Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/dkTJsZfAVEdzIe_qNplwcSI0f70.roa
File: dkTJsZfAVEdzIe_qNplwcSI0f70.roa (raw, json)
Hash identifier: PbMyBl1jzfLy2yCKHSWAcVvXdeV5r8jicJKBJLAo/bQ=
Subject key identifier: 76:44:C9:B1:97:C0:54:47:73:21:EF:EA:36:99:70:71:22:34:7F:BD
Certificate issuer: /CN=af392f28dec6b8cceb7cd70e7af71d8cdcaa9a06
Certificate serial: 0190CA6CFDDD04C2A4465780E48E59429F34
Authority key identifier: AF:39:2F:28:DE:C6:B8:CC:EB:7C:D7:0E:7A:F7:1D:8C:DC:AA:9A:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rzkvKN7GuMzrfNcOevcdjNyqmgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/dkTJsZfAVEdzIe_qNplwcSI0f70.roa
Signing time: Fri 19 Jul 2024 09:57:38 +0000
ROA not before: Fri 19 Jul 2024 09:57:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196646
IP address blocks: 5.11.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ca:6c:fd:dd:04:c2:a4:46:57:80:e4:8e:59:42:9f:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af392f28dec6b8cceb7cd70e7af71d8cdcaa9a06
Validity
Not Before: Jul 19 09:57:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7644c9b197c054477321efea3699707122347fbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f6:ae:a5:87:3f:92:42:d9:1f:ee:f0:9d:13:
8c:68:e7:f4:6b:68:ca:c5:45:22:20:ce:88:a5:9e:
a8:c7:51:5e:8a:b8:b2:d9:1b:c9:59:4c:79:62:b9:
4c:98:07:89:1d:43:af:96:15:69:fd:e4:fa:e2:9f:
f7:b2:87:72:6b:50:c6:65:ef:62:ed:bf:d6:d0:a0:
cf:1f:8f:16:7f:24:bc:21:ca:ce:a0:b3:1b:84:bb:
af:23:5f:e4:81:a4:67:cd:30:a7:47:86:22:fa:7b:
60:a3:cc:00:2b:78:78:98:cf:6d:4a:4f:78:b4:42:
57:ea:fe:c9:7c:a5:51:dc:99:f6:a6:43:5f:81:9c:
3b:a8:5e:b8:51:7f:7e:28:e7:51:b2:9f:6e:2d:b9:
ce:20:39:d8:81:45:f0:a2:0c:24:25:9a:e3:5d:3d:
ff:4d:55:fa:44:ab:6f:33:ee:d4:20:3d:cd:5f:e8:
e3:11:2a:e2:e2:8c:c4:39:a9:d2:ba:6e:0b:fb:34:
1e:1d:c6:f5:f3:49:70:27:fd:cd:8a:5e:29:83:5d:
3a:bb:f4:3a:0a:e6:d7:51:4c:cd:fb:5e:67:88:81:
9c:2d:1b:0c:df:ea:5c:7a:9a:f6:3e:f8:8b:eb:c1:
22:70:5d:42:d1:d3:c5:9f:ab:5d:e4:45:87:2c:a5:
b1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:44:C9:B1:97:C0:54:47:73:21:EF:EA:36:99:70:71:22:34:7F:BD
X509v3 Authority Key Identifier:
keyid:AF:39:2F:28:DE:C6:B8:CC:EB:7C:D7:0E:7A:F7:1D:8C:DC:AA:9A:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rzkvKN7GuMzrfNcOevcdjNyqmgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/dkTJsZfAVEdzIe_qNplwcSI0f70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/rzkvKN7GuMzrfNcOevcdjNyqmgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.88.0/21
Signature Algorithm: sha256WithRSAEncryption
a2:6c:45:7c:1f:df:d0:b9:1d:71:f5:24:02:7a:89:7d:2e:26:
d0:95:90:8a:53:01:8a:0b:26:85:46:48:be:f9:20:aa:ae:4f:
28:f5:49:ad:75:a4:bf:c9:1d:c4:47:fb:97:0e:3c:d7:b4:ce:
78:b0:25:93:1d:11:ce:5a:99:b5:1b:68:09:b4:10:3a:1b:46:
a9:fe:8e:02:0c:12:19:bf:47:49:4c:27:d8:59:0d:82:d5:bb:
8d:c5:81:0b:2a:a6:85:85:f1:d6:56:fe:7c:a0:37:8e:4b:bd:
ea:93:36:8d:bd:3f:75:8c:5c:82:94:7b:0b:50:23:2a:28:40:
60:62:d5:60:a3:f1:d9:0e:f0:c9:fd:15:c4:0a:e8:9d:da:f2:
57:69:f2:e5:9c:c0:d2:d3:ff:c8:ad:de:80:00:8c:70:b7:d6:
73:c3:46:cf:a2:92:54:e6:fe:64:3b:17:81:f9:59:43:81:13:
25:79:3d:f5:93:c2:5e:00:00:c4:8c:ab:14:a3:8d:59:de:e8:
a4:89:3e:bb:67:24:a6:03:c7:d6:de:97:9f:13:33:f9:26:56:
0f:95:04:7b:8e:da:b9:e8:2d:8b:e6:f4:6f:c3:5c:73:75:c1:
5b:68:1e:e8:5a:d2:f9:08:2c:d9:3c:33:1b:cc:0f:24:87:e3:
ec:b1:bd:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDKbP3dBMKkRleA5I5ZQp80MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMzkyZjI4ZGVjNmI4Y2NlYjdjZDcwZTdhZjcxZDhjZGNh
YTlhMDYwHhcNMjQwNzE5MDk1NzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjQ0YzliMTk3YzA1NDQ3NzMyMWVmZWEzNjk5NzA3MTIyMzQ3ZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vaupYc/kkLZH+7wnROMaOf0a2jK
xUUiIM6IpZ6ox1Feiriy2RvJWUx5YrlMmAeJHUOvlhVp/eT64p/3sodya1DGZe9i
7b/W0KDPH48WfyS8IcrOoLMbhLuvI1/kgaRnzTCnR4Yi+ntgo8wAK3h4mM9tSk94
tEJX6v7JfKVR3Jn2pkNfgZw7qF64UX9+KOdRsp9uLbnOIDnYgUXwogwkJZrjXT3/
TVX6RKtvM+7UID3NX+jjESri4ozEOanSum4L+zQeHcb180lwJ/3Nil4pg106u/Q6
CubXUUzN+15niIGcLRsM3+pcepr2PviL68EicF1C0dPFn6td5EWHLKWxvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZEybGXwFRHcyHv6jaZcHEiNH+9MB8GA1UdIwQY
MBaAFK85LyjexrjM63zXDnr3HYzcqpoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnprdktON0d1TXpyZk5jT2V2Y2RqTnlxbWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8yZjM2ZDQtNzJlMS00MDQ2LWI3M2Yt
YWI5ZWFkYjFkNzk3LzEvZGtUSnNaZkFWRWR6SWVfcU5wbHdjU0kwZjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8yZjM2ZDQtNzJlMS00MDQ2LWI3M2YtYWI5ZWFkYjFkNzk3
LzEvcnprdktON0d1TXpyZk5jT2V2Y2RqTnlxbWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBQtYMA0G
CSqGSIb3DQEBCwUAA4IBAQCibEV8H9/QuR1x9SQCeol9LibQlZCKUwGKCyaFRki+
+SCqrk8o9UmtdaS/yR3ER/uXDjzXtM54sCWTHRHOWpm1G2gJtBA6G0ap/o4CDBIZ
v0dJTCfYWQ2C1buNxYELKqaFhfHWVv58oDeOS73qkzaNvT91jFyClHsLUCMqKEBg
YtVgo/HZDvDJ/RXECuid2vJXafLlnMDS0//Ird6AAIxwt9Zzw0bPopJU5v5kOxeB
+VlDgRMleT31k8JeAADEjKsUo41Z3uikiT67ZySmA8fW3pefEzP5JlYPlQR7jtq5
6C2L5vRvw1xzdcFbaB7oWtL5CCzZPDMbzA8kh+Pssb2n
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:43:40 2025 by rpki-client