Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/5hJjxg9M86XG6_Q5LGuM9bsqIcw.roa
File: 5hJjxg9M86XG6_Q5LGuM9bsqIcw.roa (raw, json)
Hash identifier: GIpUEXvjQo9XXE+Lrhs1+0vqHk2AmCdW4h2jfvEqn54=
Subject key identifier: E6:12:63:C6:0F:4C:F3:A5:C6:EB:F4:39:2C:6B:8C:F5:BB:2A:21:CC
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0192AAA5ABA0D3EDE12040C966C70ECA3453
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/5hJjxg9M86XG6_Q5LGuM9bsqIcw.roa
Signing time: Sun 20 Oct 2024 15:57:16 +0000
ROA not before: Sun 20 Oct 2024 15:57:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 43.240.150.0/24 maxlen: 24
193.168.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 11:07:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:aa:a5:ab:a0:d3:ed:e1:20:40:c9:66:c7:0e:ca:34:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Oct 20 15:57:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e61263c60f4cf3a5c6ebf4392c6b8cf5bb2a21cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:39:57:eb:6c:d5:19:44:12:e8:ef:39:a7:d3:
a8:0a:64:de:20:a2:db:d3:dc:23:35:31:05:56:7e:
99:3d:fb:1c:15:31:29:c7:12:ef:5f:a6:4a:8c:2a:
72:a7:9b:1e:0d:9a:cd:37:6a:56:df:54:58:87:7a:
f6:f0:3e:89:6b:dc:d1:c7:39:c4:2a:08:cd:f4:15:
90:7b:d1:17:e2:d7:5a:f4:38:6e:4d:ed:4e:0b:9d:
0c:7a:71:5d:19:d6:d3:29:15:c2:20:7c:ed:63:5f:
93:13:ed:42:d2:1f:67:78:32:91:9d:28:d3:3c:63:
78:c5:7e:5b:f8:fc:a6:c8:0b:5f:ce:c8:c8:30:78:
03:c5:01:cc:d1:84:1f:5d:a9:3c:58:b9:dd:b1:e6:
73:e9:46:8c:48:62:09:90:5c:ce:fb:2a:06:f0:94:
ec:21:bf:7b:ae:1d:8e:76:85:07:f9:06:99:80:22:
bc:02:85:94:35:8c:2f:cc:fe:bf:30:fd:4b:4f:20:
78:11:b5:a5:f4:bd:60:9f:4d:7b:36:7c:f2:7c:1d:
b3:ba:f2:fb:3f:42:4d:2e:1d:d9:14:56:c1:e6:ad:
f9:a3:78:40:f8:84:2e:3f:ee:50:cd:97:65:fe:2a:
fd:81:de:85:c8:9a:1b:bd:10:c2:4d:83:74:c0:ba:
6c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:12:63:C6:0F:4C:F3:A5:C6:EB:F4:39:2C:6B:8C:F5:BB:2A:21:CC
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/5hJjxg9M86XG6_Q5LGuM9bsqIcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.150.0/24
193.168.200.0/24
Signature Algorithm: sha256WithRSAEncryption
45:7b:cc:10:86:01:c8:0b:b9:76:61:03:49:b6:6d:a6:73:e0:
c7:53:b1:f1:18:64:86:7c:43:c4:25:fe:25:60:fa:32:eb:79:
a6:63:b7:46:5a:a9:69:5e:fd:c9:aa:36:f2:de:39:e6:81:86:
e6:6f:c9:56:6d:bc:80:ae:ae:f8:aa:ee:87:dc:8c:14:8e:9f:
30:e9:19:2d:3b:3f:33:55:79:67:df:7c:c8:dc:e1:ab:6f:a6:
58:96:fc:e2:2e:3c:06:18:cd:b9:34:50:30:3a:9e:25:b8:d1:
ca:41:fe:1a:4e:a2:0d:21:f6:f8:5e:f1:d5:74:5e:de:2b:17:
ad:4a:7f:d0:6e:23:ea:c6:a6:d1:ea:16:20:74:82:fc:2e:6a:
dc:9a:70:75:0c:93:ce:f9:a1:6f:37:ce:0f:4e:84:8a:25:4f:
2d:c0:65:28:b5:65:ce:54:1f:a9:55:aa:0c:f9:8f:1d:41:e9:
2c:a2:24:fa:a3:18:e6:98:94:8c:00:e1:54:1e:b6:27:29:1a:
7c:73:84:93:d2:ff:74:35:e6:04:f7:a5:f0:b6:71:d4:6e:09:
09:2d:32:9c:ad:f8:7c:d8:5b:0c:78:7a:ed:7f:e7:3c:30:8f:
65:3c:a5:c2:73:3f:79:c7:fb:4a:c9:06:cf:b0:aa:f0:91:33:
d3:8e:30:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKqpaug0+3hIEDJZscOyjRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjQxMDIwMTU1NzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjEyNjNjNjBmNGNmM2E1YzZlYmY0MzkyYzZiOGNmNWJiMmEyMWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjlX62zVGUQS6O85p9OoCmTeIKLb
09wjNTEFVn6ZPfscFTEpxxLvX6ZKjCpyp5seDZrNN2pW31RYh3r28D6Ja9zRxznE
KgjN9BWQe9EX4tda9DhuTe1OC50MenFdGdbTKRXCIHztY1+TE+1C0h9neDKRnSjT
PGN4xX5b+PymyAtfzsjIMHgDxQHM0YQfXak8WLndseZz6UaMSGIJkFzO+yoG8JTs
Ib97rh2OdoUH+QaZgCK8AoWUNYwvzP6/MP1LTyB4EbWl9L1gn017NnzyfB2zuvL7
P0JNLh3ZFFbB5q35o3hA+IQuP+5QzZdl/ir9gd6FyJobvRDCTYN0wLpsAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOYSY8YPTPOlxuv0OSxrjPW7KiHMMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvNWhKanhnOU04NlhHNl9RNUxHdU05YnNxSWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAK/CWAwQA
wajIMA0GCSqGSIb3DQEBCwUAA4IBAQBFe8wQhgHIC7l2YQNJtm2mc+DHU7HxGGSG
fEPEJf4lYPoy63mmY7dGWqlpXv3Jqjby3jnmgYbmb8lWbbyArq74qu6H3IwUjp8w
6RktOz8zVXln33zI3OGrb6ZYlvziLjwGGM25NFAwOp4luNHKQf4aTqINIfb4XvHV
dF7eKxetSn/QbiPqxqbR6hYgdIL8LmrcmnB1DJPO+aFvN84PToSKJU8twGUotWXO
VB+pVaoM+Y8dQeksoiT6oxjmmJSMAOFUHrYnKRp8c4ST0v90NeYE96XwtnHUbgkJ
LTKcrfh82FsMeHrtf+c8MI9lPKXCcz95x/tKyQbPsKrwkTPTjjDb
-----END CERTIFICATE-----
Generated at Mon Oct 21 13:23:57 2024 by rpki-client on console-ams.rpki-client.org