Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/pTNu06aU3spoi11QQ-zY1x3Jw3A.roa
File: pTNu06aU3spoi11QQ-zY1x3Jw3A.roa (raw, json)
Hash identifier: cacq3Inoo+Rul0g4bnFdttWdyyaNzif9dhHS9beTaeo=
Subject key identifier: A5:33:6E:D3:A6:94:DE:CA:68:8B:5D:50:43:EC:D8:D7:1D:C9:C3:70
Certificate issuer: /CN=75386a6fae1e55f576a405bd74b7f08e7a6c4653
Certificate serial: 0187DB807ACDD2278693012B2D3D588E6B70
Authority key identifier: 75:38:6A:6F:AE:1E:55:F5:76:A4:05:BD:74:B7:F0:8E:7A:6C:46:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dThqb64eVfV2pAW9dLfwjnpsRlM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/pTNu06aU3spoi11QQ-zY1x3Jw3A.roa
Signing time: Tue 02 May 2023 08:07:23 +0000
ROA not before: Tue 02 May 2023 08:07:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 84.252.112.0/24 maxlen: 24
84.252.115.0/24 maxlen: 24
84.252.114.0/24 maxlen: 24
84.252.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:80:7a:cd:d2:27:86:93:01:2b:2d:3d:58:8e:6b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75386a6fae1e55f576a405bd74b7f08e7a6c4653
Validity
Not Before: May 2 08:07:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5336ed3a694deca688b5d5043ecd8d71dc9c370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0a:76:24:b9:6b:1d:a1:5b:02:c1:df:1a:5f:
bf:f2:73:1e:86:7d:99:e0:17:44:10:78:45:66:cd:
80:50:7d:aa:85:29:ae:cf:1f:b5:be:f6:e6:cf:d1:
64:15:c4:47:64:8e:50:34:9f:92:71:86:96:73:ee:
2f:57:47:8c:cf:53:23:c1:35:21:0c:52:66:e3:23:
29:90:57:16:ac:9e:2c:87:4d:38:58:4f:c9:9e:97:
51:5c:a5:56:fe:2b:76:fb:2c:43:a2:94:f0:a6:4d:
8d:b6:4a:79:e4:63:a3:f9:08:5d:f6:d5:3d:df:38:
b0:33:b5:d3:7a:e9:f0:05:38:8f:9b:f8:01:95:75:
e4:05:27:70:db:b5:36:f9:47:5a:33:ce:ac:3b:2b:
3a:a1:0c:28:85:2f:f3:24:36:b7:27:46:f0:b2:96:
80:c1:48:ce:a2:b5:2d:cc:3f:7f:ae:6e:8b:fc:f4:
c8:9b:39:fa:cf:30:bd:98:8a:67:28:8d:45:b8:b6:
9a:cf:e6:b8:c3:9e:80:6a:6e:4b:ee:d9:ef:d5:4c:
4e:f9:f5:e7:bf:8f:b2:d8:a8:ba:b1:b8:4c:99:28:
4b:7c:e2:6f:a9:06:99:cf:19:61:77:f8:a8:80:c0:
1e:7f:53:00:ba:7b:79:45:36:3e:b4:da:8a:33:8d:
9d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:33:6E:D3:A6:94:DE:CA:68:8B:5D:50:43:EC:D8:D7:1D:C9:C3:70
X509v3 Authority Key Identifier:
keyid:75:38:6A:6F:AE:1E:55:F5:76:A4:05:BD:74:B7:F0:8E:7A:6C:46:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dThqb64eVfV2pAW9dLfwjnpsRlM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/pTNu06aU3spoi11QQ-zY1x3Jw3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/dThqb64eVfV2pAW9dLfwjnpsRlM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.112.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:56:d3:6b:89:ee:45:4a:99:03:13:bc:37:4d:cf:2d:51:f1:
29:e9:b1:aa:f2:44:3f:92:5b:53:f8:8a:d0:5c:c6:6e:bd:1a:
39:8b:6b:81:dc:93:19:ad:bf:0d:9e:62:d5:30:ad:62:a0:09:
d6:ef:fb:12:a9:fb:ed:e2:02:bd:b7:b0:d5:dd:f5:ba:9a:fb:
fb:b7:e0:f7:10:2f:ab:69:8e:54:78:eb:0f:e2:d1:b7:c4:d0:
bb:92:b9:c3:d2:dd:7c:a4:8c:8d:20:2e:78:5a:fa:b0:6f:bc:
48:6a:e6:e4:6c:bd:7a:43:77:22:02:82:08:8b:87:fd:3a:80:
e3:2a:df:9f:02:50:fe:81:03:e4:2d:bd:a6:c5:10:93:e4:39:
ce:77:44:6c:d3:7a:6b:02:d4:3e:c2:f9:4d:3a:9b:8b:fa:b8:
41:a8:93:a2:56:da:1a:57:f4:d2:5d:b5:64:ab:84:4d:d9:54:
52:1d:a3:aa:61:c5:fa:da:4d:c7:fd:13:ec:9d:3a:5e:f6:29:
15:9d:07:46:a2:a5:a2:db:43:0d:f6:e7:f0:a6:ff:22:bb:7b:
bf:e3:3d:1c:58:ae:85:f7:6a:93:cd:0d:7e:fa:3f:d1:65:d6:
ad:89:10:40:4d:ff:04:e7:a0:44:11:6a:92:46:de:d7:a2:96:
5a:f3:59:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfbgHrN0ieGkwErLT1YjmtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1Mzg2YTZmYWUxZTU1ZjU3NmE0MDViZDc0YjdmMDhlN2E2
YzQ2NTMwHhcNMjMwNTAyMDgwNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTMzNmVkM2E2OTRkZWNhNjg4YjVkNTA0M2VjZDhkNzFkYzljMzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQp2JLlrHaFbAsHfGl+/8nMehn2Z
4BdEEHhFZs2AUH2qhSmuzx+1vvbmz9FkFcRHZI5QNJ+ScYaWc+4vV0eMz1MjwTUh
DFJm4yMpkFcWrJ4sh004WE/JnpdRXKVW/it2+yxDopTwpk2Ntkp55GOj+Qhd9tU9
3ziwM7XTeunwBTiPm/gBlXXkBSdw27U2+UdaM86sOys6oQwohS/zJDa3J0bwspaA
wUjOorUtzD9/rm6L/PTImzn6zzC9mIpnKI1FuLaaz+a4w56Aam5L7tnv1UxO+fXn
v4+y2Ki6sbhMmShLfOJvqQaZzxlhd/iogMAef1MAunt5RTY+tNqKM42dmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKUzbtOmlN7KaItdUEPs2NcdycNwMB8GA1UdIwQY
MBaAFHU4am+uHlX1dqQFvXS38I56bEZTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFRocWI2NGVWZlYycEFXOWRMZndqbnBzUmxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9kOWEwMWMtNWM5MS00ZDAwLWEwOWEt
Zjg3OTJmNTc3YjlhLzEvcFROdTA2YVUzc3BvaTExUVEtelkxeDNKdzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9kOWEwMWMtNWM5MS00ZDAwLWEwOWEtZjg3OTJmNTc3Yjlh
LzEvZFRocWI2NGVWZlYycEFXOWRMZndqbnBzUmxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVPxwMA0G
CSqGSIb3DQEBCwUAA4IBAQAKVtNrie5FSpkDE7w3Tc8tUfEp6bGq8kQ/kltT+IrQ
XMZuvRo5i2uB3JMZrb8NnmLVMK1ioAnW7/sSqfvt4gK9t7DV3fW6mvv7t+D3EC+r
aY5UeOsP4tG3xNC7krnD0t18pIyNIC54Wvqwb7xIaubkbL16Q3ciAoIIi4f9OoDj
Kt+fAlD+gQPkLb2mxRCT5DnOd0Rs03prAtQ+wvlNOpuL+rhBqJOiVtoaV/TSXbVk
q4RN2VRSHaOqYcX62k3H/RPsnTpe9ikVnQdGoqWi20MN9ufwpv8iu3u/4z0cWK6F
92qTzQ1++j/RZdatiRBATf8E56BEEWqSRt7XopZa81no
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:14 2024 by rpki-client on console-ams.rpki-client.org