Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/IHkt3yVbvCOGtMm9QDnCjRzbZ_k.roa
File: IHkt3yVbvCOGtMm9QDnCjRzbZ_k.roa (raw, json)
Hash identifier: DoAFAmGgXVAweRIAnQ/KMiOLSF5RFHAVi+Zqf2u/kpY=
Subject key identifier: 20:79:2D:DF:25:5B:BC:23:86:B4:C9:BD:40:39:C2:8D:1C:DB:67:F9
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0189D33D9F427437E0DAEA6F903D71C65B2F
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/IHkt3yVbvCOGtMm9QDnCjRzbZ_k.roa
Signing time: Tue 08 Aug 2023 03:42:58 +0000
ROA not before: Tue 08 Aug 2023 03:42:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49453
IP address blocks: 5.188.87.0/24 maxlen: 24
5.188.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d3:3d:9f:42:74:37:e0:da:ea:6f:90:3d:71:c6:5b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Aug 8 03:42:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20792ddf255bbc2386b4c9bd4039c28d1cdb67f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:73:1b:2c:2d:dd:5d:7d:e5:9c:09:c6:8f:0e:
12:ad:1f:ea:fc:8b:0f:a0:61:33:09:4d:0f:ed:b8:
53:fc:bb:49:61:a3:1e:a6:ca:3a:da:1d:7b:bb:2a:
a5:e8:98:1a:c0:0b:de:b1:70:12:e5:ac:b5:69:bb:
49:ad:f3:3c:20:ca:18:b6:e2:b2:4a:47:a5:3b:b0:
90:54:f5:1d:6e:05:e4:62:f0:32:38:b3:94:35:54:
05:48:04:4e:ee:64:69:7a:51:f8:3b:b8:6e:4d:94:
0f:a4:40:f3:0d:95:4b:b4:7d:cd:6e:16:a0:b3:80:
6b:2d:df:a5:07:59:30:80:bc:ed:a0:00:65:37:f5:
4f:ef:54:f1:b8:6e:3d:2d:20:27:76:8f:12:f0:a4:
df:ec:e5:32:fa:47:aa:e6:5f:71:b7:55:eb:72:4c:
01:8b:1c:7e:1c:5f:7f:a5:bb:d6:26:7e:bd:66:2e:
2a:ed:88:e8:6b:ed:1d:b6:63:8e:5d:62:0f:0c:d2:
03:4a:11:48:a6:1d:28:90:0b:52:12:b5:b5:4c:40:
d7:9b:41:d7:cb:e9:83:56:43:ac:4c:91:86:6d:2f:
80:44:ec:09:55:f4:b8:e3:7e:d3:14:b2:df:b1:fd:
6e:53:9d:22:2f:e4:1f:e4:09:d8:58:a5:0f:58:ad:
bf:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:79:2D:DF:25:5B:BC:23:86:B4:C9:BD:40:39:C2:8D:1C:DB:67:F9
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/IHkt3yVbvCOGtMm9QDnCjRzbZ_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.86.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:0c:01:87:4e:9e:af:36:c0:93:50:b3:04:d0:d8:e0:92:0c:
04:95:b1:e7:ca:c5:cb:c9:0b:31:b9:67:2a:d3:d0:e8:02:ba:
d6:ab:68:96:62:ea:64:e6:b7:a9:e1:1f:dd:d8:fe:9a:1d:c8:
96:44:4d:60:e8:a4:35:4d:eb:ad:3d:6d:3c:73:a4:95:08:7a:
d9:da:a9:2c:7c:1c:61:e1:9e:80:eb:22:80:cb:fb:3c:8e:0b:
fe:3c:4f:6e:86:2f:8a:76:db:19:35:90:f0:07:88:95:13:ec:
44:ac:71:a8:81:e7:cf:1a:8c:d1:33:3d:41:9b:86:12:45:93:
8e:c1:18:0a:01:c5:a7:91:e2:99:f8:7e:6d:9c:ce:b2:71:d1:
c8:08:35:f6:34:86:fd:5b:be:36:be:24:e6:02:eb:94:a5:b9:
ec:11:cb:30:ea:17:59:93:ee:94:4b:74:52:e5:bb:c0:36:85:
9f:bd:72:f1:b3:3d:ca:9a:f4:ce:c4:75:77:ef:48:dc:6d:5a:
f0:e6:cc:0b:c6:2b:81:ff:5c:51:95:51:f7:19:93:3e:44:e6:
e3:1c:7e:a7:98:62:6f:e9:e4:79:c2:bd:7c:6b:fb:10:e8:f8:
12:3f:07:b9:4b:e2:d8:a3:d3:cc:5c:3d:53:f0:d9:d0:5f:7e:
a8:3a:00:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnTPZ9CdDfg2upvkD1xxlsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwODA4MDM0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDc5MmRkZjI1NWJiYzIzODZiNGM5YmQ0MDM5YzI4ZDFjZGI2N2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknMbLC3dXX3lnAnGjw4SrR/q/IsP
oGEzCU0P7bhT/LtJYaMepso62h17uyql6JgawAvesXAS5ay1abtJrfM8IMoYtuKy
SkelO7CQVPUdbgXkYvAyOLOUNVQFSARO7mRpelH4O7huTZQPpEDzDZVLtH3Nbhag
s4BrLd+lB1kwgLztoABlN/VP71TxuG49LSAndo8S8KTf7OUy+keq5l9xt1XrckwB
ixx+HF9/pbvWJn69Zi4q7Yjoa+0dtmOOXWIPDNIDShFIph0okAtSErW1TEDXm0HX
y+mDVkOsTJGGbS+AROwJVfS4437TFLLfsf1uU50iL+Qf5AnYWKUPWK2/ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCB5Ld8lW7wjhrTJvUA5wo0c22f5MB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvSUhrdDN5VmJ2Q09HdE1tOVFEbkNqUnpiWl9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBbxWMA0G
CSqGSIb3DQEBCwUAA4IBAQAqDAGHTp6vNsCTULME0NjgkgwElbHnysXLyQsxuWcq
09DoArrWq2iWYupk5rep4R/d2P6aHciWRE1g6KQ1TeutPW08c6SVCHrZ2qksfBxh
4Z6A6yKAy/s8jgv+PE9uhi+KdtsZNZDwB4iVE+xErHGogefPGozRMz1Bm4YSRZOO
wRgKAcWnkeKZ+H5tnM6ycdHICDX2NIb9W742viTmAuuUpbnsEcsw6hdZk+6US3RS
5bvANoWfvXLxsz3KmvTOxHV370jcbVrw5swLxiuB/1xRlVH3GZM+RObjHH6nmGJv
6eR5wr18a/sQ6PgSPwe5S+LYo9PMXD1T8NnQX36oOgDs
-----END CERTIFICATE-----
Generated at Tue Oct 3 07:18:26 2023 by rpki-client on console-ams.rpki-client.org