Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/ID-cxXI1xliZvDq_sxoVK8VYw3U.roa
File: ID-cxXI1xliZvDq_sxoVK8VYw3U.roa (raw, json)
Hash identifier: XAyC2yNkjEnH7mxu70T9k8MyL6pVrgOPGAfcqmRaSQA=
Subject key identifier: 20:3F:9C:C5:72:35:C6:58:99:BC:3A:BF:B3:1A:15:2B:C5:58:C3:75
Certificate issuer: /CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Certificate serial: 019427B5F1275E2E50E1EBA0FE6F2B1E5D95
Authority key identifier: 5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/ID-cxXI1xliZvDq_sxoVK8VYw3U.roa
Signing time: Thu 02 Jan 2025 15:50:22 +0000
ROA not before: Thu 02 Jan 2025 15:50:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 114.69.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Jan 2025 14:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:f1:27:5e:2e:50:e1:eb:a0:fe:6f:2b:1e:5d:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Validity
Not Before: Jan 2 15:50:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=203f9cc57235c65899bc3abfb31a152bc558c375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0a:7a:c1:5d:d7:6b:4c:de:e4:be:93:56:49:
b0:4a:f9:61:6e:13:47:04:b1:00:4b:85:d9:da:fa:
cb:3b:65:2f:e3:0b:20:a9:38:ef:d2:26:39:cf:a2:
e4:73:91:7c:9c:53:f1:a5:1d:1e:a5:8c:08:e9:c4:
11:78:61:62:6c:d3:6d:6a:d4:02:11:15:41:93:2a:
dc:07:ee:f5:f9:d1:8b:42:8e:da:17:24:d6:7d:25:
47:53:4f:36:a3:5a:21:f3:88:cc:b5:d0:c6:52:c6:
28:e2:bd:92:1f:da:36:53:6f:10:f2:d1:fb:d1:8e:
38:d7:a8:ce:23:15:40:83:b7:3a:7a:80:f6:b4:74:
7e:c6:54:ac:3f:0e:f9:89:d3:87:64:db:b7:d1:de:
d5:44:2e:fa:c6:e9:70:42:25:99:ee:97:7b:59:86:
10:5e:0c:f2:62:aa:bf:d6:eb:64:61:ab:89:54:2a:
6e:08:4f:7b:2f:85:86:71:96:6a:ea:47:d6:db:fe:
a8:61:b7:ce:c4:a7:ce:35:5b:ac:e8:ff:9d:ea:32:
d0:59:2b:7c:fb:d5:d4:d6:fd:da:a7:fb:d3:43:f7:
f0:44:a7:bd:cb:01:db:f7:e0:5c:ff:e0:46:ab:a2:
0b:f4:ac:59:b2:50:d9:31:67:33:82:59:9c:d1:22:
ea:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:3F:9C:C5:72:35:C6:58:99:BC:3A:BF:B3:1A:15:2B:C5:58:C3:75
X509v3 Authority Key Identifier:
keyid:5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/ID-cxXI1xliZvDq_sxoVK8VYw3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
114.69.245.0/24
Signature Algorithm: sha256WithRSAEncryption
45:5d:3d:c1:95:72:38:f4:44:c3:39:88:dc:cd:88:48:4b:ab:
4c:be:47:4e:ec:81:7d:32:22:0e:65:13:ca:a5:0a:dd:76:fc:
06:a8:6f:7d:72:32:ea:44:b1:3f:17:17:9e:c3:15:d3:97:85:
e7:6a:93:88:cd:1f:77:60:ef:b9:c0:a5:c4:88:7f:b2:e1:82:
26:94:63:60:0c:1a:54:f3:07:37:0d:c8:72:bb:e7:17:30:e7:
f7:1e:d8:7a:c9:a7:ae:4d:de:0b:a9:6e:86:3b:7b:9e:b6:23:
c7:09:cc:4b:30:b8:7e:9f:d7:90:a2:50:b3:94:e1:43:3e:18:
58:08:10:b9:ca:7a:9b:66:39:94:e1:96:f8:e4:5c:1b:53:39:
58:49:41:46:8c:bb:f9:bc:0a:1d:70:fe:ac:c0:89:e5:22:05:
2c:8f:1e:9b:86:1f:e2:58:89:d7:8f:c6:2f:f6:6c:c5:73:26:
99:e3:29:24:e3:76:6d:c3:bd:a1:6f:67:34:bf:be:95:4a:16:
bb:16:20:0e:e6:46:c8:06:00:71:af:53:42:f9:37:d1:56:6e:
04:99:86:9c:a3:d4:ac:10:3a:19:da:ac:e1:d7:f3:7b:c4:01:
c6:cb:2d:47:5f:fa:cc:83:25:d3:57:12:d2:67:eb:f1:da:e6:
92:d2:77:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntfEnXi5Q4eug/m8rHl2VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZmNmQyOTliY2RlYzczZDEzZjJkODQyZmMxZGY0YmMx
ZWUyZDMwHhcNMjUwMTAyMTU1MDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDNmOWNjNTcyMzVjNjU4OTliYzNhYmZiMzFhMTUyYmM1NThjMzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQp6wV3Xa0ze5L6TVkmwSvlhbhNH
BLEAS4XZ2vrLO2Uv4wsgqTjv0iY5z6Lkc5F8nFPxpR0epYwI6cQReGFibNNtatQC
ERVBkyrcB+71+dGLQo7aFyTWfSVHU082o1oh84jMtdDGUsYo4r2SH9o2U28Q8tH7
0Y4416jOIxVAg7c6eoD2tHR+xlSsPw75idOHZNu30d7VRC76xulwQiWZ7pd7WYYQ
XgzyYqq/1utkYauJVCpuCE97L4WGcZZq6kfW2/6oYbfOxKfONVus6P+d6jLQWSt8
+9XU1v3ap/vTQ/fwRKe9ywHb9+Bc/+BGq6IL9KxZslDZMWczglmc0SLqfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCA/nMVyNcZYmbw6v7MaFSvFWMN1MB8GA1UdIwQY
MBaAFF3W9tKZvN7HPRPy2EL8HfS8HuLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYt
NTFmNWZmODFjMTE3LzEvSUQtY3hYSTF4bGladkRxX3N4b1ZLOFZZdzNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYtNTFmNWZmODFjMTE3
LzEvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAckX1MA0G
CSqGSIb3DQEBCwUAA4IBAQBFXT3BlXI49ETDOYjczYhIS6tMvkdO7IF9MiIOZRPK
pQrddvwGqG99cjLqRLE/FxeewxXTl4XnapOIzR93YO+5wKXEiH+y4YImlGNgDBpU
8wc3Dchyu+cXMOf3Hth6yaeuTd4LqW6GO3uetiPHCcxLMLh+n9eQolCzlOFDPhhY
CBC5ynqbZjmU4Zb45FwbUzlYSUFGjLv5vAodcP6swInlIgUsjx6bhh/iWInXj8Yv
9mzFcyaZ4ykk43Ztw72hb2c0v76VSha7FiAO5kbIBgBxr1NC+TfRVm4EmYaco9Ss
EDoZ2qzh1/N7xAHGyy1HX/rMgyXTVxLSZ+vx2uaS0nfL
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:53:32 2025 by rpki-client