Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/Yci6G4jtOS2htBbJADrZl-5wAlA.roa
File: Yci6G4jtOS2htBbJADrZl-5wAlA.roa (raw, json)
Hash identifier: LenbX5ahofUxHqEggmG9kB2PE26I5zkZbZX1A2S8HBo=
Subject key identifier: 61:C8:BA:1B:88:ED:39:2D:A1:B4:16:C9:00:3A:D9:97:EE:70:02:50
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 01857054CC089A729F8EA5C1C0B582213D42
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/Yci6G4jtOS2htBbJADrZl-5wAlA.roa
Signing time: Mon 02 Jan 2023 02:34:43 +0000
ROA not before: Mon 02 Jan 2023 02:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 5.252.22.0/24 maxlen: 24
2a0b:ec82::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:54:cc:08:9a:72:9f:8e:a5:c1:c0:b5:82:21:3d:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jan 2 02:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61c8ba1b88ed392da1b416c9003ad997ee700250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c4:11:a6:a2:46:e4:23:b1:9b:c8:db:4e:ba:
a3:fe:17:db:14:45:d8:b8:96:e3:dc:87:7e:e4:3f:
20:e3:a1:bf:3e:f3:d4:73:54:f3:1a:b2:e3:33:42:
26:46:8a:d6:bf:be:8d:80:86:8a:47:53:f9:9b:a0:
da:26:ac:c7:ae:09:3d:e7:2e:1f:41:7f:84:6c:d3:
43:1d:dc:5d:1b:cb:74:71:0b:ac:7b:a4:16:fa:71:
f5:e3:32:7c:f2:f7:93:6b:31:89:a4:77:53:26:14:
bf:76:5d:ce:cb:6f:68:33:c8:84:86:ce:e0:8d:c0:
27:79:86:9a:82:70:6c:75:7b:5c:2a:1f:56:93:a1:
e3:d1:68:1b:54:c4:27:b7:ca:b4:a6:6b:d9:2d:33:
ff:ca:92:5e:d3:09:ac:90:37:1b:8d:9d:29:e9:c8:
fa:42:8c:a3:8e:c6:3d:55:88:eb:b8:74:64:92:18:
91:2c:22:b4:e4:2e:fe:d5:16:e8:28:85:9a:fe:87:
28:5e:ff:88:d9:6e:0e:29:c1:66:50:60:9d:1f:a2:
b2:4d:85:9e:f8:30:33:4e:fc:0f:30:a3:a3:db:9d:
cc:7d:40:cb:f9:90:ea:a0:98:9a:4d:ef:3b:be:df:
52:fc:e6:c3:c8:c3:e6:cb:64:41:03:c1:d9:a2:47:
22:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C8:BA:1B:88:ED:39:2D:A1:B4:16:C9:00:3A:D9:97:EE:70:02:50
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/Yci6G4jtOS2htBbJADrZl-5wAlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.22.0/24
IPv6:
2a0b:ec82::/32
Signature Algorithm: sha256WithRSAEncryption
70:93:dc:ba:07:db:0e:f1:06:13:76:d2:d0:2c:f5:31:1c:86:
d4:51:e0:0c:93:e0:5e:7b:ef:23:26:e3:f4:19:d2:a6:a1:43:
4f:d5:e2:4d:f2:d6:ff:0a:12:dd:e6:7b:e3:11:e5:13:9b:bc:
0d:61:5f:39:f9:77:4d:ed:77:49:62:33:ed:cc:3a:c6:aa:89:
5f:01:3c:7a:a7:b2:29:04:b8:b1:d6:80:12:01:e1:de:38:5c:
fb:47:0c:73:dd:a2:8d:1f:bf:d3:03:07:92:4f:bb:c3:02:13:
be:e5:84:4c:a3:f5:12:46:55:7e:3a:36:51:69:e3:62:d1:28:
2e:a7:df:f5:8e:d3:84:3f:0c:bf:a3:7e:c1:52:31:72:15:ef:
28:98:2a:ca:b1:b7:7f:7f:a4:15:5e:15:a1:0c:eb:fe:ca:ba:
9d:ce:ee:28:67:ed:09:79:c6:54:0e:8d:3b:7a:1d:2f:08:ba:
fe:f2:11:3d:08:3c:9f:ce:38:c1:ad:ac:dc:9a:bd:30:1e:32:
be:f2:04:cb:42:83:ce:f4:ea:e9:69:d1:53:7e:d6:51:d4:28:
47:17:55:88:8e:73:cd:42:de:a1:8b:ab:dc:1d:b8:0b:ab:4c:
47:61:05:41:12:6f:51:a9:62:47:fb:d3:7b:67:f9:f9:c1:54:
22:70:c4:15
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwVMwImnKfjqXBwLWCIT1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjMwMTAyMDIzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWM4YmExYjg4ZWQzOTJkYTFiNDE2YzkwMDNhZDk5N2VlNzAwMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssQRpqJG5COxm8jbTrqj/hfbFEXY
uJbj3Id+5D8g46G/PvPUc1TzGrLjM0ImRorWv76NgIaKR1P5m6DaJqzHrgk95y4f
QX+EbNNDHdxdG8t0cQuse6QW+nH14zJ88veTazGJpHdTJhS/dl3Oy29oM8iEhs7g
jcAneYaagnBsdXtcKh9Wk6Hj0WgbVMQnt8q0pmvZLTP/ypJe0wmskDcbjZ0p6cj6
QoyjjsY9VYjruHRkkhiRLCK05C7+1RboKIWa/ocoXv+I2W4OKcFmUGCdH6KyTYWe
+DAzTvwPMKOj253MfUDL+ZDqoJiaTe87vt9S/ObDyMPmy2RBA8HZokciiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGHIuhuI7TktobQWyQA62ZfucAJQMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvWWNpNkc0anRPUzJodEJiSkFEclpsLTV3QWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQABfwWMA0E
AgACMAcDBQAqC+yCMA0GCSqGSIb3DQEBCwUAA4IBAQBwk9y6B9sO8QYTdtLQLPUx
HIbUUeAMk+Bee+8jJuP0GdKmoUNP1eJN8tb/ChLd5nvjEeUTm7wNYV85+XdN7XdJ
YjPtzDrGqolfATx6p7IpBLix1oASAeHeOFz7Rwxz3aKNH7/TAweST7vDAhO+5YRM
o/USRlV+OjZRaeNi0Sgup9/1jtOEPwy/o37BUjFyFe8omCrKsbd/f6QVXhWhDOv+
yrqdzu4oZ+0JecZUDo07eh0vCLr+8hE9CDyfzjjBrazcmr0wHjK+8gTLQoPO9Orp
adFTftZR1ChHF1WIjnPNQt6hi6vcHbgLq0xHYQVBEm9RqWJH+9N7Z/n5wVQicMQV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:00 2024 by rpki-client on console-ams.rpki-client.org