Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/fdnegmmBe_0UYuSXn2fJgvTWCT0.roa
File: fdnegmmBe_0UYuSXn2fJgvTWCT0.roa (raw, json)
Hash identifier: o6aFC6aE7CGwhpPEfSmRDxMfn5un8mpA+Z1StSWz+GY=
Subject key identifier: 7D:D9:DE:82:69:81:7B:FD:14:62:E4:97:9F:67:C9:82:F4:D6:09:3D
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 018733937AB69C2EDC66094DB8959F326966
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/fdnegmmBe_0UYuSXn2fJgvTWCT0.roa
Signing time: Thu 30 Mar 2023 17:31:55 +0000
ROA not before: Thu 30 Mar 2023 17:31:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 5.252.20.0/24 maxlen: 24
5.252.22.0/24 maxlen: 24
5.252.21.0/24 maxlen: 24
2a0b:ec82::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 08 May 2023 14:37:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:33:93:7a:b6:9c:2e:dc:66:09:4d:b8:95:9f:32:69:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Mar 30 17:31:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7dd9de8269817bfd1462e4979f67c982f4d6093d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ab:8b:1f:d5:c5:96:20:9f:65:34:5b:21:3d:
70:ff:1b:30:3e:dd:4b:6c:8f:d0:f7:ee:18:65:cc:
ba:d7:6d:a2:20:1d:30:81:4d:46:f5:d1:c3:68:8c:
cf:2d:ca:1b:6c:0a:ad:ce:68:af:d0:8e:81:8c:a1:
85:54:1f:f9:bd:b6:ce:e0:f0:c6:fc:42:a2:1f:2f:
92:52:71:2b:d4:80:d4:9d:ba:a1:83:ee:4b:76:43:
d1:a0:3d:a7:10:02:46:4d:fe:81:25:8c:02:6c:47:
63:76:8a:f0:03:4a:0a:00:45:51:00:23:69:9d:ae:
a7:29:11:8b:09:d4:4a:03:52:ac:96:09:f9:58:73:
a1:6f:e0:15:d4:5e:99:2e:da:dd:ef:69:09:84:9a:
0c:f2:60:ec:00:20:5e:c9:62:bd:8b:26:df:ff:d7:
60:b3:dc:81:3a:f7:61:ff:2f:46:cc:f1:a3:fc:b2:
cc:85:ca:88:42:f3:5f:48:53:8c:41:3a:df:72:ed:
d2:fb:f6:91:94:28:09:f6:b9:5a:f0:41:ba:1d:c8:
60:dc:ec:0c:28:86:27:0f:47:f4:60:63:87:79:49:
68:00:d2:e4:5b:c9:fd:76:54:72:18:9d:13:95:da:
71:75:d5:94:07:0d:6c:1c:89:da:43:25:64:9c:1f:
86:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D9:DE:82:69:81:7B:FD:14:62:E4:97:9F:67:C9:82:F4:D6:09:3D
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/fdnegmmBe_0UYuSXn2fJgvTWCT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.20.0-5.252.22.255
IPv6:
2a0b:ec82::/32
Signature Algorithm: sha256WithRSAEncryption
41:25:29:1b:29:13:ea:8f:65:62:ec:02:4d:b8:5c:88:57:8a:
63:96:38:05:4a:ad:9d:8d:dc:5e:40:78:6a:62:93:b6:f0:25:
6c:00:04:e3:f6:b4:2c:be:ef:b8:c6:c3:f0:fc:27:a8:78:a4:
c6:98:7c:47:9c:27:d4:4c:16:8a:65:d2:eb:96:b8:d3:2f:6b:
31:d2:2d:f0:82:52:b7:bc:89:5c:8d:33:e8:fa:f6:3e:db:05:
f6:29:99:00:04:66:ac:63:c4:1f:66:7d:58:96:5b:28:25:fb:
de:48:84:1a:f7:94:f9:45:c7:4b:8b:e4:88:be:a8:61:d5:d9:
5d:2d:1d:12:51:25:fd:db:7f:b7:46:08:44:55:57:63:e0:82:
ca:50:1b:8a:e7:9b:cd:c1:94:59:32:94:84:91:b5:d8:7c:30:
47:b0:da:4e:f8:01:e5:78:ab:78:b0:87:70:ff:49:b1:3a:64:
d2:63:00:e4:60:2a:35:ef:94:3f:df:c9:1b:88:8b:14:37:1f:
33:c3:1a:86:d5:62:f7:2f:a9:de:cb:2e:91:1b:79:71:d5:ca:
f5:86:52:96:ed:ea:93:8e:67:82:07:5d:36:1f:fc:bd:dd:c0:
c7:1c:b0:8f:f0:8b:14:37:f1:3f:2d:e4:d0:c0:a3:f9:4e:14:
8b:3a:1f:76
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYczk3q2nC7cZglNuJWfMmlmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjMwMzMwMTczMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGQ5ZGU4MjY5ODE3YmZkMTQ2MmU0OTc5ZjY3Yzk4MmY0ZDYwOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkauLH9XFliCfZTRbIT1w/xswPt1L
bI/Q9+4YZcy6122iIB0wgU1G9dHDaIzPLcobbAqtzmiv0I6BjKGFVB/5vbbO4PDG
/EKiHy+SUnEr1IDUnbqhg+5LdkPRoD2nEAJGTf6BJYwCbEdjdorwA0oKAEVRACNp
na6nKRGLCdRKA1Kslgn5WHOhb+AV1F6ZLtrd72kJhJoM8mDsACBeyWK9iybf/9dg
s9yBOvdh/y9GzPGj/LLMhcqIQvNfSFOMQTrfcu3S+/aRlCgJ9rla8EG6Hchg3OwM
KIYnD0f0YGOHeUloANLkW8n9dlRyGJ0TldpxddWUBw1sHInaQyVknB+GZQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFH3Z3oJpgXv9FGLkl59nyYL01gk9MB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvZmRuZWdtbUJlXzBVWXVTWG4yZkpndlRXQ1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAIF/BQD
BAAF/BYwDQQCAAIwBwMFACoL7IIwDQYJKoZIhvcNAQELBQADggEBAEElKRspE+qP
ZWLsAk24XIhXimOWOAVKrZ2N3F5AeGpik7bwJWwABOP2tCy+77jGw/D8J6h4pMaY
fEecJ9RMFopl0uuWuNMvazHSLfCCUre8iVyNM+j69j7bBfYpmQAEZqxjxB9mfViW
Wygl+95IhBr3lPlFx0uL5Ii+qGHV2V0tHRJRJf3bf7dGCERVV2PggspQG4rnm83B
lFkylISRtdh8MEew2k74AeV4q3iwh3D/SbE6ZNJjAORgKjXvlD/fyRuIixQ3HzPD
GobVYvcvqd7LLpEbeXHVyvWGUpbt6pOOZ4IHXTYf/L3dwMccsI/wixQ38T8t5NDA
o/lOFIs6H3Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:00 2024 by rpki-client on console-ams.rpki-client.org