Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/5yC0RsR2iZzjo2UFEoI6NfaVNG0.roa
File: 5yC0RsR2iZzjo2UFEoI6NfaVNG0.roa (raw, json)
Hash identifier: uMbHt5ZyThihkutIXVR4Kl0piPXsENrwchvmuaMRs6E=
Subject key identifier: E7:20:B4:46:C4:76:89:9C:E3:A3:65:05:12:82:3A:35:F6:95:34:6D
Certificate issuer: /CN=21e86ff9973c93abe6398f031966c29d75a3ba86
Certificate serial: 01856D7877FBB0C5963E5FC952F0ADFFAC3B
Authority key identifier: 21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/5yC0RsR2iZzjo2UFEoI6NfaVNG0.roa
Signing time: Sun 01 Jan 2023 13:14:49 +0000
ROA not before: Sun 01 Jan 2023 13:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40793
IP address blocks: 144.2.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:77:fb:b0:c5:96:3e:5f:c9:52:f0:ad:ff:ac:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21e86ff9973c93abe6398f031966c29d75a3ba86
Validity
Not Before: Jan 1 13:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e720b446c476899ce3a3650512823a35f695346d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:bf:68:14:06:be:6e:08:df:ab:e1:68:6b:b9:
37:cd:b3:3d:80:67:7c:4e:c7:02:b5:e2:bb:65:ca:
82:3d:b6:7e:74:14:c7:79:41:49:f4:59:8c:65:24:
e7:16:9f:d5:25:c8:09:e7:5a:ff:3e:95:e8:fe:e7:
93:3d:c5:e1:c5:4e:62:89:31:8c:4a:26:56:2e:56:
ed:60:89:a5:20:ae:92:8f:12:79:72:38:ec:5b:bb:
46:ec:54:be:6a:8b:78:74:32:b9:b5:05:ae:e3:ee:
9e:3d:29:c6:ac:c9:cc:21:e4:dd:76:a2:71:1b:4e:
ec:af:69:63:6b:a9:26:38:d9:52:14:d1:08:6c:93:
6a:39:90:c7:31:da:e9:54:8d:7b:f7:0d:6d:0a:4c:
b4:61:2f:aa:a1:c4:e7:69:f2:7c:e7:41:68:5c:a2:
13:dd:a2:ea:b9:e4:5e:bb:b7:8e:f3:2c:0c:20:5f:
9a:d2:a7:e6:7d:68:37:9e:02:69:3a:2c:33:f7:91:
4a:74:64:e7:b5:f1:95:31:29:b9:8f:13:89:01:3f:
85:ca:0c:2b:c4:43:a1:c6:a8:cb:4b:e0:59:2d:35:
2a:ee:94:69:9b:4d:b5:25:f5:72:61:c6:35:fe:82:
3d:1b:80:68:0a:bd:b1:8b:e0:f5:40:e3:ae:6d:9b:
d3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:20:B4:46:C4:76:89:9C:E3:A3:65:05:12:82:3A:35:F6:95:34:6D
X509v3 Authority Key Identifier:
keyid:21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/5yC0RsR2iZzjo2UFEoI6NfaVNG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.19.0/24
Signature Algorithm: sha256WithRSAEncryption
75:9e:a6:87:dd:db:4a:a3:f5:44:82:41:6b:7b:0b:f1:b1:2f:
ca:95:35:43:c9:19:e0:55:19:c6:e4:71:18:7e:34:8a:8e:6d:
97:37:a7:a6:ef:92:1f:85:f4:38:31:b0:8a:da:b7:5d:ff:cf:
4f:cd:12:9d:95:c2:51:e7:51:ac:cd:2b:87:9c:d9:dd:18:16:
8f:e3:e9:b7:9c:d0:fd:8e:fb:1d:fd:eb:ae:f0:fa:d2:25:dd:
f4:86:20:64:39:fd:57:af:82:17:13:d4:2d:78:c8:36:00:99:
88:64:7c:90:5a:a3:5d:c4:2d:41:3b:b7:72:67:4b:d1:01:06:
90:28:e6:6f:80:61:bf:6d:01:31:0b:43:2f:1f:fc:ef:ad:56:
c3:33:35:8f:fe:7c:dc:5a:bc:08:1e:dc:78:bb:bd:2b:f6:b2:
76:2c:be:22:6c:3c:ed:78:16:b9:09:50:dd:7c:25:80:52:41:
e2:dd:d3:d5:43:ac:fa:92:45:0d:71:dc:4d:a7:14:2f:f3:46:
88:c5:fb:1e:a8:9a:0a:d6:9a:c3:57:a5:05:d6:0e:7a:1e:d4:
c0:d7:86:bf:86:8b:87:ee:ed:b2:5c:4b:5f:1b:c0:88:e0:f0:
cb:f8:46:d1:2c:e5:b9:25:7f:05:48:3f:7f:54:44:42:d7:85:
16:13:f7:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteHf7sMWWPl/JUvCt/6w7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxZTg2ZmY5OTczYzkzYWJlNjM5OGYwMzE5NjZjMjlkNzVh
M2JhODYwHhcNMjMwMTAxMTMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzIwYjQ0NmM0NzY4OTljZTNhMzY1MDUxMjgyM2EzNWY2OTUzNDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhL9oFAa+bgjfq+Foa7k3zbM9gGd8
TscCteK7ZcqCPbZ+dBTHeUFJ9FmMZSTnFp/VJcgJ51r/PpXo/ueTPcXhxU5iiTGM
SiZWLlbtYImlIK6SjxJ5cjjsW7tG7FS+aot4dDK5tQWu4+6ePSnGrMnMIeTddqJx
G07sr2lja6kmONlSFNEIbJNqOZDHMdrpVI179w1tCky0YS+qocTnafJ850FoXKIT
3aLqueReu7eO8ywMIF+a0qfmfWg3ngJpOiwz95FKdGTntfGVMSm5jxOJAT+Fygwr
xEOhxqjLS+BZLTUq7pRpm021JfVyYcY1/oI9G4BoCr2xi+D1QOOubZvTqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOcgtEbEdomc46NlBRKCOjX2lTRtMB8GA1UdIwQY
MBaAFCHob/mXPJOr5jmPAxlmwp11o7qGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWVodi1aYzhrNnZtT1k4REdXYkNuWFdqdW9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yZjZkZDAtYjc2Zi00N2Q1LWE0YWIt
MzJmZWViNTY2ZWU2LzEvNXlDMFJzUjJpWnpqbzJVRkVvSTZOZmFWTkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yZjZkZDAtYjc2Zi00N2Q1LWE0YWItMzJmZWViNTY2ZWU2
LzEvSWVodi1aYzhrNnZtT1k4REdXYkNuWFdqdW9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkAITMA0G
CSqGSIb3DQEBCwUAA4IBAQB1nqaH3dtKo/VEgkFrewvxsS/KlTVDyRngVRnG5HEY
fjSKjm2XN6em75IfhfQ4MbCK2rdd/89PzRKdlcJR51GszSuHnNndGBaP4+m3nND9
jvsd/euu8PrSJd30hiBkOf1Xr4IXE9QteMg2AJmIZHyQWqNdxC1BO7dyZ0vRAQaQ
KOZvgGG/bQExC0MvH/zvrVbDMzWP/nzcWrwIHtx4u70r9rJ2LL4ibDzteBa5CVDd
fCWAUkHi3dPVQ6z6kkUNcdxNpxQv80aIxfseqJoK1prDV6UF1g56HtTA14a/houH
7u2yXEtfG8CI4PDL+EbRLOW5JX8FSD9/VERC14UWE/fw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:47 2024 by rpki-client on console-fra.rpki-client.org