Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/3v2CSQ8S1YnTpkeQ79Z5Vwhun10.roa
File: 3v2CSQ8S1YnTpkeQ79Z5Vwhun10.roa (raw, json)
Hash identifier: w0nTx8ZcAZTX+W1ldnqUEijWOvaYVCiuHrlwceqMp1Q=
Subject key identifier: DE:FD:82:49:0F:12:D5:89:D3:A6:47:90:EF:D6:79:57:08:6E:9F:5D
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 0185714C12A1E728CDF1D2C59D77CF3F457C
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/3v2CSQ8S1YnTpkeQ79Z5Vwhun10.roa
Signing time: Mon 02 Jan 2023 07:04:48 +0000
ROA not before: Mon 02 Jan 2023 07:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56844
IP address blocks: 5.133.70.0/24 maxlen: 24
5.133.68.0/23 maxlen: 23
5.133.68.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:12:a1:e7:28:cd:f1:d2:c5:9d:77:cf:3f:45:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jan 2 07:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=defd82490f12d589d3a64790efd67957086e9f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:42:36:55:86:02:d6:35:f8:9e:27:b7:de:4c:
e2:54:84:af:74:3f:27:49:79:c8:48:00:d9:65:5b:
6f:8a:4d:90:b4:e2:b9:d9:62:b4:c0:01:9c:d6:41:
67:c0:f2:35:df:e9:c8:14:57:53:0a:9e:6d:36:c1:
0e:d4:b6:3f:84:92:1c:db:28:33:4c:81:ff:40:52:
49:82:f0:db:8d:b5:37:aa:a0:48:0c:77:c5:65:9e:
eb:38:1a:41:86:a1:7c:df:c9:ac:37:ba:1a:7b:f0:
b1:98:66:dc:65:70:46:0c:eb:c9:c2:51:ca:3d:e3:
2c:1e:d1:f8:c6:69:40:a0:f3:ba:57:49:20:03:1a:
0d:5f:54:5b:03:a0:b6:de:8c:1e:fb:d1:2a:65:6c:
10:bd:4e:0e:82:ca:49:1b:be:2a:d3:df:17:19:1f:
9e:74:29:75:8c:e1:9f:06:64:b3:b3:33:c9:b9:df:
1f:78:a4:b4:96:88:16:76:19:48:4e:eb:82:1e:4f:
8b:b9:63:ba:f5:98:da:26:8e:0c:43:8d:6c:63:d5:
1c:37:86:6d:e8:73:1a:01:71:4d:97:9b:30:0b:e0:
6c:00:90:57:87:f4:c5:f0:a6:b4:2f:70:16:f5:76:
ed:e9:31:ea:37:90:e8:f5:7f:9a:2e:ce:66:bf:35:
0c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:FD:82:49:0F:12:D5:89:D3:A6:47:90:EF:D6:79:57:08:6E:9F:5D
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/3v2CSQ8S1YnTpkeQ79Z5Vwhun10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.68.0-5.133.70.255
Signature Algorithm: sha256WithRSAEncryption
08:58:e6:17:a8:59:45:be:5b:20:cd:43:27:ea:db:0b:e6:09:
65:a3:35:d9:43:0a:79:a3:57:3b:7b:e8:4e:2e:2f:e5:c8:a7:
59:a7:ef:e3:ad:ac:2a:59:f7:0d:49:45:d6:7e:e8:97:15:49:
12:8b:f3:e4:d8:a4:a9:74:cd:6d:09:25:d5:b0:97:45:a7:55:
7f:44:7e:9e:88:15:a8:2c:0f:1e:6a:05:6d:54:38:ca:7b:f8:
34:d9:f3:d8:7c:30:9a:49:78:18:0f:d7:2e:19:c2:83:cf:72:
84:b0:59:7a:f1:43:78:e2:ef:6c:15:4e:65:80:39:2c:df:79:
cd:db:ac:ff:9b:99:31:eb:2a:fb:10:fa:a2:8d:04:23:b3:6a:
13:22:40:7d:15:a6:8d:4f:aa:ed:63:9e:a6:d4:d6:a2:7b:49:
8c:de:f7:cf:58:30:6b:c4:6a:41:da:60:2b:74:8f:5a:a9:99:
ce:95:31:24:94:79:3b:f8:0c:6b:d3:06:a5:40:c1:8f:8a:2c:
26:79:e4:45:6c:26:a8:19:cf:ac:7a:fb:98:10:0b:41:b8:7e:
7b:e3:c0:11:46:50:13:9d:e7:f7:b1:03:1a:ef:fe:1c:18:50:
e4:3e:f8:b5:76:e9:50:5d:08:e4:19:6e:55:36:b6:6b:89:0b:
75:40:5a:da
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxTBKh5yjN8dLFnXfPP0V8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjMwMTAyMDcwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWZkODI0OTBmMTJkNTg5ZDNhNjQ3OTBlZmQ2Nzk1NzA4NmU5ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0I2VYYC1jX4nie33kziVISvdD8n
SXnISADZZVtvik2QtOK52WK0wAGc1kFnwPI13+nIFFdTCp5tNsEO1LY/hJIc2ygz
TIH/QFJJgvDbjbU3qqBIDHfFZZ7rOBpBhqF838msN7oae/CxmGbcZXBGDOvJwlHK
PeMsHtH4xmlAoPO6V0kgAxoNX1RbA6C23owe+9EqZWwQvU4OgspJG74q098XGR+e
dCl1jOGfBmSzszPJud8feKS0logWdhlITuuCHk+LuWO69ZjaJo4MQ41sY9UcN4Zt
6HMaAXFNl5swC+BsAJBXh/TF8Ka0L3AW9Xbt6THqN5Do9X+aLs5mvzUM2wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN79gkkPEtWJ06ZHkO/WeVcIbp9dMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvM3YyQ1NROFMxWW5UcGtlUTc5WjVWd2h1bjEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAIFhUQD
BAAFhUYwDQYJKoZIhvcNAQELBQADggEBAAhY5heoWUW+WyDNQyfq2wvmCWWjNdlD
CnmjVzt76E4uL+XIp1mn7+OtrCpZ9w1JRdZ+6JcVSRKL8+TYpKl0zW0JJdWwl0Wn
VX9Efp6IFagsDx5qBW1UOMp7+DTZ89h8MJpJeBgP1y4ZwoPPcoSwWXrxQ3ji72wV
TmWAOSzfec3brP+bmTHrKvsQ+qKNBCOzahMiQH0Vpo1Pqu1jnqbU1qJ7SYze989Y
MGvEakHaYCt0j1qpmc6VMSSUeTv4DGvTBqVAwY+KLCZ55EVsJqgZz6x6+5gQC0G4
fnvjwBFGUBOd5/exAxrv/hwYUOQ++LV26VBdCOQZblU2tmuJC3VAWto=
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:03 2024 by rpki-client on console-ams.rpki-client.org