Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/epQHS5Xs7vqOXX238_hhrMePsw0.roa
File: epQHS5Xs7vqOXX238_hhrMePsw0.roa (raw, json)
Hash identifier: WBlegQir0iY9pC450ym6pcy8haV6OpVPgoA5ymkQJBc=
Subject key identifier: 7A:94:07:4B:95:EC:EE:FA:8E:5D:7D:B7:F3:F8:61:AC:C7:8F:B3:0D
Certificate issuer: /CN=92bf6464ce6e19a4dcf8a32b27a2f1cbe1551055
Certificate serial: 018CC424BB6E33499E7FC7EE44EBBF537990
Authority key identifier: 92:BF:64:64:CE:6E:19:A4:DC:F8:A3:2B:27:A2:F1:CB:E1:55:10:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/epQHS5Xs7vqOXX238_hhrMePsw0.roa
Signing time: Mon 01 Jan 2024 08:29:50 +0000
ROA not before: Mon 01 Jan 2024 08:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61191
IP address blocks: 5.56.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:bb:6e:33:49:9e:7f:c7:ee:44:eb:bf:53:79:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92bf6464ce6e19a4dcf8a32b27a2f1cbe1551055
Validity
Not Before: Jan 1 08:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a94074b95eceefa8e5d7db7f3f861acc78fb30d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7f:50:1f:e7:5a:36:b7:23:09:e2:2b:93:74:
03:37:f0:d5:f2:e3:8d:77:b7:dd:8e:38:2d:75:30:
23:a1:58:46:a9:e6:7f:33:34:df:12:eb:51:35:40:
4a:45:43:bf:8c:98:2d:82:52:e1:c4:87:47:dc:c6:
e6:8b:f2:9a:0c:81:a0:ac:0c:3c:be:b3:29:ab:e1:
a0:00:69:0e:ec:50:df:44:f4:ae:5c:c5:de:a1:e1:
af:26:f5:87:74:bf:8a:0b:4f:a7:3b:7b:87:fc:79:
4c:d6:75:3d:db:dd:48:ff:2c:20:42:59:47:71:38:
a0:9e:c9:f9:72:c1:8f:a4:49:32:7c:e5:b5:30:af:
c5:1f:fb:61:2d:7c:b8:d1:72:6c:85:fc:9f:63:aa:
5b:4e:9b:99:e0:cc:34:cf:63:5c:97:3c:75:2b:92:
55:b7:e5:d1:74:1c:3a:e7:15:19:1d:41:f7:33:e2:
ae:02:33:ab:ca:7d:6d:ca:21:e2:8c:28:fd:db:0a:
e4:3a:0a:d2:2a:05:eb:d7:01:83:d4:3f:a9:07:a8:
70:a2:40:54:25:ca:2e:62:fd:9e:9d:12:ce:32:9c:
63:26:84:7e:cf:99:6b:17:8f:d3:13:3f:af:54:69:
18:56:0f:e9:fc:f4:58:fa:89:4f:43:58:41:e6:5b:
07:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:94:07:4B:95:EC:EE:FA:8E:5D:7D:B7:F3:F8:61:AC:C7:8F:B3:0D
X509v3 Authority Key Identifier:
keyid:92:BF:64:64:CE:6E:19:A4:DC:F8:A3:2B:27:A2:F1:CB:E1:55:10:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/epQHS5Xs7vqOXX238_hhrMePsw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.134.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:bd:f4:a7:c4:d0:99:0d:0c:f8:af:84:be:df:b3:6a:a1:da:
50:4f:07:bb:ec:a0:44:ee:be:57:d8:98:4d:7f:22:40:35:77:
ef:22:38:df:82:3f:6b:d0:f4:73:a2:87:64:db:02:57:8b:9e:
d9:aa:f2:35:17:53:67:b5:e1:00:51:be:91:a9:2c:5a:c7:da:
4f:46:f4:98:6e:ff:d0:82:42:2c:2e:0e:51:71:df:1e:9e:2e:
0b:f5:4f:08:20:a9:cf:8c:2f:15:1c:fe:15:ea:67:dc:d8:16:
6f:f8:58:47:a8:65:cd:29:83:83:38:8c:7c:76:8e:91:23:ad:
01:43:6f:86:73:00:38:2e:a4:3e:4e:f3:87:9b:95:e5:e2:f0:
ab:2f:73:1b:6b:73:93:0a:c2:5d:92:bb:ff:43:0f:ec:2a:8c:
72:e3:04:47:11:a9:9d:47:82:33:b8:51:e9:d5:1a:0e:a2:e2:
67:56:3a:47:a1:84:16:b5:01:ef:7e:4b:43:45:ea:79:b7:56:
3e:b7:88:34:4b:3a:b1:45:26:b5:d5:4e:49:77:bf:bf:0d:d1:
e2:e4:2f:ca:9c:3a:26:98:3e:92:c0:37:02:20:1a:2b:dc:38:
bb:2a:be:f8:f2:90:dd:96:f6:5e:d1:2f:2b:e2:8d:99:59:e3:
0e:8b:01:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJLtuM0mef8fuROu/U3mQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYmY2NDY0Y2U2ZTE5YTRkY2Y4YTMyYjI3YTJmMWNiZTE1
NTEwNTUwHhcNMjQwMTAxMDgyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTk0MDc0Yjk1ZWNlZWZhOGU1ZDdkYjdmM2Y4NjFhY2M3OGZiMzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk39QH+daNrcjCeIrk3QDN/DV8uON
d7fdjjgtdTAjoVhGqeZ/MzTfEutRNUBKRUO/jJgtglLhxIdH3Mbmi/KaDIGgrAw8
vrMpq+GgAGkO7FDfRPSuXMXeoeGvJvWHdL+KC0+nO3uH/HlM1nU9291I/ywgQllH
cTignsn5csGPpEkyfOW1MK/FH/thLXy40XJshfyfY6pbTpuZ4Mw0z2Nclzx1K5JV
t+XRdBw65xUZHUH3M+KuAjOryn1tyiHijCj92wrkOgrSKgXr1wGD1D+pB6hwokBU
JcouYv2enRLOMpxjJoR+z5lrF4/TEz+vVGkYVg/p/PRY+olPQ1hB5lsH+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHqUB0uV7O76jl19t/P4YazHj7MNMB8GA1UdIwQY
MBaAFJK/ZGTObhmk3PijKyei8cvhVRBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3I5a1pNNXVHYVRjLUtNcko2THh5LUZWRUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mMWQ2OTctYmM4ZS00ZjE0LThiMzct
YjUzZTMwZTE0MTJhLzEvZXBRSFM1WHM3dnFPWFgyMzhfaGhyTWVQc3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mMWQ2OTctYmM4ZS00ZjE0LThiMzctYjUzZTMwZTE0MTJh
LzEva3I5a1pNNXVHYVRjLUtNcko2THh5LUZWRUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABTiGMA0G
CSqGSIb3DQEBCwUAA4IBAQC5vfSnxNCZDQz4r4S+37NqodpQTwe77KBE7r5X2JhN
fyJANXfvIjjfgj9r0PRzoodk2wJXi57ZqvI1F1NnteEAUb6RqSxax9pPRvSYbv/Q
gkIsLg5Rcd8eni4L9U8IIKnPjC8VHP4V6mfc2BZv+FhHqGXNKYODOIx8do6RI60B
Q2+GcwA4LqQ+TvOHm5Xl4vCrL3Mba3OTCsJdkrv/Qw/sKoxy4wRHEamdR4IzuFHp
1RoOouJnVjpHoYQWtQHvfktDRep5t1Y+t4g0SzqxRSa11U5Jd7+/DdHi5C/KnDom
mD6SwDcCIBor3Di7Kr748pDdlvZe0S8r4o2ZWeMOiwG0
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:48:42 2025 by rpki-client