Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/1u31U2ngzsZ9Uo1uvS8jCrX-zu8.roa
File: 1u31U2ngzsZ9Uo1uvS8jCrX-zu8.roa (raw, json)
Hash identifier: O365aKvX4dRkD0j2jIbAMQ73d21GkxcmayIvk9cquDc=
Subject key identifier: D6:ED:F5:53:69:E0:CE:C6:7D:52:8D:6E:BD:2F:23:0A:B5:FE:CE:EF
Certificate issuer: /CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Certificate serial: 01857295E41A67921B40BB1EE4F78F4D6741
Authority key identifier: 5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/1u31U2ngzsZ9Uo1uvS8jCrX-zu8.roa
Signing time: Mon 02 Jan 2023 13:05:03 +0000
ROA not before: Mon 02 Jan 2023 13:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 5.57.80.0/22 maxlen: 22
2001:7f8:17::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:e4:1a:67:92:1b:40:bb:1e:e4:f7:8f:4d:67:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Validity
Not Before: Jan 2 13:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6edf55369e0cec67d528d6ebd2f230ab5feceef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cf:8b:55:f8:e2:ef:42:29:4e:83:fd:33:80:
34:79:03:a7:4a:46:78:9b:0e:d4:18:45:5f:3b:07:
c1:69:ab:e0:38:72:be:05:76:c9:ba:d2:ac:2f:57:
64:a0:e9:8a:d0:51:c3:55:2f:8d:40:62:15:59:f3:
c7:2b:7e:4d:d3:89:7b:b7:4b:86:94:44:ff:4b:de:
22:cf:7e:9e:4d:a2:54:d9:f6:e9:f7:b2:f5:54:ec:
0a:8d:1a:a0:01:78:04:fa:d1:64:5e:b3:ee:ba:49:
6a:5f:fb:91:0e:f1:db:c4:81:42:e0:07:12:4d:86:
06:be:1b:d8:cb:b4:db:4d:c9:17:65:75:6e:59:5a:
e4:76:5c:b0:b2:58:26:e0:84:4a:ba:20:17:23:34:
92:d4:7f:b9:20:28:b0:09:6d:0c:27:89:49:58:e3:
87:7f:02:fd:d2:d9:ea:45:b7:23:7d:32:da:22:f5:
2b:b0:fa:00:40:9c:26:8b:ae:4d:33:ec:21:1c:e6:
ba:f4:88:29:db:99:c7:7b:8c:b4:e5:13:d3:9b:2c:
f5:98:f0:b8:75:66:ce:8e:a6:96:a9:e5:be:09:b7:
66:54:25:4b:2f:4c:20:3c:66:6d:73:78:b6:84:73:
5a:c1:fa:7b:8f:6d:22:7a:52:12:57:34:1f:c7:a5:
52:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:ED:F5:53:69:E0:CE:C6:7D:52:8D:6E:BD:2F:23:0A:B5:FE:CE:EF
X509v3 Authority Key Identifier:
keyid:5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/1u31U2ngzsZ9Uo1uvS8jCrX-zu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.80.0/22
IPv6:
2001:7f8:17::/64
Signature Algorithm: sha256WithRSAEncryption
53:52:90:b5:bf:79:12:39:3b:c7:b0:9d:b3:0a:71:fd:a7:2e:
52:4c:74:7e:d8:3c:db:65:11:f2:ba:bd:0a:98:2f:1e:d6:98:
c8:dc:66:e4:f2:47:73:8b:32:e8:cf:9c:18:e2:af:67:7a:70:
39:3a:04:5e:4f:be:08:59:da:15:d0:71:c4:e6:af:44:84:a4:
06:2d:e3:f1:5d:5f:6b:3e:81:f9:45:2b:37:1c:a2:c5:ce:5c:
19:a0:58:a8:6c:50:40:5d:5b:64:30:1e:23:55:d6:aa:32:7d:
c9:22:57:0b:e5:0a:35:3d:ec:38:d0:c8:ff:83:33:a2:a1:70:
36:07:58:e0:41:9e:30:f1:91:f2:9e:cc:6c:a2:db:d8:1d:8e:
37:8d:05:c2:9a:4d:a8:c2:c4:54:cb:23:d2:30:8e:4d:76:41:
30:89:46:c2:bb:11:9f:92:71:3f:14:63:6b:ab:b7:99:69:62:
24:6e:d0:d9:5c:cd:1f:f2:b8:aa:91:00:67:b1:e5:f2:db:e7:
ff:88:cc:8a:b5:a9:09:59:b1:11:79:f0:d9:1a:3d:2b:eb:e7:
84:ee:ce:e5:2b:b0:51:6d:cb:9b:04:86:75:c4:bc:c3:15:da:
4e:dc:a2:20:b8:ca:8d:b4:81:65:25:1c:22:a8:f8:ca:26:45:
2d:b1:db:3a
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYVyleQaZ5IbQLse5PePTWdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGQwN2I0NWY3ZDgzMTI0YzlmOGMwZmFjMDNiZWMwMjQ2
OGIzN2UwHhcNMjMwMTAyMTMwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmVkZjU1MzY5ZTBjZWM2N2Q1MjhkNmViZDJmMjMwYWI1ZmVjZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8+LVfji70IpToP9M4A0eQOnSkZ4
mw7UGEVfOwfBaavgOHK+BXbJutKsL1dkoOmK0FHDVS+NQGIVWfPHK35N04l7t0uG
lET/S94iz36eTaJU2fbp97L1VOwKjRqgAXgE+tFkXrPuuklqX/uRDvHbxIFC4AcS
TYYGvhvYy7TbTckXZXVuWVrkdlywslgm4IRKuiAXIzSS1H+5ICiwCW0MJ4lJWOOH
fwL90tnqRbcjfTLaIvUrsPoAQJwmi65NM+whHOa69Igp25nHe4y05RPTmyz1mPC4
dWbOjqaWqeW+CbdmVCVLL0wgPGZtc3i2hHNawfp7j20ielISVzQfx6VSVQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFNbt9VNp4M7GfVKNbr0vIwq1/s7vMB8GA1UdIwQY
MBaAFF6NB7RffYMSTJ+MD6wDvsAkaLN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQt
NmM4ZmQ4NGJiNWY1LzEvMXUzMVUybmd6c1o5VW8xdXZTOGpDclgtenU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQtNmM4ZmQ4NGJiNWY1
LzEvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAMBAIAATAGAwQCBTlQMBEE
AgACMAsDCQAgAQf4ABcAADANBgkqhkiG9w0BAQsFAAOCAQEAU1KQtb95Ejk7x7Cd
swpx/acuUkx0ftg822UR8rq9CpgvHtaYyNxm5PJHc4sy6M+cGOKvZ3pwOToEXk++
CFnaFdBxxOavRISkBi3j8V1faz6B+UUrNxyixc5cGaBYqGxQQF1bZDAeI1XWqjJ9
ySJXC+UKNT3sONDI/4MzoqFwNgdY4EGeMPGR8p7MbKLb2B2ON40FwppNqMLEVMsj
0jCOTXZBMIlGwrsRn5JxPxRja6u3mWliJG7Q2VzNH/K4qpEAZ7Hl8tvn/4jMirWp
CVmxEXnw2Ro9K+vnhO7O5SuwUW3LmwSGdcS8wxXaTtyiILjKjbSBZSUcIqj4yiZF
LbHbOg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:42 2024 by rpki-client on console-fra.rpki-client.org