Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/k4J4ruSomg6STfUqHhaesFx56RM.roa
File: k4J4ruSomg6STfUqHhaesFx56RM.roa (raw, json)
Hash identifier: BXphEdu4fzU3H1BMJAWcWGaP2jGmyS8etp1LEShGNbE=
Subject key identifier: 93:82:78:AE:E4:A8:9A:0E:92:4D:F5:2A:1E:16:9E:B0:5C:79:E9:13
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 019420682EE4836D137B86F723F3F1010B69
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/k4J4ruSomg6STfUqHhaesFx56RM.roa
Signing time: Wed 01 Jan 2025 05:48:06 +0000
ROA not before: Wed 01 Jan 2025 05:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 152.89.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Mar 2025 11:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:2e:e4:83:6d:13:7b:86:f7:23:f3:f1:01:0b:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jan 1 05:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=938278aee4a89a0e924df52a1e169eb05c79e913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d7:5c:df:5e:b0:8e:7a:f2:4e:d7:29:03:23:
6d:58:c0:3d:67:09:9f:a4:c9:43:af:4f:ed:93:05:
58:ec:c3:41:59:a4:b8:93:f9:20:36:83:ba:08:a2:
92:96:b2:a6:f8:aa:32:33:c7:24:e5:8a:10:d5:1e:
3e:b9:14:41:fe:b0:21:78:16:25:42:57:f4:4b:a1:
9d:9d:50:b1:76:91:89:f7:f8:20:fa:d3:bc:47:6c:
41:ac:0e:c2:f5:58:7f:96:d7:0c:48:cf:31:b7:96:
85:f9:f8:e7:17:4f:55:da:93:96:f5:bb:60:be:d1:
a9:e4:3f:9c:09:6d:b7:9c:b6:cf:c1:60:41:05:b7:
3e:6a:88:02:12:5e:b2:8b:a0:ee:35:b8:50:5e:db:
88:d5:1d:1d:29:7f:3b:18:47:c0:18:c5:66:00:c2:
63:e8:6a:10:f9:39:88:d4:c6:8c:3b:fb:9c:05:53:
6c:c1:c1:d2:df:5c:fe:64:37:c9:ab:99:38:e2:ef:
45:e1:be:e7:46:40:43:42:0e:cc:cd:b5:ce:2d:cc:
7c:74:aa:dc:23:b5:6c:12:4f:81:89:a3:a6:03:16:
48:f4:a4:5a:e3:5a:4f:02:cb:22:a2:29:56:39:e5:
e2:a7:f0:06:a6:0f:c4:0c:41:fc:91:92:57:35:a3:
1a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:82:78:AE:E4:A8:9A:0E:92:4D:F5:2A:1E:16:9E:B0:5C:79:E9:13
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/k4J4ruSomg6STfUqHhaesFx56RM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.193.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:b6:3b:ea:e5:6c:1c:29:9b:2e:6a:0b:2f:ba:27:84:e3:5d:
49:82:b5:4b:2a:72:d1:d2:53:c9:df:6c:d7:56:e7:b6:c4:46:
d0:ec:9c:d9:33:26:dd:49:7d:49:ed:37:65:47:82:3e:7f:bc:
a2:0d:93:bb:05:3a:8e:d9:9e:91:de:53:4b:5d:7e:74:ec:01:
61:38:31:f9:92:5a:bb:8b:82:3a:25:39:0e:30:87:f4:5a:9c:
26:c1:9b:fa:e6:b7:5b:50:06:06:5f:e2:0c:55:5c:15:9f:9a:
1e:47:51:90:61:ff:89:40:d9:a9:bc:86:c5:1d:02:b5:8f:62:
34:48:7d:98:c5:b0:0c:10:eb:4d:55:b8:2c:d4:3d:d1:cd:d9:
8e:4a:87:e6:06:e3:fd:b0:0a:4f:f4:19:48:bc:b0:c2:84:4c:
f4:26:c6:37:6f:c7:3d:26:af:8e:3a:9f:7d:4c:5a:45:11:f9:
03:50:70:da:5f:fe:87:22:a0:3c:a1:a3:f9:60:c2:51:23:11:
08:02:13:a6:4b:c5:5f:49:2f:ba:32:6d:e9:bf:60:38:5c:58:
50:8a:7d:b6:31:ab:fa:36:17:8f:7c:1c:e6:cc:0d:cc:ff:13:
31:fa:fe:d7:66:75:7d:ed:3f:67:b3:ef:90:eb:d3:6c:ba:71:
7a:b3:58:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaC7kg20Te4b3I/PxAQtpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjUwMTAxMDU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzgyNzhhZWU0YTg5YTBlOTI0ZGY1MmExZTE2OWViMDVjNzllOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9dc316wjnryTtcpAyNtWMA9Zwmf
pMlDr0/tkwVY7MNBWaS4k/kgNoO6CKKSlrKm+KoyM8ck5YoQ1R4+uRRB/rAheBYl
Qlf0S6GdnVCxdpGJ9/gg+tO8R2xBrA7C9Vh/ltcMSM8xt5aF+fjnF09V2pOW9btg
vtGp5D+cCW23nLbPwWBBBbc+aogCEl6yi6DuNbhQXtuI1R0dKX87GEfAGMVmAMJj
6GoQ+TmI1MaMO/ucBVNswcHS31z+ZDfJq5k44u9F4b7nRkBDQg7MzbXOLcx8dKrc
I7VsEk+BiaOmAxZI9KRa41pPAssioilWOeXip/AGpg/EDEH8kZJXNaMaewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJOCeK7kqJoOkk31Kh4WnrBceekTMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvazRKNHJ1U29tZzZTVGZVcUhoYWVzRng1NlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnBMA0G
CSqGSIb3DQEBCwUAA4IBAQC6tjvq5WwcKZsuagsvuieE411JgrVLKnLR0lPJ32zX
Vue2xEbQ7JzZMybdSX1J7TdlR4I+f7yiDZO7BTqO2Z6R3lNLXX507AFhODH5klq7
i4I6JTkOMIf0WpwmwZv65rdbUAYGX+IMVVwVn5oeR1GQYf+JQNmpvIbFHQK1j2I0
SH2YxbAMEOtNVbgs1D3RzdmOSofmBuP9sApP9BlIvLDChEz0JsY3b8c9Jq+OOp99
TFpFEfkDUHDaX/6HIqA8oaP5YMJRIxEIAhOmS8VfSS+6Mm3pv2A4XFhQin22Mav6
NhePfBzmzA3M/xMx+v7XZnV97T9ns++Q69NsunF6s1hb
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:13:46 2025 by rpki-client