Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/czDU6acT_Bz1T01KxF4jtnigdSE.roa
File: czDU6acT_Bz1T01KxF4jtnigdSE.roa (raw, json)
Hash identifier: /5Iyzz5ft7UJnrWffc5RYkC8Zss91/2baDN2cOxb8E4=
Subject key identifier: 73:30:D4:E9:A7:13:FC:1C:F5:4F:4D:4A:C4:5E:23:B6:78:A0:75:21
Certificate issuer: /CN=373b47a3cee79982adb170341d02026027332023
Certificate serial: 018570305BC9B3071E3AE4CBADED4A8E222A
Authority key identifier: 37:3B:47:A3:CE:E7:99:82:AD:B1:70:34:1D:02:02:60:27:33:20:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NztHo87nmYKtsXA0HQICYCczICM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/czDU6acT_Bz1T01KxF4jtnigdSE.roa
Signing time: Mon 02 Jan 2023 01:54:55 +0000
ROA not before: Mon 02 Jan 2023 01:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200568
IP address blocks: 5.159.22.0/23 maxlen: 23
5.159.22.0/24 maxlen: 24
5.159.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:5b:c9:b3:07:1e:3a:e4:cb:ad:ed:4a:8e:22:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=373b47a3cee79982adb170341d02026027332023
Validity
Not Before: Jan 2 01:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7330d4e9a713fc1cf54f4d4ac45e23b678a07521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b6:23:17:c3:0b:b6:91:dc:3c:2b:ed:a7:35:
05:cd:a4:a2:1a:da:72:2f:77:25:80:9e:71:49:f1:
b6:01:fb:c9:7d:ec:d7:68:3f:82:fd:db:bb:40:d1:
c0:11:66:89:6a:99:24:8a:1d:2e:6e:2c:61:b7:6b:
af:5a:73:6e:d5:0b:24:8e:b7:31:86:14:5d:8b:51:
43:bf:9d:a4:da:a5:a8:1e:55:bd:02:e8:35:b1:fb:
8b:01:a6:cd:90:24:d6:5f:eb:03:42:9e:f9:d7:9a:
93:23:48:1f:33:aa:f4:24:f3:3d:58:18:ce:4b:ac:
1d:2d:62:42:a6:44:91:4d:4b:57:d8:e0:73:a6:70:
4d:61:89:2b:1f:01:bf:c9:43:04:90:de:9a:cf:a5:
ad:69:e0:ba:34:64:b9:8e:a3:7f:b3:78:a4:6b:ca:
3d:3b:a1:03:53:85:4d:0e:b3:e4:f3:94:73:05:74:
1d:98:82:9b:61:72:b4:34:80:65:62:1c:cd:33:51:
8c:70:b3:1b:2a:df:ed:da:29:11:32:5d:03:86:64:
c0:6d:25:56:87:88:d3:ef:8d:b7:13:65:aa:7f:ee:
62:05:6b:a1:37:94:26:98:eb:ec:ec:ce:ba:5f:e7:
91:2e:de:db:4b:1c:8e:91:f9:bb:3f:05:09:f5:7a:
c7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:30:D4:E9:A7:13:FC:1C:F5:4F:4D:4A:C4:5E:23:B6:78:A0:75:21
X509v3 Authority Key Identifier:
keyid:37:3B:47:A3:CE:E7:99:82:AD:B1:70:34:1D:02:02:60:27:33:20:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NztHo87nmYKtsXA0HQICYCczICM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/czDU6acT_Bz1T01KxF4jtnigdSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/NztHo87nmYKtsXA0HQICYCczICM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.22.0/23
Signature Algorithm: sha256WithRSAEncryption
71:32:f1:59:60:a0:b7:65:7d:b7:c6:0b:fb:5d:66:35:be:35:
7e:9a:f0:ad:aa:58:b5:c4:a3:08:65:b5:3b:f1:a7:30:ac:9e:
38:a4:20:75:3c:33:ac:6b:dd:cc:5c:01:bb:44:c5:a1:2b:a6:
f0:95:44:2d:27:74:0b:42:bc:e5:41:cc:dd:dd:9a:20:ff:12:
4c:33:64:71:a9:6f:a0:e1:43:d3:57:1a:0e:7a:63:3d:5a:52:
53:52:01:9a:e1:70:c9:b0:97:71:72:79:8c:dd:f4:96:b1:13:
41:56:54:a1:56:f3:7c:a3:20:b2:81:1b:c1:66:3c:54:aa:aa:
bb:33:22:e3:b5:fb:08:2e:82:74:fa:a6:20:a8:96:dd:52:db:
bc:03:5b:0f:5d:4f:79:d8:82:47:06:85:e0:9e:8d:d7:01:4b:
2b:f5:68:e9:aa:44:15:22:4e:74:61:f7:e5:ed:c2:7e:28:cd:
70:89:bb:e6:bd:99:dd:ac:8c:60:a6:09:58:05:9f:92:da:62:
70:97:07:a7:43:9e:fa:c1:cf:3d:a8:65:c7:73:66:81:eb:88:
2f:ae:54:6f:8e:25:98:98:39:72:e8:de:c7:02:e3:e7:19:fb:
8e:10:67:6b:a1:07:9a:21:d0:df:a2:be:bd:de:cb:f6:24:b6:
d7:4c:dc:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMFvJswceOuTLre1KjiIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3M2I0N2EzY2VlNzk5ODJhZGIxNzAzNDFkMDIwMjYwMjcz
MzIwMjMwHhcNMjMwMTAyMDE1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzMwZDRlOWE3MTNmYzFjZjU0ZjRkNGFjNDVlMjNiNjc4YTA3NTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubYjF8MLtpHcPCvtpzUFzaSiGtpy
L3clgJ5xSfG2AfvJfezXaD+C/du7QNHAEWaJapkkih0ubixht2uvWnNu1Qskjrcx
hhRdi1FDv52k2qWoHlW9Aug1sfuLAabNkCTWX+sDQp7515qTI0gfM6r0JPM9WBjO
S6wdLWJCpkSRTUtX2OBzpnBNYYkrHwG/yUMEkN6az6WtaeC6NGS5jqN/s3ika8o9
O6EDU4VNDrPk85RzBXQdmIKbYXK0NIBlYhzNM1GMcLMbKt/t2ikRMl0DhmTAbSVW
h4jT7423E2Wqf+5iBWuhN5QmmOvs7M66X+eRLt7bSxyOkfm7PwUJ9XrHKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHMw1OmnE/wc9U9NSsReI7Z4oHUhMB8GA1UdIwQY
MBaAFDc7R6PO55mCrbFwNB0CAmAnMyAjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnp0SG84N25tWUt0c1hBMEhRSUNZQ2N6SUNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC83YzJhMTUtYWM0ZC00NjRhLWE3N2Ut
MzJmOWEyODJmNTZjLzEvY3pEVTZhY1RfQnoxVDAxS3hGNGp0bmlnZFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC83YzJhMTUtYWM0ZC00NjRhLWE3N2UtMzJmOWEyODJmNTZj
LzEvTnp0SG84N25tWUt0c1hBMEhRSUNZQ2N6SUNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBZ8WMA0G
CSqGSIb3DQEBCwUAA4IBAQBxMvFZYKC3ZX23xgv7XWY1vjV+mvCtqli1xKMIZbU7
8acwrJ44pCB1PDOsa93MXAG7RMWhK6bwlUQtJ3QLQrzlQczd3Zog/xJMM2RxqW+g
4UPTVxoOemM9WlJTUgGa4XDJsJdxcnmM3fSWsRNBVlShVvN8oyCygRvBZjxUqqq7
MyLjtfsILoJ0+qYgqJbdUtu8A1sPXU952IJHBoXgno3XAUsr9WjpqkQVIk50Yffl
7cJ+KM1wibvmvZndrIxgpglYBZ+S2mJwlwenQ576wc89qGXHc2aB64gvrlRvjiWY
mDly6N7HAuPnGfuOEGdroQeaIdDfor693sv2JLbXTNwe
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:57 2024 by rpki-client on console-ams.rpki-client.org