Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/csdS0X3GJyz36fVuKgLQuE6cIho.roa
File: csdS0X3GJyz36fVuKgLQuE6cIho.roa (raw, json)
Hash identifier: TuXBFAP2VKyeYyx4t7kSQf2UMicsGM+AyoOQWph3uuE=
Subject key identifier: 72:C7:52:D1:7D:C6:27:2C:F7:E9:F5:6E:2A:02:D0:B8:4E:9C:22:1A
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018F1459021A2A4BE0038A361A9D53C14ACB
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/csdS0X3GJyz36fVuKgLQuE6cIho.roa
Signing time: Thu 25 Apr 2024 08:22:08 +0000
ROA not before: Thu 25 Apr 2024 08:22:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 5.34.208.0/21 maxlen: 24
89.251.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 11:05:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:14:59:02:1a:2a:4b:e0:03:8a:36:1a:9d:53:c1:4a:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 25 08:22:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72c752d17dc6272cf7e9f56e2a02d0b84e9c221a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4c:83:a9:f7:bd:f6:05:98:79:37:a9:79:fe:
1b:2c:fc:5c:52:f0:86:92:bb:d0:74:13:f3:d3:d6:
d0:96:83:2c:61:dd:39:69:85:d7:77:45:db:1c:4f:
e3:df:11:52:da:9d:9b:4d:a6:23:2b:08:ca:f3:86:
07:e7:e4:9a:52:c7:2b:c0:31:ef:8b:6d:61:b7:cb:
f7:b0:97:1e:68:15:bd:23:ac:fd:f3:62:10:a3:fc:
99:b5:6a:e5:fa:20:07:6f:21:ee:40:60:e3:7b:9d:
7e:af:78:8e:24:c2:75:d1:6c:b4:56:4b:60:35:34:
80:23:56:99:48:d2:60:dc:c2:36:76:70:35:06:da:
b6:8b:96:dd:18:d7:0b:af:25:7c:ea:b9:6b:78:a1:
71:de:54:74:f4:d4:1b:ac:57:2c:b2:49:4f:3a:0e:
f5:4b:9e:48:bd:d3:e2:f6:73:58:a9:a0:70:bf:a6:
39:77:5e:19:29:d9:e4:9b:4d:06:3b:c9:54:e8:82:
05:c3:d9:0b:12:5e:7e:e6:bf:d2:d0:c2:17:ae:a2:
de:99:f7:a1:eb:e5:8b:43:39:98:a7:d1:b0:bc:bd:
30:1c:94:28:e3:ed:ee:b8:1e:43:ab:bc:34:2f:c1:
91:05:4c:14:95:4b:d6:b1:53:16:3c:28:e9:6c:4e:
08:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C7:52:D1:7D:C6:27:2C:F7:E9:F5:6E:2A:02:D0:B8:4E:9C:22:1A
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/csdS0X3GJyz36fVuKgLQuE6cIho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/21
89.251.10.0/24
Signature Algorithm: sha256WithRSAEncryption
62:a2:04:32:49:f9:e8:ce:9a:b4:49:9d:00:cd:9a:71:35:4c:
3b:08:e0:31:d6:75:cd:56:96:9b:fb:cd:85:9f:af:68:6c:b4:
38:e9:a0:0c:25:58:f6:3a:ab:f9:b1:ca:98:92:79:50:1a:e5:
aa:22:78:e0:c5:03:c2:8b:35:37:48:79:f5:c4:b6:99:23:b1:
bc:f2:e7:ed:3c:8f:a6:86:2b:35:25:d2:6c:80:78:a1:30:d0:
4a:59:92:bf:45:2d:32:05:1f:a4:f3:a4:34:f2:d6:a9:22:c5:
a8:00:02:5b:fc:5b:d4:c1:14:ce:ef:9f:4e:40:20:d5:59:9f:
5e:13:c8:4d:df:ce:20:d9:49:3b:17:59:5a:80:fc:df:9c:f6:
9c:a9:7b:b2:30:db:94:c3:05:e1:9e:51:a7:62:a5:13:e2:10:
4d:df:e7:54:2f:f7:a9:25:65:5b:f0:cb:b5:90:2e:de:b7:8d:
c0:10:49:15:d3:ba:ae:5a:e1:da:9b:32:1e:ea:fe:01:2c:91:
59:45:cb:81:f9:bb:1c:b7:eb:c3:0a:f3:c3:24:e2:bb:63:f9:
a9:28:98:cf:f8:5d:9b:86:b1:b4:dc:d5:bc:e8:39:c8:ef:70:
ee:78:19:5c:85:55:4c:82:d3:c8:e6:e4:21:1d:9c:7f:c3:5d:
b7:c3:c0:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8UWQIaKkvgA4o2Gp1TwUrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNDI1MDgyMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmM3NTJkMTdkYzYyNzJjZjdlOWY1NmUyYTAyZDBiODRlOWMyMjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEyDqfe99gWYeTepef4bLPxcUvCG
krvQdBPz09bQloMsYd05aYXXd0XbHE/j3xFS2p2bTaYjKwjK84YH5+SaUscrwDHv
i21ht8v3sJceaBW9I6z982IQo/yZtWrl+iAHbyHuQGDje51+r3iOJMJ10Wy0Vktg
NTSAI1aZSNJg3MI2dnA1Btq2i5bdGNcLryV86rlreKFx3lR09NQbrFcssklPOg71
S55IvdPi9nNYqaBwv6Y5d14ZKdnkm00GO8lU6IIFw9kLEl5+5r/S0MIXrqLemfeh
6+WLQzmYp9GwvL0wHJQo4+3uuB5Dq7w0L8GRBUwUlUvWsVMWPCjpbE4IjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHLHUtF9xics9+n1bioC0LhOnCIaMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvY3NkUzBYM0dKeXozNmZWdUtnTFF1RTZjSWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBSLQAwQA
WfsKMA0GCSqGSIb3DQEBCwUAA4IBAQBiogQySfnozpq0SZ0AzZpxNUw7COAx1nXN
Vpab+82Fn69obLQ46aAMJVj2Oqv5scqYknlQGuWqInjgxQPCizU3SHn1xLaZI7G8
8uftPI+mhis1JdJsgHihMNBKWZK/RS0yBR+k86Q08tapIsWoAAJb/FvUwRTO759O
QCDVWZ9eE8hN384g2Uk7F1lagPzfnPacqXuyMNuUwwXhnlGnYqUT4hBN3+dUL/ep
JWVb8Mu1kC7et43AEEkV07quWuHamzIe6v4BLJFZRcuB+bsct+vDCvPDJOK7Y/mp
KJjP+F2bhrG03NW86DnI73DueBlchVVMgtPI5uQhHZx/w123w8AW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org