riVRV8hoSpFT7DZBpaptGeBAq6dBBgAAaT3oFKnX6Ny1yRwGgiE4RXhf/YLfx/
ptIwsvCspAUGVoq4w2IBwRGPZCVXt9zAPqZ4M4CS91tqfN5SkOWZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:14 2025 by rpki-client