Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/d74cb2-f0fc-4f2c-be01-536e1f0c4ff9/1/5PpDPA6ANj65tn0lhNieOzJ87AI.roa
File: 5PpDPA6ANj65tn0lhNieOzJ87AI.roa (raw, json)
Hash identifier: s0tcbKf9EU04w3ragstnr+BpHkhH03ZaJkdALJW9XHI=
Subject key identifier: E4:FA:43:3C:0E:80:36:3E:B9:B6:7D:25:84:D8:9E:3B:32:7C:EC:02
Certificate issuer: /CN=6cdc694f0c3255d5d5573f1328e53654cfb22c4d
Certificate serial: 01856C4137200AFB2FF9EC5740CD55053417
Authority key identifier: 6C:DC:69:4F:0C:32:55:D5:D5:57:3F:13:28:E5:36:54:CF:B2:2C:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNxpTwwyVdXVVz8TKOU2VM-yLE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/d74cb2-f0fc-4f2c-be01-536e1f0c4ff9/1/5PpDPA6ANj65tn0lhNieOzJ87AI.roa
Signing time: Sun 01 Jan 2023 07:34:51 +0000
ROA not before: Sun 01 Jan 2023 07:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210045
IP address blocks: 217.28.133.0/24 maxlen: 24
2a12:2140::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:37:20:0a:fb:2f:f9:ec:57:40:cd:55:05:34:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cdc694f0c3255d5d5573f1328e53654cfb22c4d
Validity
Not Before: Jan 1 07:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4fa433c0e80363eb9b67d2584d89e3b327cec02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:3e:0e:89:c5:96:ec:0d:54:d0:c9:09:23:d6:
5a:6a:10:36:2d:a5:51:23:77:7a:e9:c1:ae:3d:99:
30:f3:69:f1:a5:7f:87:18:87:ae:54:a3:88:a5:cc:
d2:cb:d9:ed:09:ee:23:7b:23:9f:8c:e6:12:0a:9b:
78:33:f9:a5:77:a3:fc:e9:19:5f:cf:11:1e:f7:04:
e8:5b:b1:df:32:f2:cc:98:c3:aa:c1:e9:41:c9:d5:
0c:e0:83:f8:01:7a:82:2b:91:fc:f8:3c:7c:32:78:
15:6f:26:00:bd:97:76:2c:e2:ca:b0:bf:80:15:8d:
f8:0b:1e:c5:8d:42:45:32:b9:c3:0f:ef:cf:44:6c:
d3:a0:a4:4a:df:0a:fd:f2:5e:40:33:37:5f:de:7d:
a6:21:81:46:5c:5b:69:b2:c2:3e:84:be:ae:c2:94:
56:d2:9c:62:7a:65:1b:46:73:a6:fc:e0:de:74:13:
9f:73:5c:bc:b4:82:21:9a:27:31:b4:0c:e3:9a:26:
28:55:68:72:50:ef:b7:73:6f:1c:0d:e3:fb:77:b7:
66:d7:a8:44:55:8c:dc:ef:3e:4f:63:33:de:43:e6:
d3:97:4c:91:62:3c:bf:2e:1f:ca:fc:4f:4a:d5:1a:
f2:5c:57:03:cd:8a:3e:be:84:0f:bd:da:5c:8f:e7:
32:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:FA:43:3C:0E:80:36:3E:B9:B6:7D:25:84:D8:9E:3B:32:7C:EC:02
X509v3 Authority Key Identifier:
keyid:6C:DC:69:4F:0C:32:55:D5:D5:57:3F:13:28:E5:36:54:CF:B2:2C:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNxpTwwyVdXVVz8TKOU2VM-yLE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d74cb2-f0fc-4f2c-be01-536e1f0c4ff9/1/5PpDPA6ANj65tn0lhNieOzJ87AI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d74cb2-f0fc-4f2c-be01-536e1f0c4ff9/1/bNxpTwwyVdXVVz8TKOU2VM-yLE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.133.0/24
IPv6:
2a12:2140::/29
Signature Algorithm: sha256WithRSAEncryption
41:47:6e:20:dc:7f:d6:54:30:df:72:29:68:09:57:5c:b0:c1:
94:48:7f:ca:5c:43:44:b9:9c:a9:54:14:c1:22:5e:96:33:3d:
b9:39:2e:79:40:6f:e4:c9:29:53:48:6f:2a:8f:7c:fa:b8:65:
93:d9:e7:d1:3f:18:c2:3d:9e:cf:32:5b:d2:66:5f:70:a2:e6:
e7:0a:f7:9e:fc:01:4c:3f:34:ec:4f:3e:92:78:5b:40:de:e0:
d9:d2:c5:91:83:99:0a:25:dc:d0:45:2e:25:4c:54:ad:2d:ff:
8d:a4:d6:a7:cb:52:85:16:3f:9b:48:62:3f:60:a5:00:1f:1a:
e5:42:58:5a:dc:59:8c:f3:ce:ee:a4:fd:7e:a2:24:fa:b8:f5:
1c:12:18:14:de:b3:56:d3:e4:b6:dd:19:1a:d1:34:23:d5:59:
32:05:25:91:27:26:30:ae:b6:0c:5f:8c:37:88:b5:e1:1f:62:
6f:6c:a4:ad:44:d8:70:b3:c1:81:6b:30:96:e3:1e:e6:9f:df:
8a:55:dc:90:b7:a6:5f:2f:71:5d:e5:3e:de:18:bc:2f:45:12:
19:f0:da:09:dc:ca:b7:50:49:f2:f7:24:61:a1:bc:60:34:a2:
76:4d:7d:5c:cd:5c:a5:d2:bf:9f:08:ab:01:11:c4:c0:0a:23:
5b:12:f1:13
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsQTcgCvsv+exXQM1VBTQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZGM2OTRmMGMzMjU1ZDVkNTU3M2YxMzI4ZTUzNjU0Y2Zi
MjJjNGQwHhcNMjMwMTAxMDczNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGZhNDMzYzBlODAzNjNlYjliNjdkMjU4NGQ4OWUzYjMyN2NlYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhT4OicWW7A1U0MkJI9ZaahA2LaVR
I3d66cGuPZkw82nxpX+HGIeuVKOIpczSy9ntCe4jeyOfjOYSCpt4M/mld6P86Rlf
zxEe9wToW7HfMvLMmMOqwelBydUM4IP4AXqCK5H8+Dx8MngVbyYAvZd2LOLKsL+A
FY34Cx7FjUJFMrnDD+/PRGzToKRK3wr98l5AMzdf3n2mIYFGXFtpssI+hL6uwpRW
0pxiemUbRnOm/ODedBOfc1y8tIIhmicxtAzjmiYoVWhyUO+3c28cDeP7d7dm16hE
VYzc7z5PYzPeQ+bTl0yRYjy/Lh/K/E9K1RryXFcDzYo+voQPvdpcj+cyKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOT6QzwOgDY+ubZ9JYTYnjsyfOwCMB8GA1UdIwQY
MBaAFGzcaU8MMlXV1Vc/EyjlNlTPsixNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk54cFR3d3lWZFhWVno4VEtPVTJWTS15TEUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9kNzRjYjItZjBmYy00ZjJjLWJlMDEt
NTM2ZTFmMGM0ZmY5LzEvNVBwRFBBNkFOajY1dG4wbGhOaWVPeko4N0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9kNzRjYjItZjBmYy00ZjJjLWJlMDEtNTM2ZTFmMGM0ZmY5
LzEvYk54cFR3d3lWZFhWVno4VEtPVTJWTS15TEUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2RyFMA0E
AgACMAcDBQMqEiFAMA0GCSqGSIb3DQEBCwUAA4IBAQBBR24g3H/WVDDfciloCVdc
sMGUSH/KXENEuZypVBTBIl6WMz25OS55QG/kySlTSG8qj3z6uGWT2efRPxjCPZ7P
MlvSZl9woubnCvee/AFMPzTsTz6SeFtA3uDZ0sWRg5kKJdzQRS4lTFStLf+NpNan
y1KFFj+bSGI/YKUAHxrlQlha3FmM887upP1+oiT6uPUcEhgU3rNW0+S23Rka0TQj
1VkyBSWRJyYwrrYMX4w3iLXhH2JvbKStRNhws8GBazCW4x7mn9+KVdyQt6ZfL3Fd
5T7eGLwvRRIZ8NoJ3Mq3UEny9yRhobxgNKJ2TX1czVyl0r+fCKsBEcTACiNbEvET
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:17 2024 by rpki-client on console-ams.rpki-client.org