Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/3tAAeOOJiMtcmpgCLgoR02wtj8M.roa
File: 3tAAeOOJiMtcmpgCLgoR02wtj8M.roa (raw, json)
Hash identifier: 2o5gvLeIGMxUHBQKqRnvqVk66BbyiShCCe+xWdXvF6M=
Subject key identifier: DE:D0:00:78:E3:89:88:CB:5C:9A:98:02:2E:0A:11:D3:6C:2D:8F:C3
Certificate issuer: /CN=42ce759320195b9cc18ccfcb1b532aea949258f1
Certificate serial: 01856CCAE3AA5E8A671CB5137C6EC810D216
Authority key identifier: 42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/3tAAeOOJiMtcmpgCLgoR02wtj8M.roa
Signing time: Sun 01 Jan 2023 10:05:13 +0000
ROA not before: Sun 01 Jan 2023 10:05:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45102
IP address blocks: 5.181.224.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:e3:aa:5e:8a:67:1c:b5:13:7c:6e:c8:10:d2:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42ce759320195b9cc18ccfcb1b532aea949258f1
Validity
Not Before: Jan 1 10:05:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ded00078e38988cb5c9a98022e0a11d36c2d8fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:44:21:b8:ed:38:70:da:04:ff:bd:fa:21:00:
0f:27:c5:5a:e9:0c:09:e3:50:4b:2f:fa:4a:97:54:
ec:a3:7e:61:97:11:f9:88:88:54:bd:74:9f:52:eb:
95:d7:11:86:48:8a:10:c3:e8:99:ac:d7:58:66:45:
54:2e:11:8f:e5:3a:25:cc:e1:29:b8:b4:f0:24:3c:
56:ee:e7:53:3a:5d:c5:9c:76:7b:6e:0d:24:db:7e:
86:7a:b5:97:d2:30:7f:dd:a1:2f:bd:83:75:b8:56:
99:30:0a:c6:d6:07:99:54:01:bc:7e:ec:3f:1e:9d:
95:74:6c:66:0c:21:60:f1:56:4d:d2:23:53:c2:ad:
83:f2:80:4d:c8:94:86:a4:00:40:69:e5:73:e7:a8:
f4:44:cb:69:25:27:54:dc:d0:35:74:78:ce:78:28:
ba:e5:51:f3:ea:9e:6a:90:7e:68:cf:60:dc:f5:dc:
74:55:53:21:30:eb:30:4e:c5:38:be:bd:77:73:99:
e0:b9:3a:1b:6b:59:1c:3c:ee:e7:f4:4b:3e:d3:b7:
33:4c:f0:54:98:ad:51:a1:16:11:7d:3f:6c:a4:50:
d2:27:73:fb:7e:cd:d5:1d:0a:e7:92:a8:3d:f5:4a:
be:a6:c4:a6:90:2f:8a:9e:bd:18:20:29:5b:1a:77:
cd:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D0:00:78:E3:89:88:CB:5C:9A:98:02:2E:0A:11:D3:6C:2D:8F:C3
X509v3 Authority Key Identifier:
keyid:42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/3tAAeOOJiMtcmpgCLgoR02wtj8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.224.0/23
Signature Algorithm: sha256WithRSAEncryption
90:c5:d9:62:14:d7:11:d3:dd:11:26:fe:97:48:2a:0f:d2:71:
59:63:e1:20:89:6f:1c:ab:bb:74:6c:1c:91:29:2a:4e:e8:4b:
61:e9:91:66:f8:4e:4f:24:df:23:07:a4:7f:43:b8:fb:7b:62:
d6:df:96:a5:92:32:3a:12:25:fe:fe:c1:7b:24:dd:7d:06:d5:
27:ff:4c:4a:2c:8c:6e:1a:85:dc:db:6f:05:36:50:2f:1e:53:
d6:b0:9b:67:a6:29:42:04:a8:b8:6d:dd:9a:07:78:2f:12:96:
1a:9c:ea:08:f0:e9:d2:e7:b5:0c:2b:3f:3e:ce:5b:9d:f5:28:
ff:58:59:ee:f8:1b:16:a1:2f:03:00:f9:a6:b1:54:63:9b:39:
ca:86:7a:12:f9:e8:e2:46:b7:56:93:96:dd:23:46:e5:16:5b:
66:85:31:f1:dc:33:dc:58:fc:12:0c:79:cc:ab:4d:2a:07:1c:
dc:74:bf:54:9a:ac:eb:1c:30:9e:4f:b1:a0:31:5f:db:c3:40:
39:72:21:d5:6f:b7:f0:1f:d3:7c:ad:f0:45:ad:0d:1f:93:f2:
79:10:4d:b0:b9:3a:87:2d:fb:f4:79:c5:62:2e:a5:49:35:ef:
fd:2a:c9:6a:b7:f5:6c:b4:0c:ff:61:e1:43:d8:21:00:ef:6a:
a5:fe:25:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyuOqXopnHLUTfG7IENIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyY2U3NTkzMjAxOTViOWNjMThjY2ZjYjFiNTMyYWVhOTQ5
MjU4ZjEwHhcNMjMwMTAxMTAwNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWQwMDA3OGUzODk4OGNiNWM5YTk4MDIyZTBhMTFkMzZjMmQ4ZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEQhuO04cNoE/736IQAPJ8Va6QwJ
41BLL/pKl1Tso35hlxH5iIhUvXSfUuuV1xGGSIoQw+iZrNdYZkVULhGP5TolzOEp
uLTwJDxW7udTOl3FnHZ7bg0k236GerWX0jB/3aEvvYN1uFaZMArG1geZVAG8fuw/
Hp2VdGxmDCFg8VZN0iNTwq2D8oBNyJSGpABAaeVz56j0RMtpJSdU3NA1dHjOeCi6
5VHz6p5qkH5oz2Dc9dx0VVMhMOswTsU4vr13c5nguToba1kcPO7n9Es+07czTPBU
mK1RoRYRfT9spFDSJ3P7fs3VHQrnkqg99Uq+psSmkC+Knr0YIClbGnfNUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN7QAHjjiYjLXJqYAi4KEdNsLY/DMB8GA1UdIwQY
MBaAFELOdZMgGVucwYzPyxtTKuqUkljxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXM1MWt5QVpXNXpCak1fTEcxTXE2cFNTV1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hNTIwNDgtMTJjYS00YTAzLTk1YmUt
Njk3OTQ4ZWE3MWY1LzEvM3RBQWVPT0ppTXRjbXBnQ0xnb1IwMnd0ajhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hNTIwNDgtMTJjYS00YTAzLTk1YmUtNjk3OTQ4ZWE3MWY1
LzEvUXM1MWt5QVpXNXpCak1fTEcxTXE2cFNTV1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBbXgMA0G
CSqGSIb3DQEBCwUAA4IBAQCQxdliFNcR090RJv6XSCoP0nFZY+EgiW8cq7t0bByR
KSpO6Eth6ZFm+E5PJN8jB6R/Q7j7e2LW35alkjI6EiX+/sF7JN19BtUn/0xKLIxu
GoXc228FNlAvHlPWsJtnpilCBKi4bd2aB3gvEpYanOoI8OnS57UMKz8+zlud9Sj/
WFnu+BsWoS8DAPmmsVRjmznKhnoS+ejiRrdWk5bdI0blFltmhTHx3DPcWPwSDHnM
q00qBxzcdL9UmqzrHDCeT7GgMV/bw0A5ciHVb7fwH9N8rfBFrQ0fk/J5EE2wuTqH
Lfv0ecViLqVJNe/9Kslqt/VstAz/YeFD2CEA72ql/iVX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org