Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/Ka8HgTFmGp-xqrR7KX9G3rgF7MY.roa
File: Ka8HgTFmGp-xqrR7KX9G3rgF7MY.roa (raw, json)
Hash identifier: 7OG0RIRpKFWSRJ47ksXKSY9Hz6N6uhjc1ZErycYwSHw=
Subject key identifier: 29:AF:07:81:31:66:1A:9F:B1:AA:B4:7B:29:7F:46:DE:B8:05:EC:C6
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 019487B8DC19D6611A95330AF36A084CF613
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/Ka8HgTFmGp-xqrR7KX9G3rgF7MY.roa
Signing time: Tue 21 Jan 2025 07:17:06 +0000
ROA not before: Tue 21 Jan 2025 07:17:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 213.220.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 15:20:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:87:b8:dc:19:d6:61:1a:95:33:0a:f3:6a:08:4c:f6:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jan 21 07:17:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29af078131661a9fb1aab47b297f46deb805ecc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ee:08:79:5a:bb:ec:a0:7f:ae:91:a3:2d:54:
b3:b2:ee:80:ce:00:7d:f0:bb:bd:e6:1e:4a:e2:29:
bb:0e:5e:38:35:2d:66:ef:96:8c:68:ec:e4:0c:c2:
7d:6b:48:24:2b:65:4b:3b:c0:ac:91:95:93:6b:0a:
da:ba:3d:e8:10:54:0b:7b:8d:b8:1e:56:09:6c:18:
34:9d:f6:5b:ea:f1:55:78:8f:1a:8f:3f:10:a1:0c:
92:de:68:52:1c:73:c0:ec:c1:ca:dc:98:5e:25:07:
24:76:ce:73:af:71:b9:72:7e:85:03:8f:3c:9d:e6:
b1:48:39:56:6d:f0:d8:8f:94:20:8e:7d:7c:72:af:
ab:7e:e4:80:26:40:89:e3:1a:0c:a5:47:70:a4:be:
48:bb:37:96:f5:f8:27:75:47:75:3e:f1:5e:51:21:
1b:b5:bf:88:c4:7a:99:3a:98:47:9f:ac:bb:3f:74:
df:1c:d8:cc:4b:e9:df:b3:ac:50:f7:cc:08:47:03:
63:7d:6b:ff:ef:35:0c:5b:df:e2:09:b7:50:f6:72:
69:e5:6b:7e:9d:cf:78:14:29:0c:99:0d:97:19:ab:
6c:1b:9d:75:15:fb:03:07:b8:b8:6f:4e:cf:ef:28:
58:8c:df:fd:34:c4:1f:48:3a:6d:32:fd:af:19:c2:
b5:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:AF:07:81:31:66:1A:9F:B1:AA:B4:7B:29:7F:46:DE:B8:05:EC:C6
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/Ka8HgTFmGp-xqrR7KX9G3rgF7MY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.220.5.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:11:40:f3:91:b1:6e:6a:e2:69:37:0f:f1:5e:8d:1d:40:c7:
bc:a8:aa:ec:64:29:cc:6d:de:fa:ed:09:67:b3:a8:63:9c:91:
fc:dc:51:b4:27:6c:a0:61:d1:9e:91:17:0a:cf:b5:5c:e3:ee:
de:a0:46:ae:3d:75:de:a7:fe:b5:40:11:3f:76:6d:1a:6f:dc:
f1:41:92:3b:18:87:11:bb:7c:4c:db:a3:6e:a3:ef:47:5e:9b:
bd:a0:a9:07:0a:9c:c0:32:c6:93:1b:47:9f:45:fe:f9:19:38:
70:49:13:1b:a7:fc:98:e6:1b:05:43:12:c7:84:69:36:d4:2e:
1f:68:96:cd:28:9a:0f:90:27:ee:ce:74:71:2f:68:ef:da:a7:
e6:3f:65:64:04:f3:99:55:a4:be:3c:48:40:2f:81:3b:7e:c6:
a2:84:aa:47:fa:48:3e:8a:17:80:5b:a0:cb:8d:37:34:5d:4f:
35:16:5c:f3:fb:0a:24:ad:d0:a3:94:43:d4:13:8f:56:2a:38:
0f:6a:10:f3:b9:b6:de:0a:93:70:24:8e:82:83:a3:51:51:12:
73:bc:7a:47:eb:76:6d:b6:a3:3c:bf:7d:b8:68:19:87:ce:0e:
fb:14:2a:92:58:21:48:a8:bd:2d:0d:fc:60:bc:bf:10:23:e0:
eb:cd:5e:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSHuNwZ1mEalTMK82oITPYTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwMTIxMDcxNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWFmMDc4MTMxNjYxYTlmYjFhYWI0N2IyOTdmNDZkZWI4MDVlY2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+4IeVq77KB/rpGjLVSzsu6AzgB9
8Lu95h5K4im7Dl44NS1m75aMaOzkDMJ9a0gkK2VLO8CskZWTawrauj3oEFQLe424
HlYJbBg0nfZb6vFVeI8ajz8QoQyS3mhSHHPA7MHK3JheJQckds5zr3G5cn6FA488
neaxSDlWbfDYj5Qgjn18cq+rfuSAJkCJ4xoMpUdwpL5IuzeW9fgndUd1PvFeUSEb
tb+IxHqZOphHn6y7P3TfHNjMS+nfs6xQ98wIRwNjfWv/7zUMW9/iCbdQ9nJp5Wt+
nc94FCkMmQ2XGatsG511FfsDB7i4b07P7yhYjN/9NMQfSDptMv2vGcK19QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCmvB4ExZhqfsaq0eyl/Rt64BezGMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvS2E4SGdURm1HcC14cXJSN0tYOUczcmdGN01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dwFMA0G
CSqGSIb3DQEBCwUAA4IBAQArEUDzkbFuauJpNw/xXo0dQMe8qKrsZCnMbd767Qln
s6hjnJH83FG0J2ygYdGekRcKz7Vc4+7eoEauPXXep/61QBE/dm0ab9zxQZI7GIcR
u3xM26Nuo+9HXpu9oKkHCpzAMsaTG0efRf75GThwSRMbp/yY5hsFQxLHhGk21C4f
aJbNKJoPkCfuznRxL2jv2qfmP2VkBPOZVaS+PEhAL4E7fsaihKpH+kg+iheAW6DL
jTc0XU81Flzz+wokrdCjlEPUE49WKjgPahDzubbeCpNwJI6Cg6NRURJzvHpH63Zt
tqM8v324aBmHzg77FCqSWCFIqL0tDfxgvL8QI+DrzV6T
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:21:20 2025 by rpki-client