Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/1AceSDp37EBU8NPYGHe5UPU4qe8.roa
File: 1AceSDp37EBU8NPYGHe5UPU4qe8.roa (raw, json)
Hash identifier: IUOMZmdu0uUuQI+l+nOHYoWcuu0UqC1m3zP8z4I+KmY=
Subject key identifier: D4:07:1E:48:3A:77:EC:40:54:F0:D3:D8:18:77:B9:50:F5:38:A9:EF
Certificate issuer: /CN=b3c51b0c063cfc16943fc9a47e2c805990f6eaae
Certificate serial: 018A4B37D44662EB1AD376E75CC8DB7BF4D3
Authority key identifier: B3:C5:1B:0C:06:3C:FC:16:94:3F:C9:A4:7E:2C:80:59:90:F6:EA:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/1AceSDp37EBU8NPYGHe5UPU4qe8.roa
Signing time: Thu 31 Aug 2023 10:51:04 +0000
ROA not before: Thu 31 Aug 2023 10:51:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197389
IP address blocks: 5.172.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:37:d4:46:62:eb:1a:d3:76:e7:5c:c8:db:7b:f4:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3c51b0c063cfc16943fc9a47e2c805990f6eaae
Validity
Not Before: Aug 31 10:51:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4071e483a77ec4054f0d3d81877b950f538a9ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:da:40:5a:5e:84:1d:21:23:69:6a:e2:4d:3d:
99:6c:89:b1:1b:d9:ba:46:47:6f:2c:4d:9c:4b:bc:
b8:de:62:05:3f:66:83:cc:f8:32:5d:8b:e3:c5:41:
f4:41:68:4a:ec:c5:79:89:14:35:45:d9:03:10:38:
0a:f0:9b:41:6f:07:af:37:5f:11:88:32:9b:68:5e:
4d:41:77:91:37:43:29:92:f3:6e:b6:61:87:54:e9:
9a:83:43:7b:80:95:5f:6a:1f:f3:89:6c:f1:49:15:
7b:8a:e4:e2:b4:c1:33:d9:6c:b4:37:fe:ad:c0:46:
dc:94:15:9a:7e:fe:f6:b8:5b:65:6f:44:f8:0e:70:
26:83:0f:7a:ee:81:ee:be:e9:d9:65:82:79:5e:87:
78:d5:4d:08:87:5c:de:a6:68:a5:b0:b3:c5:93:a0:
cf:66:02:75:7f:d0:6f:c3:61:34:cb:f6:dc:de:64:
82:43:1e:b9:c7:17:47:32:85:5d:7d:2b:0b:72:79:
de:86:4f:10:a7:20:c2:06:7e:a5:99:4c:68:49:89:
9c:38:dd:c4:98:dd:f9:fa:17:6c:0f:87:2b:5d:18:
c5:39:fa:61:ba:14:d1:86:76:01:58:af:09:5d:2a:
25:db:7a:ce:00:84:fa:af:d5:4b:d3:d6:27:0e:4f:
0b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:07:1E:48:3A:77:EC:40:54:F0:D3:D8:18:77:B9:50:F5:38:A9:EF
X509v3 Authority Key Identifier:
keyid:B3:C5:1B:0C:06:3C:FC:16:94:3F:C9:A4:7E:2C:80:59:90:F6:EA:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/1AceSDp37EBU8NPYGHe5UPU4qe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/s8UbDAY8_BaUP8mkfiyAWZD26q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.200.0/24
Signature Algorithm: sha256WithRSAEncryption
33:72:7b:6a:a6:e2:7a:d7:d8:a6:d6:a1:d0:51:16:e6:c9:c5:
28:00:7c:d8:83:26:29:df:b2:ab:09:af:f9:da:52:f7:6f:30:
93:11:48:80:89:3a:f8:bb:cb:94:70:60:14:be:a2:cb:20:04:
01:af:82:ad:1e:9e:2c:79:9b:3b:b7:e5:f7:21:ae:af:ce:9c:
88:23:ac:48:96:a4:45:1d:c6:3a:7c:01:9b:95:53:ad:54:fc:
4f:a8:9e:57:29:36:7a:30:d4:34:dc:f3:7a:a8:8a:1b:69:1c:
d0:63:87:47:30:1b:a3:e4:f9:93:2d:85:d1:23:a3:51:e4:86:
d3:00:71:ec:70:2a:86:89:fe:8e:7b:0d:33:05:28:49:99:21:
e5:c6:6c:6e:68:25:04:14:63:4a:f6:f5:0f:7c:e8:65:8e:7b:
ed:59:4d:40:ee:42:60:f9:37:85:94:20:db:9e:08:99:25:c9:
db:67:cc:ed:ad:0f:7b:6b:b5:43:ab:88:40:b0:ab:cb:a0:72:
a3:bc:12:97:6d:58:d8:b8:16:b9:b6:67:05:99:07:2e:29:ad:
f9:d7:93:b8:2d:88:d4:9f:90:e8:ec:cc:73:bc:45:65:00:94:
b2:58:3b:ea:a3:eb:97:b6:e4:ea:fc:09:dc:bb:92:64:b8:01:
33:ec:9b:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpLN9RGYusa03bnXMjbe/TTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYzUxYjBjMDYzY2ZjMTY5NDNmYzlhNDdlMmM4MDU5OTBm
NmVhYWUwHhcNMjMwODMxMTA1MTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDA3MWU0ODNhNzdlYzQwNTRmMGQzZDgxODc3Yjk1MGY1MzhhOWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNpAWl6EHSEjaWriTT2ZbImxG9m6
RkdvLE2cS7y43mIFP2aDzPgyXYvjxUH0QWhK7MV5iRQ1RdkDEDgK8JtBbwevN18R
iDKbaF5NQXeRN0MpkvNutmGHVOmag0N7gJVfah/ziWzxSRV7iuTitMEz2Wy0N/6t
wEbclBWafv72uFtlb0T4DnAmgw967oHuvunZZYJ5Xod41U0Ih1zepmilsLPFk6DP
ZgJ1f9Bvw2E0y/bc3mSCQx65xxdHMoVdfSsLcnnehk8QpyDCBn6lmUxoSYmcON3E
mN35+hdsD4crXRjFOfphuhTRhnYBWK8JXSol23rOAIT6r9VL09YnDk8LdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQHHkg6d+xAVPDT2Bh3uVD1OKnvMB8GA1UdIwQY
MBaAFLPFGwwGPPwWlD/JpH4sgFmQ9uquMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczhVYkRBWThfQmFVUDhta2ZpeUFXWkQyNnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81ODc3OTItYmFlOS00MTgzLWE0YjEt
ZmY1ZjFhZDY5MjY2LzEvMUFjZVNEcDM3RUJVOE5QWUdIZTVVUFU0cWU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81ODc3OTItYmFlOS00MTgzLWE0YjEtZmY1ZjFhZDY5MjY2
LzEvczhVYkRBWThfQmFVUDhta2ZpeUFXWkQyNnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABazIMA0G
CSqGSIb3DQEBCwUAA4IBAQAzcntqpuJ619im1qHQURbmycUoAHzYgyYp37KrCa/5
2lL3bzCTEUiAiTr4u8uUcGAUvqLLIAQBr4KtHp4seZs7t+X3Ia6vzpyII6xIlqRF
HcY6fAGblVOtVPxPqJ5XKTZ6MNQ03PN6qIobaRzQY4dHMBuj5PmTLYXRI6NR5IbT
AHHscCqGif6Oew0zBShJmSHlxmxuaCUEFGNK9vUPfOhljnvtWU1A7kJg+TeFlCDb
ngiZJcnbZ8ztrQ97a7VDq4hAsKvLoHKjvBKXbVjYuBa5tmcFmQcuKa3515O4LYjU
n5Do7MxzvEVlAJSyWDvqo+uXtuTq/Ancu5JkuAEz7JvV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:49 2024 by rpki-client on console-ams.rpki-client.org