Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/R_5-nUSMHut3jMP3Vp5imSZphFo.roa
File: R_5-nUSMHut3jMP3Vp5imSZphFo.roa (raw, json)
Hash identifier: HaXQeR8zyMmqzILx39VrOYH0OinRCLckJYEIu7j/Cw4=
Subject key identifier: 47:FE:7E:9D:44:8C:1E:EB:77:8C:C3:F7:56:9E:62:99:26:69:84:5A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81F5D35999F5A143458E268AF3F844
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/R_5-nUSMHut3jMP3Vp5imSZphFo.roa
Signing time: Sun 01 Jan 2023 13:25:11 +0000
ROA not before: Sun 01 Jan 2023 13:25:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60230
IP address blocks: 31.13.244.0/24 maxlen: 24
87.120.236.0/24 maxlen: 24
94.156.191.0/24 maxlen: 24
31.13.244.99/32 maxlen: 32
2a00:1728:a::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:f5:d3:59:99:f5:a1:43:45:8e:26:8a:f3:f8:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47fe7e9d448c1eeb778cc3f7569e62992669845a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f2:df:ef:9e:5e:c0:5e:7a:c5:8f:8c:eb:f4:
5e:9e:fa:9e:59:16:78:10:07:cd:b7:d7:2c:5e:77:
56:ab:22:94:bc:dc:b5:43:23:ce:4c:eb:a3:9f:f2:
ba:28:07:12:78:79:97:f7:e7:2c:a8:6f:8d:1b:f2:
8a:49:13:98:f5:9f:f4:2f:0c:a1:6c:de:d7:df:6d:
f3:db:da:09:e4:d6:06:78:fb:43:ab:73:ff:97:5c:
62:88:92:dd:ac:09:fa:79:2a:f7:13:37:e3:ce:a8:
e8:6a:7a:58:2b:8e:b0:31:49:af:dd:2e:a8:93:f6:
31:25:62:47:b5:3d:7f:47:cd:39:a4:bc:29:e2:6d:
06:73:9a:e3:c1:52:51:10:26:29:78:4e:b2:10:91:
44:65:b4:a9:7e:ee:1c:2a:52:8f:47:d6:42:29:47:
49:87:1d:07:e6:32:f1:30:20:28:1d:9a:14:7a:74:
1f:43:05:06:dc:e8:31:4f:54:c9:a0:57:2a:61:77:
f5:d6:69:7a:6d:5d:44:9a:c5:cf:ed:d9:a7:2e:6c:
e9:8b:69:7c:a8:a2:93:cf:a2:4b:90:9a:cd:bb:04:
01:47:53:27:f7:59:7f:7e:18:6a:1b:d6:05:c2:ec:
99:89:28:f6:42:b8:a4:03:30:66:1f:91:a7:cb:33:
f5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:FE:7E:9D:44:8C:1E:EB:77:8C:C3:F7:56:9E:62:99:26:69:84:5A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/R_5-nUSMHut3jMP3Vp5imSZphFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.244.0/24
87.120.236.0/24
94.156.191.0/24
IPv6:
2a00:1728:a::/48
Signature Algorithm: sha256WithRSAEncryption
84:1d:22:54:41:03:7b:9c:58:8c:05:d3:7d:10:c8:ff:10:b3:
46:18:c0:46:df:7b:8a:f6:d3:00:bb:ae:c5:0a:2f:c1:48:8d:
c7:ea:3a:dc:98:17:b6:83:df:42:f0:8a:66:59:66:5a:ba:91:
53:a8:5e:e4:8d:4f:91:a0:1d:04:4b:7e:13:cc:d3:03:37:a3:
33:95:bb:af:63:51:3c:3e:2a:d2:d2:d5:8d:68:35:a4:58:ca:
81:d9:89:4a:c3:21:e9:6c:0f:d6:92:08:ff:fb:6a:1a:83:4a:
74:55:75:f2:33:10:cc:e2:e9:18:fb:a9:e4:51:7d:47:ab:c1:
91:29:9a:6e:3f:4c:de:fe:1c:9d:5c:56:39:b4:22:e1:04:3b:
65:f0:7c:03:5f:bd:b4:99:f8:c1:c1:38:e1:0c:af:1c:33:9c:
85:b7:86:1a:04:4d:26:79:a0:4b:a8:bb:5f:19:76:40:d0:38:
fb:3a:3a:42:35:45:41:0d:b5:32:69:88:28:c0:82:a0:bd:cd:
40:b4:c5:9d:a6:d8:77:64:3c:6d:2d:ac:9a:bd:94:1c:8c:33:
ff:5b:1d:2c:82:f3:e1:9b:3c:93:2c:06:47:5b:2d:38:20:7b:
e7:25:b7:9b:6b:93:00:21:5e:93:4d:35:36:5c:3d:02:9a:02:
82:a2:47:13
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVtgfXTWZn1oUNFjiaK8/hEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2ZlN2U5ZDQ0OGMxZWViNzc4Y2MzZjc1NjllNjI5OTI2Njk4NDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovLf755ewF56xY+M6/RenvqeWRZ4
EAfNt9csXndWqyKUvNy1QyPOTOujn/K6KAcSeHmX9+csqG+NG/KKSROY9Z/0Lwyh
bN7X323z29oJ5NYGePtDq3P/l1xiiJLdrAn6eSr3EzfjzqjoanpYK46wMUmv3S6o
k/YxJWJHtT1/R805pLwp4m0Gc5rjwVJRECYpeE6yEJFEZbSpfu4cKlKPR9ZCKUdJ
hx0H5jLxMCAoHZoUenQfQwUG3OgxT1TJoFcqYXf11ml6bV1EmsXP7dmnLmzpi2l8
qKKTz6JLkJrNuwQBR1Mn91l/fhhqG9YFwuyZiSj2QrikAzBmH5GnyzP1FwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEf+fp1EjB7rd4zD91aeYpkmaYRaMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUl81LW5VU01IdXQzak1QM1ZwNWltU1pwaEZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAHw30AwQA
V3jsAwQAXpy/MA8EAgACMAkDBwAqABcoAAowDQYJKoZIhvcNAQELBQADggEBAIQd
IlRBA3ucWIwF030QyP8Qs0YYwEbfe4r20wC7rsUKL8FIjcfqOtyYF7aD30LwimZZ
Zlq6kVOoXuSNT5GgHQRLfhPM0wM3ozOVu69jUTw+KtLS1Y1oNaRYyoHZiUrDIels
D9aSCP/7ahqDSnRVdfIzEMzi6Rj7qeRRfUerwZEpmm4/TN7+HJ1cVjm0IuEEO2Xw
fANfvbSZ+MHBOOEMrxwznIW3hhoETSZ5oEuou18ZdkDQOPs6OkI1RUENtTJpiCjA
gqC9zUC0xZ2m2HdkPG0trJq9lByMM/9bHSyC8+GbPJMsBkdbLTgge+clt5trkwAh
XpNNNTZcPQKaAoKiRxM=
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:11 2024 by rpki-client on console-ams.rpki-client.org