Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/5QFawZ6_jLtB_2_H84au7INUr4o.roa
File: 5QFawZ6_jLtB_2_H84au7INUr4o.roa (raw, json)
Hash identifier: ihy9GZmXZ2gfbJJYHEI/sxvsu353a40CjXQ4w8zi3+U=
Subject key identifier: E5:01:5A:C1:9E:BF:8C:BB:41:FF:6F:C7:F3:86:AE:EC:83:54:AF:8A
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0190E9CF23FFC18488902502DC8A26C13DD8
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/5QFawZ6_jLtB_2_H84au7INUr4o.roa
Signing time: Thu 25 Jul 2024 12:13:04 +0000
ROA not before: Thu 25 Jul 2024 12:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61400
IP address blocks: 2a09:6281::/32 maxlen: 32
2a10:4102::/32 maxlen: 32
2a12:c300::/30 maxlen: 30
Validation: Failed, certificate revoked on Sat 24 Aug 2024 02:55:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e9:cf:23:ff:c1:84:88:90:25:02:dc:8a:26:c1:3d:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jul 25 12:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5015ac19ebf8cbb41ff6fc7f386aeec8354af8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:94:51:dd:fc:d2:96:20:99:71:5d:cf:5d:96:
f2:bb:a5:4e:12:e2:e6:36:f0:b6:fd:aa:72:28:cb:
c8:e1:62:ea:fe:5d:a6:f9:20:bd:9d:3d:e7:3b:29:
63:81:57:f0:64:9a:10:fd:5a:09:95:6e:0e:21:92:
8c:1d:96:4e:3d:40:64:02:ea:9d:5e:7c:ed:d5:70:
a4:49:a5:d2:4d:39:3c:71:99:98:27:5c:96:92:0e:
c2:fb:f8:ec:f3:bf:a8:fe:eb:ab:6c:85:0f:18:69:
6b:a0:a0:21:48:11:8e:70:d1:42:08:6c:c8:dd:7d:
c3:15:43:28:37:30:60:d4:aa:b9:0f:fd:02:5d:74:
1d:56:96:7a:51:3d:f8:a5:e3:5c:30:4f:e7:78:b2:
89:0b:e1:4b:fc:dd:4d:7e:58:5a:c6:71:f1:f6:2b:
f3:b4:a4:db:1f:57:4f:21:0f:bd:ef:dc:ab:d8:1b:
b3:08:8c:e1:f6:be:58:c4:73:83:26:92:54:7d:92:
b6:15:be:e6:3a:0a:c6:4f:a9:4e:ec:7c:c3:d9:da:
f0:56:a5:91:66:b3:e5:d7:31:72:c0:42:61:fa:90:
3c:39:d1:21:e0:5e:20:7c:4b:73:2c:bf:03:f1:c4:
20:93:b8:d2:e2:6a:f0:df:26:03:5f:5d:0b:44:1c:
7a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:01:5A:C1:9E:BF:8C:BB:41:FF:6F:C7:F3:86:AE:EC:83:54:AF:8A
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/5QFawZ6_jLtB_2_H84au7INUr4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6281::/32
2a10:4102::/32
2a12:c300::/30
Signature Algorithm: sha256WithRSAEncryption
69:69:41:30:3e:41:3e:16:9a:43:40:98:b1:6d:9d:6f:86:45:
db:a7:a1:a9:77:3f:36:3d:6b:be:36:77:b2:13:47:80:b4:c0:
0a:04:a5:aa:f5:c6:27:b3:db:ed:f0:f5:e6:e8:ce:04:92:b2:
9c:79:84:81:69:33:fa:6f:49:6b:f3:33:3e:b1:1c:89:cb:d0:
cc:c8:0d:87:21:8e:66:6a:10:75:16:e6:76:30:75:0d:69:27:
ea:76:85:f4:ed:5b:c6:a6:38:49:91:1f:ed:48:e1:77:14:79:
e9:73:cf:60:80:23:b1:a6:b8:f4:f8:fa:06:7f:7d:f3:5a:35:
27:c9:62:33:47:7e:95:7c:86:e7:82:68:11:34:68:19:e4:1b:
e3:ed:e9:0d:7b:eb:cc:2c:20:54:68:2f:0c:9f:38:49:36:75:
07:f4:85:6e:25:38:3e:a6:9d:ac:cb:e4:55:a3:bc:33:bf:e6:
bd:8c:81:29:5b:ea:65:4b:04:a6:dc:82:ea:a8:35:eb:90:e9:
ee:03:b2:a5:22:c8:82:7b:f6:e5:15:74:eb:56:45:43:c0:26:
4f:72:86:70:7c:ce:92:a7:0f:37:43:cc:a5:89:35:8f:31:02:
b6:cc:8a:b5:bd:dd:15:3f:5a:7a:c7:a1:ab:7c:cb:d8:5e:bf:
24:b0:59:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZDpzyP/wYSIkCUC3IomwT3YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNzI1MTIxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTAxNWFjMTllYmY4Y2JiNDFmZjZmYzdmMzg2YWVlYzgzNTRhZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZRR3fzSliCZcV3PXZbyu6VOEuLm
NvC2/apyKMvI4WLq/l2m+SC9nT3nOyljgVfwZJoQ/VoJlW4OIZKMHZZOPUBkAuqd
Xnzt1XCkSaXSTTk8cZmYJ1yWkg7C+/js87+o/uurbIUPGGlroKAhSBGOcNFCCGzI
3X3DFUMoNzBg1Kq5D/0CXXQdVpZ6UT34peNcME/neLKJC+FL/N1NflhaxnHx9ivz
tKTbH1dPIQ+979yr2BuzCIzh9r5YxHODJpJUfZK2Fb7mOgrGT6lO7HzD2drwVqWR
ZrPl1zFywEJh+pA8OdEh4F4gfEtzLL8D8cQgk7jS4mrw3yYDX10LRBx6nQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOUBWsGev4y7Qf9vx/OGruyDVK+KMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvNVFGYXdaNl9qTHRCXzJfSDg0YXU3SU5VcjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgligQMF
ACoQQQIDBQIqEsMAMA0GCSqGSIb3DQEBCwUAA4IBAQBpaUEwPkE+FppDQJixbZ1v
hkXbp6Gpdz82PWu+NneyE0eAtMAKBKWq9cYns9vt8PXm6M4EkrKceYSBaTP6b0lr
8zM+sRyJy9DMyA2HIY5mahB1FuZ2MHUNaSfqdoX07VvGpjhJkR/tSOF3FHnpc89g
gCOxprj0+PoGf33zWjUnyWIzR36VfIbngmgRNGgZ5Bvj7ekNe+vMLCBUaC8MnzhJ
NnUH9IVuJTg+pp2sy+RVo7wzv+a9jIEpW+plSwSm3ILqqDXrkOnuA7KlIsiCe/bl
FXTrVkVDwCZPcoZwfM6Spw83Q8yliTWPMQK2zIq1vd0VP1p6x6GrfMvYXr8ksFkE
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:15 2025 by rpki-client