Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/DzyhSiIxQCvak8TKPdMOjEkK2oA.roa
File: DzyhSiIxQCvak8TKPdMOjEkK2oA.roa (raw, json)
Hash identifier: ihANsPgsaf4Tj/1cP+Tk/0WR7p0vULXckEA7TvykdjM=
Subject key identifier: 0F:3C:A1:4A:22:31:40:2B:DA:93:C4:CA:3D:D3:0E:8C:49:0A:DA:80
Certificate issuer: /CN=a71cc0d58b16adbbf7fa5c2fdbc3659f9c73c7ba
Certificate serial: 018B6E7223D41D6EB305D70B1C83BBAE0A64
Authority key identifier: A7:1C:C0:D5:8B:16:AD:BB:F7:FA:5C:2F:DB:C3:65:9F:9C:73:C7:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxzA1YsWrbv3-lwv28Nln5xzx7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/DzyhSiIxQCvak8TKPdMOjEkK2oA.roa
Signing time: Fri 27 Oct 2023 00:04:15 +0000
ROA not before: Fri 27 Oct 2023 00:04:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5483
IP address blocks: 5.56.38.0/24 maxlen: 24
5.56.37.0/24 maxlen: 24
5.56.33.0/24 maxlen: 24
2a01:47c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6e:72:23:d4:1d:6e:b3:05:d7:0b:1c:83:bb:ae:0a:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a71cc0d58b16adbbf7fa5c2fdbc3659f9c73c7ba
Validity
Not Before: Oct 27 00:04:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f3ca14a2231402bda93c4ca3dd30e8c490ada80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:64:a4:68:29:15:9e:f9:a1:05:c3:a6:dd:9d:
33:52:b7:cb:99:1f:02:ed:dd:d9:8e:dd:04:64:38:
80:af:45:fc:66:55:9a:22:76:88:ad:7b:71:3f:3e:
61:04:b3:27:ad:eb:ea:cb:87:9f:8a:d5:71:c3:6e:
c6:41:3d:45:53:a6:53:43:26:f7:b2:f0:2e:b5:ce:
fa:f8:a8:18:8e:2f:14:3f:6b:e8:60:56:d4:e7:c0:
3a:23:9e:19:cd:b6:df:a3:0b:90:dc:14:1c:8b:65:
05:a8:5d:3c:16:71:0f:29:a0:82:c2:4b:65:98:8d:
ab:2b:65:5b:82:95:81:19:7c:b3:81:d5:e2:f9:96:
75:c8:9c:e1:e5:09:18:38:23:ad:14:a7:48:df:69:
c4:06:fc:33:4d:dd:0a:0c:23:c9:37:d7:8f:f3:86:
5d:7d:e5:d6:45:df:e8:17:a7:5e:1d:6b:27:fc:15:
c4:89:a6:3d:5f:76:b5:ae:8c:bb:73:7d:db:b7:01:
fb:52:5d:f7:91:e4:b7:87:94:97:76:3e:08:d1:95:
97:c0:8d:bd:21:62:e1:2f:43:11:29:25:a2:98:df:
25:fd:b5:c4:ef:21:2e:54:be:7b:64:d6:4d:82:96:
c0:f2:e6:a1:a7:63:de:ee:8d:87:fd:9a:25:ad:ee:
4c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:3C:A1:4A:22:31:40:2B:DA:93:C4:CA:3D:D3:0E:8C:49:0A:DA:80
X509v3 Authority Key Identifier:
keyid:A7:1C:C0:D5:8B:16:AD:BB:F7:FA:5C:2F:DB:C3:65:9F:9C:73:C7:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxzA1YsWrbv3-lwv28Nln5xzx7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/DzyhSiIxQCvak8TKPdMOjEkK2oA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/pxzA1YsWrbv3-lwv28Nln5xzx7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.33.0/24
5.56.37.0-5.56.38.255
IPv6:
2a01:47c0::/32
Signature Algorithm: sha256WithRSAEncryption
44:bd:cb:be:dc:6b:3b:29:f5:b5:23:63:f7:59:a5:7f:b3:5b:
46:c2:7b:cc:69:16:8e:99:da:74:ed:08:ac:56:b8:d9:0d:17:
e2:a1:b7:66:f3:22:cf:71:bb:0b:95:ac:aa:23:47:1f:c3:71:
c2:08:9e:5a:2b:6e:ba:bd:cb:2e:8c:53:d8:ec:c1:2b:77:9e:
59:26:46:11:50:73:79:e6:70:4f:0e:c1:8d:07:17:b2:3f:e1:
53:6f:54:a0:bf:c3:26:04:3b:73:89:a9:52:75:86:49:72:2d:
f9:fd:eb:1b:ec:2f:17:21:e7:6e:6a:68:45:b8:2c:72:66:fa:
e5:cb:b0:00:87:fc:84:2b:93:f7:d5:27:9b:26:21:37:ff:0c:
58:d8:bf:aa:b2:a5:e5:c0:df:20:33:6d:68:af:fc:06:63:63:
17:be:09:0f:80:3a:f8:2b:ba:cd:c9:27:54:7e:ee:19:71:9e:
53:cb:dc:ed:49:72:f6:a9:6e:03:8c:a6:91:0e:f7:87:7c:27:
93:2d:25:59:ed:a9:23:fd:5d:43:14:c2:71:00:05:8d:c6:36:
dd:16:ee:ad:ac:73:93:74:37:5a:6b:15:07:47:a4:2c:2e:db:
9f:bc:d6:fa:37:5e:ee:26:7f:44:32:68:9c:17:26:53:ad:ca:
59:8c:50:e3
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYtuciPUHW6zBdcLHIO7rgpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MWNjMGQ1OGIxNmFkYmJmN2ZhNWMyZmRiYzM2NTlmOWM3
M2M3YmEwHhcNMjMxMDI3MDAwNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjNjYTE0YTIyMzE0MDJiZGE5M2M0Y2EzZGQzMGU4YzQ5MGFkYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWSkaCkVnvmhBcOm3Z0zUrfLmR8C
7d3Zjt0EZDiAr0X8ZlWaInaIrXtxPz5hBLMnrevqy4efitVxw27GQT1FU6ZTQyb3
svAutc76+KgYji8UP2voYFbU58A6I54ZzbbfowuQ3BQci2UFqF08FnEPKaCCwktl
mI2rK2VbgpWBGXyzgdXi+ZZ1yJzh5QkYOCOtFKdI32nEBvwzTd0KDCPJN9eP84Zd
feXWRd/oF6deHWsn/BXEiaY9X3a1roy7c33btwH7Ul33keS3h5SXdj4I0ZWXwI29
IWLhL0MRKSWimN8l/bXE7yEuVL57ZNZNgpbA8uahp2Pe7o2H/Zolre5MsQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFA88oUoiMUAr2pPEyj3TDoxJCtqAMB8GA1UdIwQY
MBaAFKccwNWLFq279/pcL9vDZZ+cc8e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHh6QTFZc1dyYnYzLWx3djI4TmxuNXh6eDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS81ZjVhNjAtOTAyNi00YjY2LWJhYWEt
ZGU2NDBkMDEyMDY1LzEvRHp5aFNpSXhRQ3ZhazhUS1BkTU9qRWtLMm9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS81ZjVhNjAtOTAyNi00YjY2LWJhYWEtZGU2NDBkMDEyMDY1
LzEvcHh6QTFZc1dyYnYzLWx3djI4TmxuNXh6eDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQABTghMAwD
BAAFOCUDBAAFOCYwDQQCAAIwBwMFACoBR8AwDQYJKoZIhvcNAQELBQADggEBAES9
y77cazsp9bUjY/dZpX+zW0bCe8xpFo6Z2nTtCKxWuNkNF+Kht2bzIs9xuwuVrKoj
Rx/DccIInlorbrq9yy6MU9jswSt3nlkmRhFQc3nmcE8OwY0HF7I/4VNvVKC/wyYE
O3OJqVJ1hklyLfn96xvsLxch525qaEW4LHJm+uXLsACH/IQrk/fVJ5smITf/DFjY
v6qypeXA3yAzbWiv/AZjYxe+CQ+AOvgrus3JJ1R+7hlxnlPL3O1JcvapbgOMppEO
94d8J5MtJVntqSP9XUMUwnEABY3GNt0W7q2sc5N0N1prFQdHpCwu25+81vo3Xu4m
f0QyaJwXJlOtylmMUOM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:03 2024 by rpki-client on console-ams.rpki-client.org