Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/d048f6-341c-4c64-b3d9-15d5deb228dd/1/OEvgidUKs7ZVJfLdiRUcXGLSpEs.roa
File: OEvgidUKs7ZVJfLdiRUcXGLSpEs.roa (raw, json)
Hash identifier: A5MAU4KPzydpsdlXuvSRIgfY9vHNarunWH6PdMDlcuw=
Subject key identifier: 38:4B:E0:89:D5:0A:B3:B6:55:25:F2:DD:89:15:1C:5C:62:D2:A4:4B
Certificate issuer: /CN=1904ce28eae682c97acd2d862fee2897c3b096fd
Certificate serial: 019560FB58E6543963BDA1315E40E5C2B9DB
Authority key identifier: 19:04:CE:28:EA:E6:82:C9:7A:CD:2D:86:2F:EE:28:97:C3:B0:96:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GQTOKOrmgsl6zS2GL-4ol8Owlv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/d048f6-341c-4c64-b3d9-15d5deb228dd/1/OEvgidUKs7ZVJfLdiRUcXGLSpEs.roa
Signing time: Tue 04 Mar 2025 11:47:19 +0000
ROA not before: Tue 04 Mar 2025 11:47:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44725
IP address blocks: 5.250.192.0/19 maxlen: 19
37.114.128.0/19 maxlen: 24
37.114.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 05:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:60:fb:58:e6:54:39:63:bd:a1:31:5e:40:e5:c2:b9:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1904ce28eae682c97acd2d862fee2897c3b096fd
Validity
Not Before: Mar 4 11:47:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=384be089d50ab3b65525f2dd89151c5c62d2a44b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2a:2c:ff:00:3d:f3:7f:69:0c:58:eb:80:f5:
c7:d1:71:54:c8:de:94:33:89:d7:44:c5:18:98:4d:
2c:31:7e:df:e8:e7:35:0f:5d:6f:ca:b3:d8:2c:e8:
e5:d9:2d:ff:4d:c1:27:08:5a:43:dd:a8:bf:14:3d:
33:70:a3:74:94:b0:03:25:ff:ec:14:29:d1:7e:85:
a2:00:62:d0:c3:84:38:60:25:38:ba:b3:8d:71:ba:
47:18:ea:9c:7b:3c:5f:5b:c2:2f:cc:42:e0:46:ff:
82:67:5d:d4:c3:36:7d:69:89:11:6e:3b:26:74:ee:
cf:42:6a:cc:c8:06:06:a0:59:4c:47:d5:26:eb:72:
1a:38:49:4a:c0:35:88:2d:84:22:02:68:25:f3:68:
b6:58:34:6a:c7:3d:65:73:d9:ba:cc:00:11:d8:f4:
87:4a:0c:32:07:66:99:5a:3f:e7:57:44:ba:2a:7e:
3b:26:6e:f9:87:a4:5b:c5:69:ce:81:31:fd:11:ea:
49:f1:98:aa:e4:cc:40:23:55:3f:98:a6:c5:df:11:
ee:4f:c9:89:d4:88:a3:95:47:5c:41:6d:a9:b3:e0:
15:79:ef:e9:49:bd:77:0c:be:b0:fa:e1:81:bd:be:
f2:4f:a9:78:7e:64:5a:e2:17:e6:0a:af:8f:d4:2d:
df:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:4B:E0:89:D5:0A:B3:B6:55:25:F2:DD:89:15:1C:5C:62:D2:A4:4B
X509v3 Authority Key Identifier:
keyid:19:04:CE:28:EA:E6:82:C9:7A:CD:2D:86:2F:EE:28:97:C3:B0:96:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GQTOKOrmgsl6zS2GL-4ol8Owlv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d048f6-341c-4c64-b3d9-15d5deb228dd/1/OEvgidUKs7ZVJfLdiRUcXGLSpEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d048f6-341c-4c64-b3d9-15d5deb228dd/1/GQTOKOrmgsl6zS2GL-4ol8Owlv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.192.0/19
37.114.128.0/19
Signature Algorithm: sha256WithRSAEncryption
8e:bb:1b:0c:85:e7:a8:3a:0f:80:3e:6e:03:f3:e3:c6:40:66:
6a:0a:f6:07:19:8f:02:27:e1:42:b6:d8:27:0f:93:dd:a9:f9:
8f:a1:db:48:27:49:d4:b7:cf:55:45:e3:72:dc:e9:45:51:cc:
e8:02:58:98:3e:9c:ca:21:8c:de:7e:f3:f6:3e:fa:f4:ff:33:
c0:2f:da:34:85:46:63:fa:d2:70:d3:66:7b:a4:cc:94:ad:c2:
62:06:c8:47:fe:04:f4:3e:5f:75:59:9d:eb:11:49:10:92:68:
9b:74:27:0f:7b:f0:1f:51:e6:8a:04:4f:b4:0f:f7:40:ff:8b:
06:ce:ea:df:58:0a:ef:9c:60:e9:3f:bd:01:64:da:24:2f:d3:
8a:bd:1f:33:bb:9c:d1:5c:74:b7:f6:e6:b7:de:e8:7e:0c:04:
d5:9a:40:3b:24:73:24:ae:2d:01:f3:64:8d:bb:fb:0e:36:6b:
c3:31:eb:60:bc:82:5e:0b:17:db:47:06:af:59:43:32:8e:0a:
32:e1:12:47:a7:db:dc:c1:06:66:ff:26:11:90:88:22:4e:d0:
47:dd:9b:e8:e1:10:b1:69:09:7b:02:4a:a1:fe:b4:f0:c3:8d:
2a:99:1c:10:31:62:86:5e:90:8e:02:83:7b:f6:d5:75:97:22:
f6:44:9a:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVg+1jmVDljvaExXkDlwrnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MDRjZTI4ZWFlNjgyYzk3YWNkMmQ4NjJmZWUyODk3YzNi
MDk2ZmQwHhcNMjUwMzA0MTE0NzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODRiZTA4OWQ1MGFiM2I2NTUyNWYyZGQ4OTE1MWM1YzYyZDJhNDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCos/wA9839pDFjrgPXH0XFUyN6U
M4nXRMUYmE0sMX7f6Oc1D11vyrPYLOjl2S3/TcEnCFpD3ai/FD0zcKN0lLADJf/s
FCnRfoWiAGLQw4Q4YCU4urONcbpHGOqcezxfW8IvzELgRv+CZ13UwzZ9aYkRbjsm
dO7PQmrMyAYGoFlMR9Um63IaOElKwDWILYQiAmgl82i2WDRqxz1lc9m6zAAR2PSH
SgwyB2aZWj/nV0S6Kn47Jm75h6RbxWnOgTH9EepJ8Ziq5MxAI1U/mKbF3xHuT8mJ
1IijlUdcQW2ps+AVee/pSb13DL6w+uGBvb7yT6l4fmRa4hfmCq+P1C3fiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDhL4InVCrO2VSXy3YkVHFxi0qRLMB8GA1UdIwQY
MBaAFBkEzijq5oLJes0thi/uKJfDsJb9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1FUT0tPcm1nc2w2elMyR0wtNG9sOE93bHYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9kMDQ4ZjYtMzQxYy00YzY0LWIzZDkt
MTVkNWRlYjIyOGRkLzEvT0V2Z2lkVUtzN1pWSmZMZGlSVWNYR0xTcEVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9kMDQ4ZjYtMzQxYy00YzY0LWIzZDktMTVkNWRlYjIyOGRk
LzEvR1FUT0tPcm1nc2w2elMyR0wtNG9sOE93bHYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFBfrAAwQF
JXKAMA0GCSqGSIb3DQEBCwUAA4IBAQCOuxsMheeoOg+APm4D8+PGQGZqCvYHGY8C
J+FCttgnD5PdqfmPodtIJ0nUt89VReNy3OlFUczoAliYPpzKIYzefvP2Pvr0/zPA
L9o0hUZj+tJw02Z7pMyUrcJiBshH/gT0Pl91WZ3rEUkQkmibdCcPe/AfUeaKBE+0
D/dA/4sGzurfWArvnGDpP70BZNokL9OKvR8zu5zRXHS39ua33uh+DATVmkA7JHMk
ri0B82SNu/sONmvDMetgvIJeCxfbRwavWUMyjgoy4RJHp9vcwQZm/yYRkIgiTtBH
3Zvo4RCxaQl7Akqh/rTww40qmRwQMWKGXpCOAoN79tV1lyL2RJpm
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:29:03 2025 by rpki-client