Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/8B-QKOHSAARuWwaetRZEQ2YuLyk.roa
File: 8B-QKOHSAARuWwaetRZEQ2YuLyk.roa (raw, json)
Hash identifier: 2Fkf8NPJA6k3zLk5nFVGwHp5cD/1sgd8XxZkCs68WIE=
Subject key identifier: F0:1F:90:28:E1:D2:00:04:6E:5B:06:9E:B5:16:44:43:66:2E:2F:29
Certificate issuer: /CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Certificate serial: 0188B4C18D82937AAF97CE1AEDC53149FA71
Authority key identifier: 5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/8B-QKOHSAARuWwaetRZEQ2YuLyk.roa
Signing time: Tue 13 Jun 2023 12:36:03 +0000
ROA not before: Tue 13 Jun 2023 12:36:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8330
IP address blocks: 5.57.88.0/21 maxlen: 21
2001:7f8:17::/48 maxlen: 48
2a00:eb20:abcd::/48 maxlen: 48
2a00:eb20::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 19 Jun 2023 23:25:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b4:c1:8d:82:93:7a:af:97:ce:1a:ed:c5:31:49:fa:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Validity
Not Before: Jun 13 12:36:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f01f9028e1d200046e5b069eb5164443662e2f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:2a:fc:7a:e9:f5:b5:8a:92:af:b0:d2:b1:a5:
59:ae:30:27:a2:b3:54:de:56:85:61:62:c1:05:34:
1b:dd:7b:9c:72:0f:0f:37:60:11:23:85:0d:d3:00:
90:55:c3:45:d6:e9:f3:de:68:6d:84:be:f9:79:12:
f1:ae:93:74:d3:b9:fd:d6:49:f5:da:5e:2e:a0:1e:
e8:ce:fd:d0:4c:cc:7d:d9:ba:c4:a4:fd:b5:d0:2a:
f9:71:ce:b7:00:cb:a9:a8:ad:49:2b:2c:44:30:5c:
44:4a:9e:0c:89:a6:5b:f8:aa:59:4f:31:96:78:bf:
d7:3c:62:c5:7e:64:46:c5:f2:cb:24:76:87:3d:0d:
0d:de:51:b2:7c:c3:91:09:b2:c3:33:27:e0:07:99:
a6:c1:7b:52:08:90:01:a3:3b:98:10:01:e5:46:bb:
5f:c5:2f:93:ab:f5:25:95:cc:ed:96:b0:41:f7:5e:
6a:34:05:a3:7a:5f:23:8c:af:90:2f:10:11:8e:74:
28:46:58:e7:2c:7e:a5:0c:dc:24:a5:36:32:1f:f0:
0c:b1:9d:01:d5:9d:7b:5e:07:7c:92:32:bc:db:c6:
d2:b6:00:96:e3:65:a8:a7:01:36:7c:28:28:3f:42:
1e:27:d2:22:c5:29:4f:4b:18:7b:42:cb:3d:62:ca:
68:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:1F:90:28:E1:D2:00:04:6E:5B:06:9E:B5:16:44:43:66:2E:2F:29
X509v3 Authority Key Identifier:
keyid:5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/8B-QKOHSAARuWwaetRZEQ2YuLyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.88.0/21
IPv6:
2001:7f8:17::/48
2a00:eb20::/32
Signature Algorithm: sha256WithRSAEncryption
19:5c:71:da:1e:17:aa:47:d0:dc:7c:24:ce:c0:d2:67:9b:da:
0a:59:f2:6d:06:52:a5:08:cc:c2:eb:ca:1b:e6:80:dd:08:a8:
ea:63:98:c9:e4:21:a2:a8:11:1f:69:a9:b7:ca:33:79:0f:33:
62:91:ea:d5:d8:f7:4b:cb:95:66:50:62:b7:45:e5:2e:5d:7a:
22:b9:49:45:fa:af:72:2d:77:18:8c:76:0c:f1:bd:4a:21:bf:
5f:83:c9:03:8e:5d:79:91:17:a8:da:8f:f4:91:77:2c:6c:6f:
50:7b:b8:0c:ed:ec:b6:6e:4f:fe:73:f8:83:a1:4f:a9:09:31:
57:8c:6a:5f:f0:b3:1b:3c:aa:26:bc:b8:cd:86:7e:38:ab:38:
02:82:d5:79:e9:4d:f3:93:e6:ee:1e:24:6c:e8:29:02:4e:c7:
f9:b8:b8:f4:69:63:f9:6c:dc:60:c7:61:a7:22:ad:bc:d1:4b:
7e:e4:e6:a3:bf:47:49:56:a3:62:7a:9b:2f:1b:f3:9f:73:9d:
12:c7:da:27:61:50:92:8b:1a:e1:22:e8:fc:3e:f0:77:83:36:
85:4a:7b:dd:9d:08:40:b9:fb:30:80:13:9b:9b:c1:b3:1a:68:
1a:85:ee:ae:1a:da:f3:db:57:2c:9b:8b:cf:97:3f:ed:a4:68:
eb:a5:a1:e4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYi0wY2Ck3qvl84a7cUxSfpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGQwN2I0NWY3ZDgzMTI0YzlmOGMwZmFjMDNiZWMwMjQ2
OGIzN2UwHhcNMjMwNjEzMTIzNjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDFmOTAyOGUxZDIwMDA0NmU1YjA2OWViNTE2NDQ0MzY2MmUyZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Cr8eun1tYqSr7DSsaVZrjAnorNU
3laFYWLBBTQb3Xuccg8PN2ARI4UN0wCQVcNF1unz3mhthL75eRLxrpN007n91kn1
2l4uoB7ozv3QTMx92brEpP210Cr5cc63AMupqK1JKyxEMFxESp4MiaZb+KpZTzGW
eL/XPGLFfmRGxfLLJHaHPQ0N3lGyfMORCbLDMyfgB5mmwXtSCJABozuYEAHlRrtf
xS+Tq/UllcztlrBB915qNAWjel8jjK+QLxARjnQoRljnLH6lDNwkpTYyH/AMsZ0B
1Z17Xgd8kjK828bStgCW42WopwE2fCgoP0IeJ9IixSlPSxh7Qss9YspoLwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPAfkCjh0gAEblsGnrUWRENmLi8pMB8GA1UdIwQY
MBaAFF6NB7RffYMSTJ+MD6wDvsAkaLN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQt
NmM4ZmQ4NGJiNWY1LzEvOEItUUtPSFNBQVJ1V3dhZXRSWkVRMll1THlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQtNmM4ZmQ4NGJiNWY1
LzEvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQDBTlYMBYE
AgACMBADBwAgAQf4ABcDBQAqAOsgMA0GCSqGSIb3DQEBCwUAA4IBAQAZXHHaHheq
R9DcfCTOwNJnm9oKWfJtBlKlCMzC68ob5oDdCKjqY5jJ5CGiqBEfaam3yjN5DzNi
kerV2PdLy5VmUGK3ReUuXXoiuUlF+q9yLXcYjHYM8b1KIb9fg8kDjl15kReo2o/0
kXcsbG9Qe7gM7ey2bk/+c/iDoU+pCTFXjGpf8LMbPKomvLjNhn44qzgCgtV56U3z
k+buHiRs6CkCTsf5uLj0aWP5bNxgx2GnIq280Ut+5Oajv0dJVqNiepsvG/Ofc50S
x9onYVCSixrhIuj8PvB3gzaFSnvdnQhAufswgBObm8GzGmgahe6uGtrz21csm4vP
lz/tpGjrpaHk
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:16 2024 by rpki-client on console-ams.rpki-client.org