Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/Gj8bWmKjDeXEVKANKmcXWjP943Q.roa
File: Gj8bWmKjDeXEVKANKmcXWjP943Q.roa (raw, json)
Hash identifier: 8k/qQ+1OIg92U1i3dn7jWYRqEni6mwXeSURXZN2oq18=
Subject key identifier: 1A:3F:1B:5A:62:A3:0D:E5:C4:54:A0:0D:2A:67:17:5A:33:FD:E3:74
Certificate issuer: /CN=3545a7200164912041bb931efb1feac123b43a18
Certificate serial: 018E3FC5B41A9A0B067102A513A150EAD462
Authority key identifier: 35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/Gj8bWmKjDeXEVKANKmcXWjP943Q.roa
Signing time: Fri 15 Mar 2024 01:41:44 +0000
ROA not before: Fri 15 Mar 2024 01:41:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34643
IP address blocks: 5.253.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 08:23:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3f:c5:b4:1a:9a:0b:06:71:02:a5:13:a1:50:ea:d4:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3545a7200164912041bb931efb1feac123b43a18
Validity
Not Before: Mar 15 01:41:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a3f1b5a62a30de5c454a00d2a67175a33fde374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:23:96:d2:31:b2:61:27:46:84:b3:ac:cf:b4:
c2:97:d2:aa:bc:05:59:21:d5:99:0d:24:3e:3d:7f:
a0:90:94:84:a9:cc:f7:cf:23:c9:a2:7c:d3:be:b2:
e7:7d:b3:77:e0:86:f8:8c:80:69:bf:3e:1e:4c:4e:
28:64:a9:e9:f0:b8:ce:2d:5c:27:04:d2:d4:fa:df:
1f:ae:04:f7:bc:c1:ea:f7:a8:bf:a0:45:79:17:45:
7b:88:06:d3:5d:8f:69:0d:30:ba:a6:75:29:5f:e7:
13:38:48:7d:76:0e:82:21:49:7f:e8:2c:41:d3:25:
f8:76:bb:10:18:bf:3c:2d:c9:46:6d:35:8a:df:47:
29:30:86:4e:de:2e:31:05:a4:0b:08:10:95:16:1a:
d2:5c:7b:e9:c2:fe:74:4d:73:19:dd:b0:91:fa:34:
af:c3:26:d0:d4:8a:17:f0:5f:0a:e4:d5:07:20:f6:
f1:55:04:71:79:f5:c3:05:75:cd:f7:c6:02:74:5f:
21:37:17:c7:2f:92:a3:ff:8c:18:fe:4b:c3:4e:48:
1a:0b:92:a7:a1:25:93:11:f0:81:da:f4:31:8d:81:
96:02:bd:30:64:05:13:2f:c4:85:b9:9a:ed:53:8a:
f5:00:3f:05:0d:dd:b7:56:d6:d4:05:0d:3d:4c:19:
2d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:3F:1B:5A:62:A3:0D:E5:C4:54:A0:0D:2A:67:17:5A:33:FD:E3:74
X509v3 Authority Key Identifier:
keyid:35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/Gj8bWmKjDeXEVKANKmcXWjP943Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.181.0/24
Signature Algorithm: sha256WithRSAEncryption
38:f8:a0:57:33:9c:81:ac:6f:21:a5:e1:f6:1b:47:48:0a:01:
c5:c2:21:66:87:70:ca:62:75:9f:5b:a3:e9:16:ec:1a:1f:c6:
70:7c:48:25:54:af:f2:1d:e5:1d:93:ad:36:ce:4a:94:09:c9:
93:6f:74:cc:83:17:d8:dc:37:0c:93:54:4d:64:85:99:6e:e1:
59:8c:29:a6:72:1c:b9:34:47:ae:c7:5c:da:1f:27:55:20:0f:
cc:8f:60:c8:32:2e:c0:9d:0b:1b:22:cd:8e:38:87:00:2b:36:
6f:ac:e2:84:09:13:55:8b:c2:6f:ee:d6:c9:fb:9b:bf:cc:5c:
d8:2d:23:6f:8a:35:03:05:73:5e:da:5e:40:0d:5f:c8:22:21:
ec:93:57:20:11:b2:63:66:25:2a:39:06:fa:17:73:4b:c5:75:
6b:15:9a:03:68:66:b7:8c:46:d6:ba:c3:d6:91:85:3b:73:1d:
94:fd:d9:9b:73:e6:c9:da:ff:57:2f:c4:10:0b:99:bf:a8:c0:
7a:14:c2:58:5c:e6:86:6d:c9:dc:2a:0d:5c:28:18:2a:ac:ed:
c7:c5:c9:18:81:f5:e3:ab:8b:a4:92:4c:c2:8c:61:0e:9f:98:
5c:71:d8:b4:9c:62:82:36:38:7f:25:89:4d:f1:44:6f:69:3e:
d2:1b:a9:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4/xbQamgsGcQKlE6FQ6tRiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDVhNzIwMDE2NDkxMjA0MWJiOTMxZWZiMWZlYWMxMjNi
NDNhMTgwHhcNMjQwMzE1MDE0MTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTNmMWI1YTYyYTMwZGU1YzQ1NGEwMGQyYTY3MTc1YTMzZmRlMzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCOW0jGyYSdGhLOsz7TCl9KqvAVZ
IdWZDSQ+PX+gkJSEqcz3zyPJonzTvrLnfbN34Ib4jIBpvz4eTE4oZKnp8LjOLVwn
BNLU+t8frgT3vMHq96i/oEV5F0V7iAbTXY9pDTC6pnUpX+cTOEh9dg6CIUl/6CxB
0yX4drsQGL88LclGbTWK30cpMIZO3i4xBaQLCBCVFhrSXHvpwv50TXMZ3bCR+jSv
wybQ1IoX8F8K5NUHIPbxVQRxefXDBXXN98YCdF8hNxfHL5Kj/4wY/kvDTkgaC5Kn
oSWTEfCB2vQxjYGWAr0wZAUTL8SFuZrtU4r1AD8FDd23VtbUBQ09TBktfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBo/G1piow3lxFSgDSpnF1oz/eN0MB8GA1UdIwQY
MBaAFDVFpyABZJEgQbuTHvsf6sEjtDoYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDkt
YWFiYjA2MmU0MGRiLzEvR2o4YldtS2pEZVhFVktBTkttY1hXalA5NDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDktYWFiYjA2MmU0MGRi
LzEvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABf21MA0G
CSqGSIb3DQEBCwUAA4IBAQA4+KBXM5yBrG8hpeH2G0dICgHFwiFmh3DKYnWfW6Pp
FuwaH8ZwfEglVK/yHeUdk602zkqUCcmTb3TMgxfY3DcMk1RNZIWZbuFZjCmmchy5
NEeux1zaHydVIA/Mj2DIMi7AnQsbIs2OOIcAKzZvrOKECRNVi8Jv7tbJ+5u/zFzY
LSNvijUDBXNe2l5ADV/IIiHsk1cgEbJjZiUqOQb6F3NLxXVrFZoDaGa3jEbWusPW
kYU7cx2U/dmbc+bJ2v9XL8QQC5m/qMB6FMJYXOaGbcncKg1cKBgqrO3HxckYgfXj
q4ukkkzCjGEOn5hccdi0nGKCNjh/JYlN8URvaT7SG6ld
-----END CERTIFICATE-----
Generated at Wed Apr 9 15:54:44 2025 by rpki-client