Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/hINE8CrNHmUnkdFgMYhs97XIdCI.roa
File: hINE8CrNHmUnkdFgMYhs97XIdCI.roa (raw, json)
Hash identifier: iVA/sES+L6yzg3PGHeXpRyfEB8rLUqMqNILLfG5JZMY=
Subject key identifier: 84:83:44:F0:2A:CD:1E:65:27:91:D1:60:31:88:6C:F7:B5:C8:74:22
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E8A33A8F7F6B8BC7B446099A116011AE2
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/hINE8CrNHmUnkdFgMYhs97XIdCI.roa
Signing time: Fri 29 Mar 2024 12:33:45 +0000
ROA not before: Fri 29 Mar 2024 12:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15468
IP address blocks: 5.143.176.0/20 maxlen: 21
5.143.184.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 10 Apr 2024 10:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8a:33:a8:f7:f6:b8:bc:7b:44:60:99:a1:16:01:1a:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 29 12:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=848344f02acd1e652791d16031886cf7b5c87422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3e:c2:d6:f3:40:b3:64:62:bb:12:5b:0f:80:
4e:a7:53:f9:06:c5:61:8a:40:96:98:09:43:23:07:
52:37:15:8b:b3:b1:b7:26:e2:0e:d5:9c:f7:13:f5:
f3:f5:31:4f:8d:18:6f:41:8f:ca:ed:d6:f1:15:fe:
ba:85:74:18:fb:ae:ea:f2:55:e5:88:3b:cc:4a:05:
ae:52:9f:38:3d:53:cc:2d:c5:e7:fb:e2:0c:c3:a9:
6f:97:8f:a3:53:16:44:10:39:e2:0f:6f:40:81:34:
46:03:68:f2:93:38:bd:a2:53:c5:d5:6c:2d:8d:cf:
fd:51:cf:67:8b:d0:61:d7:8e:d5:49:ec:fe:74:0c:
d1:e8:a6:cd:6f:52:81:ee:0c:50:1f:fd:90:d6:1f:
a5:7e:8a:2e:47:ff:a4:ec:1d:e6:cc:1a:24:a2:72:
8e:75:b8:9f:4c:0e:59:e8:28:27:fb:1e:c0:10:da:
56:59:f9:4e:6b:4e:7e:ec:04:72:30:e0:fa:63:9c:
1a:b8:e7:3e:d9:3f:93:e6:4d:48:59:da:ad:c1:b7:
29:58:e8:f3:9c:c4:c1:1a:f4:0c:64:2d:1c:19:3f:
ca:e4:2f:83:cc:ce:80:bb:e9:1b:e3:11:42:8d:96:
0a:18:86:8c:63:61:b7:6f:72:3a:3c:2d:b6:fc:59:
00:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:83:44:F0:2A:CD:1E:65:27:91:D1:60:31:88:6C:F7:B5:C8:74:22
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/hINE8CrNHmUnkdFgMYhs97XIdCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.143.176.0/20
Signature Algorithm: sha256WithRSAEncryption
1a:a5:54:bb:cb:c6:88:7c:6f:90:48:17:2f:26:6e:1b:47:96:
4d:8c:ed:2b:ce:71:8d:c7:70:37:c2:e3:6c:cf:86:64:74:38:
7e:dc:20:9d:49:c0:f7:10:45:d5:01:1d:95:2f:77:7c:e5:e7:
04:40:83:7f:72:b8:c4:71:ff:5a:00:25:6f:f4:8a:a3:13:54:
58:36:0c:e4:4f:bc:c7:62:0c:5a:19:eb:c7:09:37:14:5a:3a:
b8:13:13:0b:f3:cf:d5:b8:44:34:6f:25:95:b6:53:b8:d6:85:
31:5f:70:21:9e:b3:14:2d:86:8b:d0:a1:7e:5a:97:9b:c6:49:
fc:d2:c7:eb:75:b7:b4:79:f3:54:97:36:3c:80:c1:eb:73:88:
69:80:17:22:f4:c7:56:7d:68:f5:ab:e2:ef:11:8e:e4:9c:9d:
70:0e:b6:1c:87:ff:8e:0a:c0:3a:62:1e:27:8b:46:a1:25:1a:
74:fb:6a:de:c8:b6:59:af:8b:83:34:cf:c0:34:e3:e4:a4:73:
75:0d:44:02:3e:e1:8d:38:d9:5a:9f:5f:d1:f8:80:7d:24:b4:
3d:42:7c:cd:0d:8c:ca:36:46:08:ec:31:94:46:d0:75:96:ea:
b2:9c:52:93:75:6c:ef:0e:6f:be:d5:fa:84:6a:49:0f:8f:bc:
2d:a1:00:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6KM6j39ri8e0RgmaEWARriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMzI5MTIzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDgzNDRmMDJhY2QxZTY1Mjc5MWQxNjAzMTg4NmNmN2I1Yzg3NDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5T7C1vNAs2RiuxJbD4BOp1P5BsVh
ikCWmAlDIwdSNxWLs7G3JuIO1Zz3E/Xz9TFPjRhvQY/K7dbxFf66hXQY+67q8lXl
iDvMSgWuUp84PVPMLcXn++IMw6lvl4+jUxZEEDniD29AgTRGA2jykzi9olPF1Wwt
jc/9Uc9ni9Bh147VSez+dAzR6KbNb1KB7gxQH/2Q1h+lfoouR/+k7B3mzBokonKO
dbifTA5Z6Cgn+x7AENpWWflOa05+7ARyMOD6Y5wauOc+2T+T5k1IWdqtwbcpWOjz
nMTBGvQMZC0cGT/K5C+DzM6Au+kb4xFCjZYKGIaMY2G3b3I6PC22/FkAwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFISDRPAqzR5lJ5HRYDGIbPe1yHQiMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvaElORThDck5IbVVua2RGZ01ZaHM5N1hJZENJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEBY+wMA0G
CSqGSIb3DQEBCwUAA4IBAQAapVS7y8aIfG+QSBcvJm4bR5ZNjO0rznGNx3A3wuNs
z4ZkdDh+3CCdScD3EEXVAR2VL3d85ecEQIN/crjEcf9aACVv9IqjE1RYNgzkT7zH
YgxaGevHCTcUWjq4ExML88/VuEQ0byWVtlO41oUxX3AhnrMULYaL0KF+Wpebxkn8
0sfrdbe0efNUlzY8gMHrc4hpgBci9MdWfWj1q+LvEY7knJ1wDrYch/+OCsA6Yh4n
i0ahJRp0+2reyLZZr4uDNM/ANOPkpHN1DUQCPuGNONlan1/R+IB9JLQ9QnzNDYzK
NkYI7DGURtB1luqynFKTdWzvDm++1fqEakkPj7wtoQAx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:26 2024 by rpki-client on console-ams.rpki-client.org