Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/352e3232362e3138362e302f32342d3234203d3e20383334.roa
File: 352e3232362e3138362e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 41H8XEqpFDC9Ond1YCQUS3NqmjgR2hFZW7vVNbRyXTM=
Subject key identifier: A5:58:4E:7A:97:52:A8:38:D0:CC:24:BD:9E:DE:9D:08:62:23:8B:AB
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 49EB71888D25A25F1B954BE96FB6B2E684F9C471
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/352e3232362e3138362e302f32342d3234203d3e20383334.roa
Signing time: Sat 25 Jan 2025 13:44:03 +0000
ROA not before: Sat 25 Jan 2025 13:39:03 +0000
ROA not after: Sat 24 Jan 2026 13:44:03 +0000
asID: 834
IP address blocks: 5.226.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 13:04:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:eb:71:88:8d:25:a2:5f:1b:95:4b:e9:6f:b6:b2:e6:84:f9:c4:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Jan 25 13:39:03 2025 GMT
Not After : Jan 24 13:44:03 2026 GMT
Subject: CN=A5584E7A9752A838D0CC24BD9EDE9D0862238BAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:75:f2:b7:99:fd:b6:8b:94:63:ca:c7:42:15:
23:4e:e7:cb:1a:c7:ac:46:1f:f9:d8:c0:bd:09:6f:
f9:56:e8:49:f8:4c:d5:d1:35:a8:90:d4:c0:ea:0c:
11:f7:05:6a:71:50:21:aa:af:c8:13:90:0b:af:92:
71:6f:57:67:2f:71:b4:f5:67:83:30:c8:33:eb:4c:
20:a3:a0:0a:08:dc:6f:43:ec:e6:32:4f:35:7a:8f:
59:20:df:e0:13:9a:3a:63:71:8f:d1:31:fc:3c:f5:
cd:3b:ad:a5:c3:cd:de:3c:43:3b:7a:5b:01:de:8c:
33:d4:ff:af:37:2b:11:dc:ff:be:a1:4a:5f:7d:42:
50:df:93:81:80:85:42:e1:87:bd:4c:f6:8f:dc:43:
00:9a:b9:00:f2:34:fb:b3:df:76:a2:55:65:08:36:
0f:a7:e9:6a:8a:07:20:f2:e3:40:1f:c4:06:f0:01:
c4:76:b8:ce:6a:45:d5:92:ee:22:92:49:31:df:e5:
a7:8e:ae:18:be:68:7b:94:5a:78:de:57:c1:92:67:
da:0f:c5:7f:05:d8:6f:2e:10:21:90:d9:ef:af:77:
8e:63:50:4e:f9:ab:d4:ee:13:cc:39:14:a6:e1:4a:
51:9b:86:fe:99:8f:82:6d:5a:2a:22:4b:9a:71:2d:
09:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:58:4E:7A:97:52:A8:38:D0:CC:24:BD:9E:DE:9D:08:62:23:8B:AB
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/352e3232362e3138362e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.186.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:f5:73:67:f3:8c:c9:4a:7d:da:f7:06:76:22:11:32:b7:bd:
1b:ae:e8:db:bf:74:e2:b0:b0:bb:c0:60:9d:04:18:8a:6b:3c:
f4:24:55:ae:65:4c:89:e5:4c:21:ea:95:63:15:3c:90:5d:71:
92:48:28:57:1c:75:a8:95:10:14:9a:4f:cb:75:72:8b:44:af:
28:e1:ad:bf:e7:50:18:ba:16:21:2f:9e:1e:1b:61:00:0c:fe:
70:9d:8e:dd:82:8c:e2:3d:51:a0:56:89:9e:be:42:79:ab:b0:
47:e5:5a:b7:7f:5d:27:59:87:52:94:3d:69:61:43:c6:8f:7d:
d1:ab:85:48:a9:70:11:26:9f:2b:90:bb:1a:76:db:a2:9f:7c:
78:a7:b7:86:1b:db:da:2f:37:3c:1a:79:a2:e8:28:0e:d0:d8:
51:f3:53:0f:17:f8:83:ac:77:d3:af:33:5f:a9:f1:97:8b:c9:
e8:f0:f5:d7:c2:75:ed:14:ef:03:63:94:dd:80:d0:00:98:a6:
5e:1e:45:ee:4d:b9:42:d2:de:48:cf:02:b7:fd:e7:72:8c:eb:
b5:c1:01:eb:57:18:20:d5:08:5a:2d:76:2c:40:35:4d:4f:b2:
41:7f:cb:4d:ba:89:49:6b:b7:fd:73:e3:c7:76:fb:23:46:60:
61:74:cf:4a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUSetxiI0lol8blUvpb7ay5oT5xHEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAxMjUxMzM5MDNaFw0yNjAxMjQxMzQ0MDNaMDMxMTAvBgNV
BAMTKEE1NTg0RTdBOTc1MkE4MzhEMENDMjRCRDlFREU5RDA4NjIyMzhCQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLdfK3mf22i5RjysdCFSNO58sa
x6xGH/nYwL0Jb/lW6En4TNXRNaiQ1MDqDBH3BWpxUCGqr8gTkAuvknFvV2cvcbT1
Z4MwyDPrTCCjoAoI3G9D7OYyTzV6j1kg3+ATmjpjcY/RMfw89c07raXDzd48Qzt6
WwHejDPU/683KxHc/76hSl99QlDfk4GAhULhh71M9o/cQwCauQDyNPuz33aiVWUI
Ng+n6WqKByDy40AfxAbwAcR2uM5qRdWS7iKSSTHf5aeOrhi+aHuUWnjeV8GSZ9oP
xX8F2G8uECGQ2e+vd45jUE75q9TuE8w5FKbhSlGbhv6Zj4JtWioiS5pxLQnJAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUpVhOepdSqDjQzCS9nt6dCGIji6swHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzUyZTMyMzIzNjJlMzEzODM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABeK6MA0G
CSqGSIb3DQEBCwUAA4IBAQAK9XNn84zJSn3a9wZ2IhEyt70brujbv3TisLC7wGCd
BBiKazz0JFWuZUyJ5Uwh6pVjFTyQXXGSSChXHHWolRAUmk/LdXKLRK8o4a2/51AY
uhYhL54eG2EADP5wnY7dgoziPVGgVomevkJ5q7BH5Vq3f10nWYdSlD1pYUPGj33R
q4VIqXARJp8rkLsadtuin3x4p7eGG9vaLzc8Gnmi6CgO0NhR81MPF/iDrHfTrzNf
qfGXi8no8PXXwnXtFO8DY5TdgNAAmKZeHkXuTblC0t5IzwK3/edyjOu1wQHrVxgg
1QhaLXYsQDVNT7JBf8tNuolJa7f9c+PHdvsjRmBhdM9K
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:04:02 2025 by rpki-client