Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/5kLNjRCzPmC-_lJ2cnfpVKwqhj8.roa
File: 5kLNjRCzPmC-_lJ2cnfpVKwqhj8.roa (raw, json)
Hash identifier: uxuwo3rdtvxFR+u2b/xx1WtIUPFmui3NzvvZQASUHVw=
Subject key identifier: E6:42:CD:8D:10:B3:3E:60:BE:FE:52:76:72:77:E9:54:AC:2A:86:3F
Certificate issuer: /CN=c5de32bb9cc99e115ddbaf6b7fa23051789f2f61
Certificate serial: 0189FEB2BBD1AD0B32805D98A6A64E2E8841
Authority key identifier: C5:DE:32:BB:9C:C9:9E:11:5D:DB:AF:6B:7F:A2:30:51:78:9F:2F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xd4yu5zJnhFd269rf6IwUXifL2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/5kLNjRCzPmC-_lJ2cnfpVKwqhj8.roa
Signing time: Wed 16 Aug 2023 14:14:33 +0000
ROA not before: Wed 16 Aug 2023 14:14:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 194.29.58.0/24 maxlen: 24
194.29.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 08:50:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fe:b2:bb:d1:ad:0b:32:80:5d:98:a6:a6:4e:2e:88:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5de32bb9cc99e115ddbaf6b7fa23051789f2f61
Validity
Not Before: Aug 16 14:14:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e642cd8d10b33e60befe52767277e954ac2a863f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f1:75:c0:e7:7a:5d:fa:29:d6:77:f5:9c:72:
5c:83:52:ee:cb:2b:19:50:22:48:a6:ca:e7:65:f2:
59:7d:56:74:17:89:dd:67:fe:d9:b1:d6:03:52:95:
85:e8:40:e9:fd:eb:19:63:6f:2e:72:3b:9e:c3:4d:
61:25:de:4d:c5:2c:b0:a2:b7:71:fa:42:ec:2d:4b:
b3:3e:92:f8:3b:de:46:4b:4e:a9:3a:12:e4:3c:7b:
b4:d1:1a:cf:2d:ff:06:6f:38:e7:1c:f5:76:9f:f4:
75:ae:ac:62:d2:85:9e:71:9d:0d:8e:30:80:77:3d:
28:59:66:01:ad:67:e8:96:71:5c:1d:94:15:8a:e1:
15:9c:4b:11:56:8a:cd:1f:3a:cc:42:ac:7a:fd:d8:
85:39:5c:f1:8b:5c:1f:37:1a:21:25:d6:ab:81:3c:
15:c7:8f:0c:ab:5c:c0:a7:9b:8c:fd:bb:e4:e8:8b:
24:85:b8:08:a4:49:98:59:ba:7b:08:c5:4d:c8:46:
0b:1b:25:83:f6:cb:b6:0e:47:c0:8f:ed:73:d1:c4:
41:f0:72:e8:59:d8:85:84:f2:6c:7b:3f:3a:0a:70:
bd:17:dc:3d:52:99:17:6e:8b:77:2f:c9:3a:1a:3f:
cb:fc:1f:4e:6d:a1:10:31:c4:59:07:37:72:f2:6c:
76:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:42:CD:8D:10:B3:3E:60:BE:FE:52:76:72:77:E9:54:AC:2A:86:3F
X509v3 Authority Key Identifier:
keyid:C5:DE:32:BB:9C:C9:9E:11:5D:DB:AF:6B:7F:A2:30:51:78:9F:2F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xd4yu5zJnhFd269rf6IwUXifL2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/5kLNjRCzPmC-_lJ2cnfpVKwqhj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/xd4yu5zJnhFd269rf6IwUXifL2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.29.56.0/24
194.29.58.0/24
Signature Algorithm: sha256WithRSAEncryption
18:3b:37:29:ca:65:3d:11:6a:eb:05:93:80:05:15:cd:c9:99:
74:51:ca:90:6b:b0:65:47:fd:ae:6f:2e:0d:3f:0a:53:81:fa:
c6:c0:ac:df:79:f2:bb:86:61:03:d2:1a:6a:5f:5e:7e:08:32:
9b:fe:35:3a:2a:d6:58:dd:cb:95:49:b5:93:3e:e0:90:c6:23:
f0:89:0f:13:8d:b8:51:09:b4:9e:cd:6a:d9:bf:72:ac:85:20:
78:bf:9d:83:77:66:e2:fe:a5:84:8f:cc:7f:39:0a:04:13:96:
e2:46:a3:14:a4:04:ad:f2:4f:bf:ce:d8:c3:e1:67:4f:f3:d7:
6c:0e:db:d4:b1:fa:7a:6a:53:a7:be:1e:af:a6:df:fb:6c:bf:
ee:bc:db:78:77:8b:13:27:2e:c4:01:25:26:06:ab:ed:31:28:
a5:a2:c2:07:ed:41:49:fd:47:a1:26:f2:7c:3e:d4:fa:9f:ef:
03:fa:50:a8:41:5a:5d:58:e6:44:13:9b:39:fc:f9:de:fe:58:
d4:51:c9:c4:0f:63:fa:d2:a9:cc:b6:47:57:8c:57:ed:cd:43:
96:f6:8b:9d:25:1d:ce:ac:a6:e0:6c:ec:5f:e3:be:99:9d:06:
0f:8d:a4:d4:bf:a6:8a:19:97:ea:76:57:d1:29:07:c5:61:b0:
d2:03:54:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYn+srvRrQsygF2YpqZOLohBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZGUzMmJiOWNjOTllMTE1ZGRiYWY2YjdmYTIzMDUxNzg5
ZjJmNjEwHhcNMjMwODE2MTQxNDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQyY2Q4ZDEwYjMzZTYwYmVmZTUyNzY3Mjc3ZTk1NGFjMmE4NjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvF1wOd6Xfop1nf1nHJcg1LuyysZ
UCJIpsrnZfJZfVZ0F4ndZ/7ZsdYDUpWF6EDp/esZY28ucjuew01hJd5NxSywordx
+kLsLUuzPpL4O95GS06pOhLkPHu00RrPLf8GbzjnHPV2n/R1rqxi0oWecZ0NjjCA
dz0oWWYBrWfolnFcHZQViuEVnEsRVorNHzrMQqx6/diFOVzxi1wfNxohJdargTwV
x48Mq1zAp5uM/bvk6IskhbgIpEmYWbp7CMVNyEYLGyWD9su2DkfAj+1z0cRB8HLo
WdiFhPJsez86CnC9F9w9UpkXbot3L8k6Gj/L/B9ObaEQMcRZBzdy8mx2pwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOZCzY0Qsz5gvv5SdnJ36VSsKoY/MB8GA1UdIwQY
MBaAFMXeMrucyZ4RXduva3+iMFF4ny9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGQ0eXU1ekpuaEZkMjY5cmY2SXdVWGlmTDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9iZDA5ZTctYzQwYi00N2E2LThhMmUt
MDYzNjc1MzY3OWI2LzEvNWtMTmpSQ3pQbUMtX2xKMmNuZnBWS3dxaGo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9iZDA5ZTctYzQwYi00N2E2LThhMmUtMDYzNjc1MzY3OWI2
LzEveGQ0eXU1ekpuaEZkMjY5cmY2SXdVWGlmTDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwh04AwQA
wh06MA0GCSqGSIb3DQEBCwUAA4IBAQAYOzcpymU9EWrrBZOABRXNyZl0UcqQa7Bl
R/2uby4NPwpTgfrGwKzfefK7hmED0hpqX15+CDKb/jU6KtZY3cuVSbWTPuCQxiPw
iQ8TjbhRCbSezWrZv3KshSB4v52Dd2bi/qWEj8x/OQoEE5biRqMUpASt8k+/ztjD
4WdP89dsDtvUsfp6alOnvh6vpt/7bL/uvNt4d4sTJy7EASUmBqvtMSilosIH7UFJ
/UehJvJ8PtT6n+8D+lCoQVpdWOZEE5s5/Pne/ljUUcnED2P60qnMtkdXjFftzUOW
9oudJR3OrKbgbOxf476ZnQYPjaTUv6aKGZfqdlfRKQfFYbDSA1Q3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:45 2024 by rpki-client on console-fra.rpki-client.org