Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/tU5JqvhACaujZORPTw3ijCvf3s4.roa
File: tU5JqvhACaujZORPTw3ijCvf3s4.roa (raw, json)
Hash identifier: WJRi40gr5oGWC1rFk+NtOTNUSC40ZvvXOq77X467SBE=
Subject key identifier: B5:4E:49:AA:F8:40:09:AB:A3:64:E4:4F:4F:0D:E2:8C:2B:DF:DE:CE
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 0193AC116AA853A53BB3BBF4AD5F9D0E12FC
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/tU5JqvhACaujZORPTw3ijCvf3s4.roa
Signing time: Mon 09 Dec 2024 15:37:22 +0000
ROA not before: Mon 09 Dec 2024 15:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 152.89.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ac:11:6a:a8:53:a5:3b:b3:bb:f4:ad:5f:9d:0e:12:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Dec 9 15:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b54e49aaf84009aba364e44f4f0de28c2bdfdece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c5:8d:cb:22:5a:68:c3:a9:97:92:1a:17:1f:
91:ac:f3:cd:6f:cf:f6:f6:86:49:b7:92:da:69:b8:
b6:0a:7f:c2:27:1d:05:5f:51:a5:3b:53:d5:ea:4b:
e7:5c:ed:46:0c:9f:03:93:10:6e:3d:4f:92:dc:fa:
8e:65:32:e0:74:82:72:cf:40:4f:8b:51:ed:85:9f:
bc:cb:9c:08:cd:ed:ba:18:e4:05:4e:79:61:62:ed:
02:3a:ad:86:f3:98:10:23:58:9b:f7:9e:ad:46:bb:
66:d3:2a:46:8d:eb:f2:fc:15:b0:f4:91:a2:0d:85:
0b:b4:88:c8:6f:45:4f:6c:67:bf:2a:73:a5:53:c4:
78:54:af:af:0e:ae:24:5a:47:bb:ea:7b:53:5d:7e:
3e:05:8f:6b:03:07:43:08:53:bf:c9:1c:10:30:51:
11:10:8b:e8:c8:c8:10:cf:7f:5f:22:d5:83:76:26:
7a:97:58:24:7a:85:84:ba:3c:12:6a:1e:da:a6:49:
d0:2e:99:d7:03:e8:86:b7:97:42:5f:67:0a:51:de:
89:17:90:4c:bd:d9:c3:5b:4a:ac:b6:ab:b0:e4:94:
db:a3:48:47:90:9b:4d:50:27:fe:a9:1d:6d:62:28:
51:89:31:64:35:cf:90:0e:a9:f7:d4:31:e0:7d:70:
2c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:4E:49:AA:F8:40:09:AB:A3:64:E4:4F:4F:0D:E2:8C:2B:DF:DE:CE
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/tU5JqvhACaujZORPTw3ijCvf3s4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.193.0/24
Signature Algorithm: sha256WithRSAEncryption
05:8b:ad:a4:0c:d2:70:99:3c:a5:5f:42:42:29:e9:6f:f6:6f:
86:d7:23:34:53:92:45:fd:87:56:fb:06:f9:1c:e1:fa:7b:ff:
54:ea:d3:08:e3:e1:43:a2:1d:6c:aa:6d:fa:b1:20:9e:be:d9:
8e:ae:6e:64:5d:ca:16:d3:1c:67:8a:8e:85:89:fd:3b:e2:55:
4f:04:f8:cd:5d:ba:39:62:5b:8d:ca:ef:19:83:7f:71:f4:fd:
67:17:4a:79:cc:30:d7:23:4d:1c:2d:28:04:09:00:93:17:bc:
84:b1:11:0c:9d:2d:83:96:dd:de:c8:2e:df:35:75:ba:59:42:
74:e3:22:54:e0:e2:b2:ca:e5:c7:44:06:72:97:d2:25:ed:8d:
64:d2:f4:ca:63:93:f5:b5:5a:a0:9b:b9:41:89:1c:14:05:c6:
b5:69:bd:2b:24:82:36:45:24:d8:6b:de:f2:52:2b:56:f6:47:
ed:5d:55:f7:dd:6e:58:77:ff:39:49:bf:96:85:05:4f:f7:2a:
73:03:7d:ae:eb:fa:19:98:78:45:0d:27:bf:f7:9f:1e:7d:44:
3c:4f:cf:df:7d:90:9d:f1:ae:0a:05:09:00:2b:b8:da:dd:18:
a2:fd:4a:e8:e4:25:91:5b:87:32:24:6b:5a:09:e4:da:34:08:
ec:2b:5f:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOsEWqoU6U7s7v0rV+dDhL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjQxMjA5MTUzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTRlNDlhYWY4NDAwOWFiYTM2NGU0NGY0ZjBkZTI4YzJiZGZkZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMWNyyJaaMOpl5IaFx+RrPPNb8/2
9oZJt5Laabi2Cn/CJx0FX1GlO1PV6kvnXO1GDJ8DkxBuPU+S3PqOZTLgdIJyz0BP
i1HthZ+8y5wIze26GOQFTnlhYu0COq2G85gQI1ib956tRrtm0ypGjevy/BWw9JGi
DYULtIjIb0VPbGe/KnOlU8R4VK+vDq4kWke76ntTXX4+BY9rAwdDCFO/yRwQMFER
EIvoyMgQz39fItWDdiZ6l1gkeoWEujwSah7apknQLpnXA+iGt5dCX2cKUd6JF5BM
vdnDW0qstquw5JTbo0hHkJtNUCf+qR1tYihRiTFkNc+QDqn31DHgfXAshQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLVOSar4QAmro2TkT08N4owr397OMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvdFU1SnF2aEFDYXVqWk9SUFR3M2lqQ3ZmM3M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnBMA0G
CSqGSIb3DQEBCwUAA4IBAQAFi62kDNJwmTylX0JCKelv9m+G1yM0U5JF/YdW+wb5
HOH6e/9U6tMI4+FDoh1sqm36sSCevtmOrm5kXcoW0xxnio6Fif074lVPBPjNXbo5
YluNyu8Zg39x9P1nF0p5zDDXI00cLSgECQCTF7yEsREMnS2Dlt3eyC7fNXW6WUJ0
4yJU4OKyyuXHRAZyl9Il7Y1k0vTKY5P1tVqgm7lBiRwUBca1ab0rJII2RSTYa97y
UitW9kftXVX33W5Yd/85Sb+WhQVP9ypzA32u6/oZmHhFDSe/958efUQ8T8/ffZCd
8a4KBQkAK7ja3Rii/Uro5CWRW4cyJGtaCeTaNAjsK19c
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:42:10 2025 by rpki-client