Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/69zVgIwLtMnfCyF7sW7Rzoex6fs.roa
File: 69zVgIwLtMnfCyF7sW7Rzoex6fs.roa (raw, json)
Hash identifier: jtF2IDMHhiM7lA4M83RY55+qlUyniA18EjpwmqLbzgA=
Subject key identifier: EB:DC:D5:80:8C:0B:B4:C9:DF:0B:21:7B:B1:6E:D1:CE:87:B1:E9:FB
Certificate issuer: /CN=fe92ef35321bf8f722734bff9dfa63fbd0f0690a
Certificate serial: 01856D4AABB5DE7E2C2016EBB1577604D843
Authority key identifier: FE:92:EF:35:32:1B:F8:F7:22:73:4B:FF:9D:FA:63:FB:D0:F0:69:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_pLvNTIb-Pcic0v_nfpj-9DwaQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/69zVgIwLtMnfCyF7sW7Rzoex6fs.roa
Signing time: Sun 01 Jan 2023 12:24:48 +0000
ROA not before: Sun 01 Jan 2023 12:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212559
IP address blocks: 5.1.42.0/24 maxlen: 24
91.243.118.0/24 maxlen: 24
2a10:78c0::/29 maxlen: 32
2a11:2900::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:ab:b5:de:7e:2c:20:16:eb:b1:57:76:04:d8:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe92ef35321bf8f722734bff9dfa63fbd0f0690a
Validity
Not Before: Jan 1 12:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebdcd5808c0bb4c9df0b217bb16ed1ce87b1e9fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:25:9e:6c:cd:d7:29:04:07:db:b0:2e:8d:fa:
e7:ed:25:2e:c9:d2:15:62:51:63:b9:09:73:c1:9e:
4b:d6:35:25:b3:e3:35:3d:2c:bd:45:6d:41:f5:ad:
92:f1:84:9b:51:7d:ef:0c:c0:4b:3b:18:94:16:b9:
31:9b:48:1b:8a:c3:9f:da:dc:8f:f6:54:d7:6e:22:
bc:b8:77:5e:42:ec:83:22:74:a7:e2:6e:9e:d6:8e:
4b:8d:b2:15:2a:29:aa:90:e5:95:23:0a:e9:6c:a8:
c8:40:d0:9d:c7:93:35:e9:a3:fe:16:e5:e3:c4:8a:
3c:e1:05:4a:6d:3a:fe:5a:24:86:a9:d1:6c:ae:5e:
0b:2d:59:86:66:b7:27:31:65:b4:3a:4d:5c:1c:c2:
95:f5:ef:be:d6:f9:45:78:b8:0b:2c:3c:82:85:4f:
e5:6a:90:d9:88:d6:e5:be:bb:f6:e0:0d:1e:91:a3:
d4:58:4b:ad:95:68:6f:49:57:ad:79:4f:10:a1:8b:
36:72:d4:de:c0:ca:af:ca:ba:fc:a0:01:bf:90:04:
72:e4:6d:5f:03:ea:ac:21:85:3f:f9:23:3e:25:13:
a2:a5:11:8f:72:32:2b:4a:56:e1:06:b4:b6:de:25:
e0:44:05:bf:1c:93:8c:25:da:d0:30:3f:c6:46:c1:
79:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:DC:D5:80:8C:0B:B4:C9:DF:0B:21:7B:B1:6E:D1:CE:87:B1:E9:FB
X509v3 Authority Key Identifier:
keyid:FE:92:EF:35:32:1B:F8:F7:22:73:4B:FF:9D:FA:63:FB:D0:F0:69:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_pLvNTIb-Pcic0v_nfpj-9DwaQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/69zVgIwLtMnfCyF7sW7Rzoex6fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/_pLvNTIb-Pcic0v_nfpj-9DwaQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.42.0/24
91.243.118.0/24
IPv6:
2a10:78c0::/29
2a11:2900::/29
Signature Algorithm: sha256WithRSAEncryption
5d:34:6c:f7:a9:02:fb:a9:9a:0a:3c:34:79:3c:f0:c9:15:fe:
2e:87:fd:2f:fa:17:ae:1a:38:90:0b:b6:76:f3:52:37:55:2c:
b2:d8:ed:63:21:e1:93:c1:8a:3c:6d:89:51:eb:7b:6d:27:ab:
19:75:63:d1:4e:15:4a:50:63:00:c8:11:55:38:9e:c0:bb:d3:
d9:29:05:55:9a:3a:8e:e1:50:0b:9a:01:2c:e2:d2:71:a6:d1:
5e:48:34:f8:de:5c:48:0c:f2:b8:86:06:36:91:fe:2d:e7:67:
5e:0b:a1:41:a2:a2:bb:a7:13:64:9f:2b:77:74:66:cb:b9:14:
5f:74:65:1b:7a:8f:f5:67:df:7f:b8:95:78:49:7b:47:7c:ba:
81:01:fd:1a:b6:3c:db:e7:fc:20:2b:0b:3f:5b:3c:24:3a:86:
33:91:cb:a7:fa:19:1b:8c:e9:11:b2:03:23:2a:95:47:01:61:
4a:9c:c6:4a:8d:2c:d4:46:93:f2:61:fe:4d:c7:da:02:54:91:
e8:22:03:20:03:7d:eb:75:ba:0c:8b:8d:21:6e:4d:4a:9b:fe:
e9:21:1b:47:41:47:e8:a2:f0:03:23:bf:90:f0:c3:ac:2e:f1:
75:27:c5:8a:e1:2d:1d:44:76:6e:68:e1:90:62:3b:d8:0a:a8:
b5:f2:88:b6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVtSqu13n4sIBbrsVd2BNhDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlOTJlZjM1MzIxYmY4ZjcyMjczNGJmZjlkZmE2M2ZiZDBm
MDY5MGEwHhcNMjMwMTAxMTIyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmRjZDU4MDhjMGJiNGM5ZGYwYjIxN2JiMTZlZDFjZTg3YjFlOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyWebM3XKQQH27Aujfrn7SUuydIV
YlFjuQlzwZ5L1jUls+M1PSy9RW1B9a2S8YSbUX3vDMBLOxiUFrkxm0gbisOf2tyP
9lTXbiK8uHdeQuyDInSn4m6e1o5LjbIVKimqkOWVIwrpbKjIQNCdx5M16aP+FuXj
xIo84QVKbTr+WiSGqdFsrl4LLVmGZrcnMWW0Ok1cHMKV9e++1vlFeLgLLDyChU/l
apDZiNblvrv24A0ekaPUWEutlWhvSVeteU8QoYs2ctTewMqvyrr8oAG/kARy5G1f
A+qsIYU/+SM+JROipRGPcjIrSlbhBrS23iXgRAW/HJOMJdrQMD/GRsF5bwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOvc1YCMC7TJ3wshe7Fu0c6Hsen7MB8GA1UdIwQY
MBaAFP6S7zUyG/j3InNL/536Y/vQ8GkKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3BMdk5USWItUGNpYzB2X25mcGotOUR3YVFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kMjcyNWQtODAwMS00MWYxLTgwZTUt
YTllZWYyOTRhYzM0LzEvNjl6VmdJd0x0TW5mQ3lGN3NXN1J6b2V4NmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kMjcyNWQtODAwMS00MWYxLTgwZTUtYTllZWYyOTRhYzM0
LzEvX3BMdk5USWItUGNpYzB2X25mcGotOUR3YVFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQABQEqAwQA
W/N2MBQEAgACMA4DBQMqEHjAAwUDKhEpADANBgkqhkiG9w0BAQsFAAOCAQEAXTRs
96kC+6maCjw0eTzwyRX+Lof9L/oXrho4kAu2dvNSN1UsstjtYyHhk8GKPG2JUet7
bSerGXVj0U4VSlBjAMgRVTiewLvT2SkFVZo6juFQC5oBLOLScabRXkg0+N5cSAzy
uIYGNpH+LednXguhQaKiu6cTZJ8rd3Rmy7kUX3RlG3qP9Wfff7iVeEl7R3y6gQH9
GrY82+f8ICsLP1s8JDqGM5HLp/oZG4zpEbIDIyqVRwFhSpzGSo0s1EaT8mH+Tcfa
AlSR6CIDIAN963W6DIuNIW5NSpv+6SEbR0FH6KLwAyO/kPDDrC7xdSfFiuEtHUR2
bmjhkGI72AqotfKItg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:18 2024 by rpki-client on console-ams.rpki-client.org