Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/tX0FFT7ACQuxR1nY7uBIMlEkvJY.roa
File: tX0FFT7ACQuxR1nY7uBIMlEkvJY.roa (raw, json)
Hash identifier: yJP+6L/Lpzc1jqTgvIy+r6WfaEktz//mCB256qVxBdo=
Subject key identifier: B5:7D:05:15:3E:C0:09:0B:B1:47:59:D8:EE:E0:48:32:51:24:BC:96
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018C3564B9085D002BC70A22FCA1D622EC9B
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/tX0FFT7ACQuxR1nY7uBIMlEkvJY.roa
Signing time: Mon 04 Dec 2023 15:14:02 +0000
ROA not before: Mon 04 Dec 2023 15:14:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31732
IP address blocks: 5.34.216.0/21 maxlen: 21
188.209.155.0/24 maxlen: 24
2001:16c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:35:64:b9:08:5d:00:2b:c7:0a:22:fc:a1:d6:22:ec:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Dec 4 15:14:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b57d05153ec0090bb14759d8eee048325124bc96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bd:f5:fb:90:56:ce:7a:dd:c2:74:b4:f4:b6:
ad:29:09:11:fb:23:05:d6:ed:af:62:8e:87:98:01:
c5:cc:f0:4d:b0:5d:2d:7c:0e:a6:c8:ed:f8:7d:48:
07:f4:d9:70:23:c2:f3:1a:95:e3:e8:62:61:3a:45:
7c:80:56:7c:ea:4e:d5:6f:de:d8:0c:01:2b:fe:42:
2e:39:75:8e:23:f0:c3:ca:ee:ce:e7:ae:ef:39:db:
1d:02:4a:b5:14:de:b3:0c:7a:53:d1:67:b3:9a:4b:
12:b0:98:d8:73:27:fe:d9:77:ea:b4:ae:ea:2e:ac:
99:23:82:d0:14:8c:95:18:7c:11:2c:8a:68:87:0e:
74:db:60:9f:8c:a9:4d:2f:27:14:43:c2:79:5c:4a:
ff:3f:4e:28:9b:70:01:bc:d3:a4:ea:99:af:ca:42:
29:ce:98:d5:fb:4b:f5:a0:58:9b:ad:c6:e7:48:07:
13:63:a8:82:3c:a4:81:05:93:c8:38:7f:b7:c0:ec:
85:58:53:9e:3a:65:06:68:b7:2a:33:e8:ff:de:ff:
e2:3a:11:6c:2d:51:10:d7:19:15:ba:6e:b8:fa:de:
cc:04:4e:d1:90:15:f2:e6:4b:55:33:31:fd:4e:fc:
55:fc:b6:34:d2:16:6a:04:1f:92:56:51:dc:58:cc:
60:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:7D:05:15:3E:C0:09:0B:B1:47:59:D8:EE:E0:48:32:51:24:BC:96
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/tX0FFT7ACQuxR1nY7uBIMlEkvJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.216.0/21
188.209.155.0/24
IPv6:
2001:16c0::/29
Signature Algorithm: sha256WithRSAEncryption
99:30:df:8d:6f:cb:60:0b:7a:6f:0b:90:95:40:d1:b4:f3:76:
9c:95:7d:25:78:fe:15:a1:bb:f3:e9:d7:f2:d6:69:ee:42:06:
60:1f:f7:d8:81:6e:4a:3e:a1:db:42:68:57:2e:37:16:65:74:
7d:bd:f1:c7:b5:29:9b:91:e2:51:bc:50:c1:97:c8:5e:8f:49:
6c:86:a3:66:97:5c:08:c2:b7:df:17:05:fb:ea:05:23:d0:9d:
fc:64:f0:25:9e:16:a1:85:5c:13:22:90:24:ef:8f:1b:a8:3a:
74:a8:75:d2:d2:dc:9a:6a:0f:47:86:a4:c9:3f:8d:3e:92:dd:
88:7d:34:58:2c:ef:b7:f7:c4:e6:37:ea:3f:74:ba:50:f8:83:
bf:1f:ce:c3:1c:b7:c3:91:0c:99:28:77:ab:5e:3f:cc:61:dc:
7d:cd:eb:c7:62:e3:c5:c3:4f:69:cb:4c:7e:5e:f9:d4:d0:4c:
07:f0:f7:64:61:90:68:85:87:48:84:6e:7b:2a:f5:1e:04:b1:
3d:7d:9f:38:ea:77:14:c9:20:8f:75:d4:38:04:99:27:25:37:
60:a1:c0:9c:a8:80:90:ac:b4:06:13:57:1b:e1:a5:c8:38:b0:
e7:be:8f:9b:2c:50:9f:33:ec:44:02:6f:63:48:09:ae:df:e2:
4d:50:e3:fc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYw1ZLkIXQArxwoi/KHWIuybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMjA0MTUxNDAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTdkMDUxNTNlYzAwOTBiYjE0NzU5ZDhlZWUwNDgzMjUxMjRiYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk731+5BWznrdwnS09LatKQkR+yMF
1u2vYo6HmAHFzPBNsF0tfA6myO34fUgH9NlwI8LzGpXj6GJhOkV8gFZ86k7Vb97Y
DAEr/kIuOXWOI/DDyu7O567vOdsdAkq1FN6zDHpT0WezmksSsJjYcyf+2XfqtK7q
LqyZI4LQFIyVGHwRLIpohw5022CfjKlNLycUQ8J5XEr/P04om3ABvNOk6pmvykIp
zpjV+0v1oFibrcbnSAcTY6iCPKSBBZPIOH+3wOyFWFOeOmUGaLcqM+j/3v/iOhFs
LVEQ1xkVum64+t7MBE7RkBXy5ktVMzH9TvxV/LY00hZqBB+SVlHcWMxg2QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLV9BRU+wAkLsUdZ2O7gSDJRJLyWMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvdFgwRkZUN0FDUXV4UjFuWTd1QklNbEVrdkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBSLYAwQA
vNGbMA0EAgACMAcDBQMgARbAMA0GCSqGSIb3DQEBCwUAA4IBAQCZMN+Nb8tgC3pv
C5CVQNG083aclX0leP4Vobvz6dfy1mnuQgZgH/fYgW5KPqHbQmhXLjcWZXR9vfHH
tSmbkeJRvFDBl8hej0lshqNml1wIwrffFwX76gUj0J38ZPAlnhahhVwTIpAk748b
qDp0qHXS0tyaag9HhqTJP40+kt2IfTRYLO+398TmN+o/dLpQ+IO/H87DHLfDkQyZ
KHerXj/MYdx9zevHYuPFw09py0x+XvnU0EwH8PdkYZBohYdIhG57KvUeBLE9fZ84
6ncUySCPddQ4BJknJTdgocCcqICQrLQGE1cb4aXIOLDnvo+bLFCfM+xEAm9jSAmu
3+JNUOP8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org