Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/uW4cMA9pV8f3ca11iY0rpawF1ew.roa
File: uW4cMA9pV8f3ca11iY0rpawF1ew.roa (raw, json)
Hash identifier: nIcFNTTMUSX+MR/DunEk7TzKIazGwcG41r9Qr/EYX9k=
Subject key identifier: B9:6E:1C:30:0F:69:57:C7:F7:71:AD:75:89:8D:2B:A5:AC:05:D5:EC
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E9918D4B9D42823E04C3C89968667DF05
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/uW4cMA9pV8f3ca11iY0rpawF1ew.roa
Signing time: Mon 01 Apr 2024 09:58:45 +0000
ROA not before: Mon 01 Apr 2024 09:58:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12332
IP address blocks: 5.143.112.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 02 Apr 2024 04:32:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:99:18:d4:b9:d4:28:23:e0:4c:3c:89:96:86:67:df:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 1 09:58:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b96e1c300f6957c7f771ad75898d2ba5ac05d5ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:01:70:6a:3f:a0:88:57:65:76:24:fe:33:df:
fb:2c:76:05:70:42:db:6d:9c:5b:bc:2b:eb:cc:bb:
db:ce:d2:53:49:c3:43:1e:49:3d:95:75:1e:a0:1c:
cb:11:b6:2c:1d:5f:49:a5:fe:82:e2:21:20:a7:43:
8f:aa:5c:41:93:2f:29:01:0c:e1:4c:51:31:89:bc:
04:e8:86:37:48:84:12:ea:a2:3c:8e:2a:f9:c1:3c:
70:9f:d4:fe:37:76:68:26:36:ce:d1:bf:3d:ef:ce:
e2:80:42:14:56:8b:3a:80:2b:6d:65:d8:97:84:c5:
5c:9d:a1:c6:c6:7d:fb:d6:b4:99:a4:71:02:27:21:
a2:61:65:2b:14:6d:e6:a7:cb:75:5d:20:1b:39:9b:
e2:93:c9:a7:1b:01:a1:4a:df:c4:98:bb:26:17:32:
22:72:e3:7e:57:58:7a:c6:84:a6:ef:b6:50:72:14:
00:d6:ff:40:04:0b:80:53:78:92:76:ef:61:50:5c:
ec:8e:7a:20:ab:0a:70:75:d4:47:50:60:f7:70:c3:
ed:12:10:5a:23:9b:e8:73:4b:75:28:1e:cd:32:88:
81:cd:b7:5f:ee:e1:45:1e:f1:35:40:a5:31:21:b6:
7c:23:fb:a1:32:3e:76:28:f7:f2:d9:12:34:f5:b1:
37:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:6E:1C:30:0F:69:57:C7:F7:71:AD:75:89:8D:2B:A5:AC:05:D5:EC
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/uW4cMA9pV8f3ca11iY0rpawF1ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.143.112.0/20
Signature Algorithm: sha256WithRSAEncryption
52:7b:c8:18:f3:f5:1d:cf:7c:b3:c5:61:1c:3e:04:4d:05:98:
0a:06:2a:57:80:28:7d:86:e1:92:27:2f:61:b8:af:e0:0c:a6:
d6:8e:11:b3:8f:84:c9:2d:70:6d:e8:cf:4b:1c:6e:96:55:e4:
15:61:75:bd:03:b3:66:a9:1c:ef:12:ac:20:38:08:f3:f8:e0:
29:13:53:32:9e:2b:e6:6b:5f:6e:b2:93:76:4a:ed:58:e1:18:
19:72:39:38:a4:52:69:63:9f:79:a2:72:11:7a:ed:4e:22:7d:
ca:05:ea:2f:52:ee:06:ef:67:23:ed:91:9f:0d:f9:a8:a5:96:
e9:3a:a1:50:69:bf:38:09:f5:34:7d:bf:cc:98:3d:a1:8b:cd:
e1:7e:52:7e:36:91:6a:4c:e8:d8:b8:ec:77:4c:19:0e:c1:d7:
2e:71:44:5a:28:43:80:bc:cc:20:3b:77:de:f7:f2:72:03:b4:
6b:28:4f:73:45:2d:83:0a:9c:f1:a9:4e:2d:9a:e8:44:c2:48:
7a:fd:78:0e:1f:7b:36:dd:1e:1e:22:f2:2e:56:4c:4e:d2:91:
9a:d4:c7:f8:44:62:68:c9:48:b0:cd:de:46:37:22:1e:80:7c:
fa:0f:1c:22:f4:21:9c:f0:64:a1:0e:ba:57:0a:c5:c2:03:e4:
b4:94:4b:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6ZGNS51Cgj4Ew8iZaGZ98FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDAxMDk1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTZlMWMzMDBmNjk1N2M3Zjc3MWFkNzU4OThkMmJhNWFjMDVkNWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAFwaj+giFdldiT+M9/7LHYFcELb
bZxbvCvrzLvbztJTScNDHkk9lXUeoBzLEbYsHV9Jpf6C4iEgp0OPqlxBky8pAQzh
TFExibwE6IY3SIQS6qI8jir5wTxwn9T+N3ZoJjbO0b89787igEIUVos6gCttZdiX
hMVcnaHGxn371rSZpHECJyGiYWUrFG3mp8t1XSAbOZvik8mnGwGhSt/EmLsmFzIi
cuN+V1h6xoSm77ZQchQA1v9ABAuAU3iSdu9hUFzsjnogqwpwddRHUGD3cMPtEhBa
I5voc0t1KB7NMoiBzbdf7uFFHvE1QKUxIbZ8I/uhMj52KPfy2RI09bE35wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLluHDAPaVfH93GtdYmNK6WsBdXsMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvdVc0Y01BOXBWOGYzY2ExMWlZMHJwYXdGMWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEBY9wMA0G
CSqGSIb3DQEBCwUAA4IBAQBSe8gY8/Udz3yzxWEcPgRNBZgKBipXgCh9huGSJy9h
uK/gDKbWjhGzj4TJLXBt6M9LHG6WVeQVYXW9A7NmqRzvEqwgOAjz+OApE1Mynivm
a19uspN2Su1Y4RgZcjk4pFJpY595onIReu1OIn3KBeovUu4G72cj7ZGfDfmopZbp
OqFQab84CfU0fb/MmD2hi83hflJ+NpFqTOjYuOx3TBkOwdcucURaKEOAvMwgO3fe
9/JyA7RrKE9zRS2DCpzxqU4tmuhEwkh6/XgOH3s23R4eIvIuVkxO0pGa1Mf4RGJo
yUiwzd5GNyIegHz6Dxwi9CGc8GShDrpXCsXCA+S0lEts
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:26 2024 by rpki-client on console-ams.rpki-client.org