Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/yZPsuB76thPGzxhpJamEz2B41GQ.roa
File: yZPsuB76thPGzxhpJamEz2B41GQ.roa (raw, json)
Hash identifier: f05WeL4LEfRxk/GRn9G9+6MZE2/i89hojnPFW7SIO5g=
Subject key identifier: C9:93:EC:B8:1E:FA:B6:13:C6:CF:18:69:25:A9:84:CF:60:78:D4:64
Certificate issuer: /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial: 01929A62C4107B711AF1FFFAD763C36F15D1
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/yZPsuB76thPGzxhpJamEz2B41GQ.roa
Signing time: Thu 17 Oct 2024 12:10:16 +0000
ROA not before: Thu 17 Oct 2024 12:10:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209046
IP address blocks: 5.59.0.0/23 maxlen: 24
5.59.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Oct 2024 11:36:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9a:62:c4:10:7b:71:1a:f1:ff:fa:d7:63:c3:6f:15:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Validity
Not Before: Oct 17 12:10:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c993ecb81efab613c6cf186925a984cf6078d464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4e:0d:c9:82:a3:42:cc:74:54:de:42:d7:b5:
31:8c:c9:77:d7:d4:dc:49:b5:b9:2b:ed:20:96:0f:
db:9f:0a:75:76:e3:74:0a:f7:36:2e:9d:f7:23:70:
a9:13:fb:70:42:aa:cb:1e:10:9c:20:8c:ba:88:e3:
04:42:60:ce:b9:fe:f1:50:61:75:b4:b4:f5:28:77:
ec:1b:35:87:f4:3d:f6:32:70:1c:2b:59:17:c1:a7:
10:d6:e4:e7:0d:d9:1a:a4:65:68:2d:ea:b3:a1:42:
06:68:73:d4:bd:c7:b5:60:73:18:3c:eb:b6:d4:81:
0d:bf:de:44:5a:90:1f:b7:fa:b8:e8:dd:5a:f2:27:
11:53:70:7d:2d:b5:c7:0f:04:07:6c:c3:7f:0a:38:
a9:23:32:2e:b5:43:36:7b:40:83:dc:f7:f2:c5:c4:
fb:16:81:f0:9f:71:4b:b6:67:97:d4:2e:ee:5b:ca:
b5:7b:5c:e5:2c:cf:21:52:67:6e:6b:dc:bd:26:ac:
db:bf:96:e9:9c:b5:e4:ce:0a:26:ce:6d:af:2a:5e:
45:69:35:3d:0d:09:eb:5c:12:86:5c:a3:0c:60:80:
2c:8c:05:6b:91:dc:29:9a:dd:cd:cf:4f:cf:0a:1e:
e4:ac:17:d4:cd:b3:87:c0:bb:71:06:73:48:a3:d7:
31:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:93:EC:B8:1E:FA:B6:13:C6:CF:18:69:25:A9:84:CF:60:78:D4:64
X509v3 Authority Key Identifier:
keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/yZPsuB76thPGzxhpJamEz2B41GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.59.0.0/23
5.59.56.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:8b:ea:9d:17:3b:c6:e1:c6:34:8b:40:55:14:77:2d:06:99:
b5:bf:50:fa:74:5a:a9:6c:0a:24:af:b7:43:51:75:04:61:dc:
56:ce:4e:2d:6c:f5:29:42:3d:e2:90:d5:9f:60:30:d4:28:93:
22:dd:16:e7:75:49:a8:5f:c2:d4:7f:3a:94:42:e5:59:cc:ba:
cb:85:b8:58:da:7d:64:4c:1f:21:f9:93:c6:8f:12:60:e6:bc:
45:74:01:96:86:d3:07:53:97:76:3a:db:83:94:a1:f5:3b:5c:
1d:bc:5f:be:8c:3e:eb:e1:bc:63:3e:82:38:84:1e:4b:29:ea:
db:57:e8:25:cd:0c:54:fe:83:a1:dd:a8:00:65:8a:2b:f2:0b:
d1:3c:de:04:e9:6d:f3:36:0c:e7:0c:1d:70:96:82:12:2e:44:
ed:ef:b5:65:1a:b4:e4:48:c3:d4:b6:ae:eb:16:ad:fe:10:49:
f4:3f:76:c6:c7:ec:b3:b5:64:c9:c0:c7:01:dc:21:59:40:5c:
18:9d:21:79:25:90:99:15:66:11:3a:5f:74:32:ac:25:7e:1b:
93:90:ea:6d:2f:5d:f0:68:6f:2b:1a:b7:d6:19:0d:51:fc:41:
e2:54:72:79:fe:c9:3c:eb:d5:0a:d4:0b:24:62:e9:86:d6:73:
01:1c:6e:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKaYsQQe3Ea8f/612PDbxXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjQxMDE3MTIxMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTkzZWNiODFlZmFiNjEzYzZjZjE4NjkyNWE5ODRjZjYwNzhkNDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjE4NyYKjQsx0VN5C17UxjMl319Tc
SbW5K+0glg/bnwp1duN0Cvc2Lp33I3CpE/twQqrLHhCcIIy6iOMEQmDOuf7xUGF1
tLT1KHfsGzWH9D32MnAcK1kXwacQ1uTnDdkapGVoLeqzoUIGaHPUvce1YHMYPOu2
1IENv95EWpAft/q46N1a8icRU3B9LbXHDwQHbMN/CjipIzIutUM2e0CD3PfyxcT7
FoHwn3FLtmeX1C7uW8q1e1zlLM8hUmdua9y9Jqzbv5bpnLXkzgomzm2vKl5FaTU9
DQnrXBKGXKMMYIAsjAVrkdwpmt3Nz0/PCh7krBfUzbOHwLtxBnNIo9cxVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMmT7Lge+rYTxs8YaSWphM9geNRkMB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEveVpQc3VCNzZ0aFBHenhocEphbUV6MkI0MUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBTsAAwQA
BTs4MA0GCSqGSIb3DQEBCwUAA4IBAQAKi+qdFzvG4cY0i0BVFHctBpm1v1D6dFqp
bAokr7dDUXUEYdxWzk4tbPUpQj3ikNWfYDDUKJMi3RbndUmoX8LUfzqUQuVZzLrL
hbhY2n1kTB8h+ZPGjxJg5rxFdAGWhtMHU5d2OtuDlKH1O1wdvF++jD7r4bxjPoI4
hB5LKerbV+glzQxU/oOh3agAZYor8gvRPN4E6W3zNgznDB1wloISLkTt77VlGrTk
SMPUtq7rFq3+EEn0P3bGx+yztWTJwMcB3CFZQFwYnSF5JZCZFWYROl90MqwlfhuT
kOptL13waG8rGrfWGQ1R/EHiVHJ5/sk869UK1AskYumG1nMBHG50
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:05 2025 by rpki-client