Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/hSGqFhOXYFh7xKSKQeVolGMoGyY.roa
File: hSGqFhOXYFh7xKSKQeVolGMoGyY.roa (raw, json)
Hash identifier: x2o7jGS5ZTO4JjHNUCa6WVejdQThFk8pTRXIdqMhYg4=
Subject key identifier: 85:21:AA:16:13:97:60:58:7B:C4:A4:8A:41:E5:68:94:63:28:1B:26
Certificate issuer: /CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Certificate serial: 018CC34929C7F390960923A67126B9978B3E
Authority key identifier: 34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/hSGqFhOXYFh7xKSKQeVolGMoGyY.roa
Signing time: Mon 01 Jan 2024 04:30:01 +0000
ROA not before: Mon 01 Jan 2024 04:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216444
IP address blocks: 5.199.164.0/22 maxlen: 32
2a02:ae00:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 10 Jan 2024 11:54:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:29:c7:f3:90:96:09:23:a6:71:26:b9:97:8b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Validity
Not Before: Jan 1 04:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8521aa16139760587bc4a48a41e5689463281b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:dd:40:d0:b9:96:9d:91:05:ad:22:03:57:4b:
5a:7f:1a:a9:3b:16:a7:e5:0d:95:c0:ff:d5:21:7e:
62:1f:37:e3:0e:c8:59:4e:f3:0b:e2:32:7a:95:0c:
c3:14:4c:6c:d2:a5:0f:1c:e8:09:d0:1a:d8:74:87:
d8:f7:e4:c1:7d:e9:50:35:d6:6a:71:25:db:66:72:
02:fc:37:3a:74:4c:a6:8b:60:e1:77:7c:66:15:a0:
33:c0:03:53:1c:e3:f7:3b:32:51:75:7b:1f:dc:35:
b9:3f:20:14:d0:02:78:b2:42:90:fd:ba:ca:b5:a4:
50:c3:bc:67:d3:93:bd:5a:61:e6:5b:b7:d7:ff:97:
99:68:a0:4d:36:2c:12:1a:16:52:8e:68:61:98:76:
44:da:13:0e:61:87:d1:53:06:0b:ef:df:d7:a9:bf:
fb:e7:81:a9:9b:74:73:34:cb:29:36:c2:94:a4:8d:
04:1c:2d:96:1c:a6:b8:2a:ee:df:0a:65:29:76:75:
d9:c1:e9:50:ca:5b:3a:10:e2:ac:2c:2d:fc:42:e5:
17:bb:e6:c1:15:80:90:43:91:8d:ab:35:40:ac:e5:
e3:5b:f1:b2:ea:e3:40:5f:f3:f5:3b:e7:6e:9f:c0:
58:40:24:aa:70:e6:82:95:80:be:5e:34:3d:3c:26:
25:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:21:AA:16:13:97:60:58:7B:C4:A4:8A:41:E5:68:94:63:28:1B:26
X509v3 Authority Key Identifier:
keyid:34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/hSGqFhOXYFh7xKSKQeVolGMoGyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.164.0/22
IPv6:
2a02:ae00:1000::/36
Signature Algorithm: sha256WithRSAEncryption
99:0d:94:b6:12:d4:ff:65:b4:17:c1:1a:d6:36:fc:7c:01:4d:
7b:97:86:87:e1:19:be:1c:db:be:09:e1:91:6f:87:1b:d7:54:
12:e1:5f:70:49:a0:fa:8e:4a:f1:fd:34:42:c8:3b:ca:21:d8:
60:a1:39:d6:5f:de:3f:7c:a5:4e:47:6d:f7:67:cd:11:02:c8:
4e:19:03:58:9f:b5:45:48:e4:56:a6:26:a8:fa:a1:dd:cf:d1:
6f:31:45:40:d9:ff:71:1d:36:47:df:6b:bf:fd:dd:4e:b6:fc:
78:29:a4:40:7c:b7:df:f9:41:b2:bb:6c:3e:e7:59:0b:90:f4:
35:2d:d3:48:f1:4c:77:b2:b3:c4:fd:e7:97:7c:1c:05:cd:1a:
a2:ca:6a:93:74:77:7f:3f:e4:fb:a7:85:b1:28:69:89:60:31:
1a:e5:3e:b0:0f:ae:70:21:48:9a:e0:37:32:c4:a5:7b:92:44:
03:c3:17:b9:54:9b:77:bd:55:dd:97:c2:1e:08:31:0d:f2:78:
e2:72:e4:bb:02:99:56:47:a3:87:1a:46:bb:03:9d:01:cb:9f:
64:b5:bc:a7:f4:aa:ba:55:80:29:7b:53:a6:51:d8:ea:95:23:
87:e3:b2:0e:46:01:3e:29:24:b1:c9:9e:61:67:ca:60:83:82:
93:52:43:a6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzDSSnH85CWCSOmcSa5l4s+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzNhZTFjNjA2NzJjNzU5MWE4Zjk3ZDY4Zjc5ZmIyYTVl
ZThkYTcwHhcNMjQwMTAxMDQzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTIxYWExNjEzOTc2MDU4N2JjNGE0OGE0MWU1Njg5NDYzMjgxYjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAht1A0LmWnZEFrSIDV0tafxqpOxan
5Q2VwP/VIX5iHzfjDshZTvML4jJ6lQzDFExs0qUPHOgJ0BrYdIfY9+TBfelQNdZq
cSXbZnIC/Dc6dEymi2Dhd3xmFaAzwANTHOP3OzJRdXsf3DW5PyAU0AJ4skKQ/brK
taRQw7xn05O9WmHmW7fX/5eZaKBNNiwSGhZSjmhhmHZE2hMOYYfRUwYL79/Xqb/7
54Gpm3RzNMspNsKUpI0EHC2WHKa4Ku7fCmUpdnXZwelQyls6EOKsLC38QuUXu+bB
FYCQQ5GNqzVArOXjW/Gy6uNAX/P1O+dun8BYQCSqcOaClYC+XjQ9PCYlsQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIUhqhYTl2BYe8SkikHlaJRjKBsmMB8GA1UdIwQY
MBaAFDQzrhxgZyx1kaj5fWj3n7Kl7o2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYt
MzBjZTgzNzAxYjM5LzEvaFNHcUZoT1hZRmg3eEtTS1FlVm9sR01vR3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYtMzBjZTgzNzAxYjM5
LzEvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCBcekMA4E
AgACMAgDBgQqAq4AEDANBgkqhkiG9w0BAQsFAAOCAQEAmQ2UthLU/2W0F8Ea1jb8
fAFNe5eGh+EZvhzbvgnhkW+HG9dUEuFfcEmg+o5K8f00Qsg7yiHYYKE51l/eP3yl
Tkdt92fNEQLIThkDWJ+1RUjkVqYmqPqh3c/RbzFFQNn/cR02R99rv/3dTrb8eCmk
QHy33/lBsrtsPudZC5D0NS3TSPFMd7KzxP3nl3wcBc0aospqk3R3fz/k+6eFsShp
iWAxGuU+sA+ucCFImuA3MsSle5JEA8MXuVSbd71V3ZfCHggxDfJ44nLkuwKZVkej
hxpGuwOdAcufZLW8p/SqulWAKXtTplHY6pUjh+OyDkYBPikkscmeYWfKYIOCk1JD
pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:13 2024 by rpki-client on console-fra.rpki-client.org