Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/3pC5RWVxm5qq766KZGlyO9X-caI.roa
File: 3pC5RWVxm5qq766KZGlyO9X-caI.roa (raw, json)
Hash identifier: 1sA9pmEK1Whq/s0EN3i1CYcif1SokbNolVa875mOcbo=
Subject key identifier: DE:90:B9:45:65:71:9B:9A:AA:EF:AE:8A:64:69:72:3B:D5:FE:71:A2
Certificate issuer: /CN=edfffb3c661e2f78a5785be95916044b06af51d2
Certificate serial: 0196193602B7010590F17CBACD5A10D4E00A
Authority key identifier: ED:FF:FB:3C:66:1E:2F:78:A5:78:5B:E9:59:16:04:4B:06:AF:51:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7f_7PGYeL3ileFvpWRYESwavUdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/3pC5RWVxm5qq766KZGlyO9X-caI.roa
Signing time: Wed 09 Apr 2025 06:21:31 +0000
ROA not before: Wed 09 Apr 2025 06:21:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57087
IP address blocks: 5.182.130.0/24 maxlen: 24
5.182.131.0/24 maxlen: 24
193.163.42.0/23 maxlen: 23
193.163.42.0/24 maxlen: 24
193.163.43.0/24 maxlen: 24
193.163.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Apr 2025 07:02:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:19:36:02:b7:01:05:90:f1:7c:ba:cd:5a:10:d4:e0:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edfffb3c661e2f78a5785be95916044b06af51d2
Validity
Not Before: Apr 9 06:21:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de90b94565719b9aaaefae8a6469723bd5fe71a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a0:e7:47:4c:aa:1e:ad:6f:a1:47:b3:16:bb:
12:ae:94:c6:cd:63:3f:e0:12:1f:ac:9d:60:6c:fc:
9b:35:c1:9c:d7:e8:8e:ef:54:17:6c:e6:fe:f0:6d:
ce:d0:45:3c:f0:d9:6b:69:75:89:52:0e:82:ac:e6:
68:fe:c1:74:31:e2:8f:6f:35:8e:95:42:1d:3a:f1:
ab:03:0f:e1:42:38:6f:07:65:f5:01:ba:35:95:db:
f0:3c:09:5d:7e:d4:d8:89:dc:80:5d:49:31:0b:3e:
47:3e:01:e8:fd:31:f3:42:22:01:cd:2a:e8:a3:0d:
27:1c:db:97:2b:f8:b1:42:41:db:b5:89:0f:ac:ab:
fc:05:df:5a:8e:bc:f7:fa:82:9c:b9:a5:3c:c3:65:
9e:bf:46:9c:d9:af:01:e3:59:e6:29:44:f8:37:cf:
44:86:a9:2b:d4:34:fc:7c:47:ed:11:8c:1f:f7:d7:
06:12:04:5e:6c:9c:28:f7:07:2d:b5:10:24:0d:57:
43:da:64:ec:8b:05:cd:27:52:f4:6b:5a:7e:ae:94:
62:4f:a6:33:ce:9f:3a:84:21:96:84:3f:af:00:87:
54:2c:a6:f9:8d:ac:2b:22:55:bb:54:67:66:00:63:
0e:bd:64:c0:f2:14:29:26:e1:74:dd:1a:c7:e8:cf:
76:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:90:B9:45:65:71:9B:9A:AA:EF:AE:8A:64:69:72:3B:D5:FE:71:A2
X509v3 Authority Key Identifier:
keyid:ED:FF:FB:3C:66:1E:2F:78:A5:78:5B:E9:59:16:04:4B:06:AF:51:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f_7PGYeL3ileFvpWRYESwavUdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/3pC5RWVxm5qq766KZGlyO9X-caI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/7f_7PGYeL3ileFvpWRYESwavUdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.130.0/23
193.163.42.0-193.163.44.255
Signature Algorithm: sha256WithRSAEncryption
20:5b:51:5a:c1:23:d9:d4:2b:50:9e:9a:d1:f2:75:5c:ff:d8:
0b:ab:1b:a6:87:6c:bc:db:a9:44:f0:1c:4c:15:b0:c3:23:a1:
4b:ad:4b:dc:d4:d0:9b:92:3a:82:39:f2:2c:11:cb:31:66:08:
35:1e:d5:88:76:57:77:05:1a:13:bb:22:c6:99:fb:67:91:b7:
a4:2f:b5:47:b1:d0:d8:00:91:cf:de:f9:23:70:39:43:5e:56:
4f:96:11:6d:ee:64:90:ea:1b:31:4c:1c:fd:70:f4:8f:ed:13:
de:00:e2:ef:54:e0:fd:a4:61:69:4f:6a:84:39:d9:98:0b:9c:
71:7c:9e:9a:ee:94:8e:13:ce:79:da:4c:6f:38:51:ac:0c:37:
ff:3d:22:71:17:4a:ce:47:45:3e:91:69:04:4a:86:72:f7:00:
ae:9c:87:98:15:15:db:4f:cc:fa:de:6b:34:9b:0c:db:c8:96:
fc:11:2c:74:80:c6:c8:82:2b:59:e5:d1:d3:fb:5d:f6:ec:0e:
81:e9:e2:5c:5f:4d:13:aa:79:86:89:80:a7:ad:19:f2:79:56:
41:63:8a:98:c8:77:ce:4f:7f:cd:ed:b7:01:1d:7c:94:e0:df:
6b:f4:32:7d:1f:3f:d1:53:1c:cc:4c:11:46:ac:7f:3d:04:f3:
b1:24:b7:7e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZYZNgK3AQWQ8Xy6zVoQ1OAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZmZmYjNjNjYxZTJmNzhhNTc4NWJlOTU5MTYwNDRiMDZh
ZjUxZDIwHhcNMjUwNDA5MDYyMTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTkwYjk0NTY1NzE5YjlhYWFlZmFlOGE2NDY5NzIzYmQ1ZmU3MWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqDnR0yqHq1voUezFrsSrpTGzWM/
4BIfrJ1gbPybNcGc1+iO71QXbOb+8G3O0EU88NlraXWJUg6CrOZo/sF0MeKPbzWO
lUIdOvGrAw/hQjhvB2X1Abo1ldvwPAldftTYidyAXUkxCz5HPgHo/THzQiIBzSro
ow0nHNuXK/ixQkHbtYkPrKv8Bd9ajrz3+oKcuaU8w2Wev0ac2a8B41nmKUT4N89E
hqkr1DT8fEftEYwf99cGEgRebJwo9wcttRAkDVdD2mTsiwXNJ1L0a1p+rpRiT6Yz
zp86hCGWhD+vAIdULKb5jawrIlW7VGdmAGMOvWTA8hQpJuF03RrH6M92xwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFN6QuUVlcZuaqu+uimRpcjvV/nGiMB8GA1UdIwQY
MBaAFO3/+zxmHi94pXhb6VkWBEsGr1HSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2ZfN1BHWWVMM2lsZUZ2cFdSWUVTd2F2VWRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hMzhlNGYtNGQxMC00YjlmLThmMmYt
YTk4OTM1NDVjM2M1LzEvM3BDNVJXVnhtNXFxNzY2S1pHbHlPOVgtY2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hMzhlNGYtNGQxMC00YjlmLThmMmYtYTk4OTM1NDVjM2M1
LzEvN2ZfN1BHWWVMM2lsZUZ2cFdSWUVTd2F2VWRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBBbaCMAwD
BAHBoyoDBADBoywwDQYJKoZIhvcNAQELBQADggEBACBbUVrBI9nUK1CemtHydVz/
2AurG6aHbLzbqUTwHEwVsMMjoUutS9zU0JuSOoI58iwRyzFmCDUe1Yh2V3cFGhO7
IsaZ+2eRt6QvtUex0NgAkc/e+SNwOUNeVk+WEW3uZJDqGzFMHP1w9I/tE94A4u9U
4P2kYWlPaoQ52ZgLnHF8nprulI4TznnaTG84UawMN/89InEXSs5HRT6RaQRKhnL3
AK6ch5gVFdtPzPreazSbDNvIlvwRLHSAxsiCK1nl0dP7XfbsDoHp4lxfTROqeYaJ
gKetGfJ5VkFjipjId85Pf83ttwEdfJTg32v0Mn0fP9FTHMxMEUasfz0E87Ekt34=
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:12:33 2025 by rpki-client