Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/LRJEsqA8GpjiATq5kia6vGG2eps.roa
File: LRJEsqA8GpjiATq5kia6vGG2eps.roa (raw, json)
Hash identifier: 79hnCARtE1nYdy4CWoku/+KD+iRfzqyqnoZTdnaBLXE=
Subject key identifier: 2D:12:44:B2:A0:3C:1A:98:E2:01:3A:B9:92:26:BA:BC:61:B6:7A:9B
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 01857247180CB04C98A135B2E8F0B6A50711
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/LRJEsqA8GpjiATq5kia6vGG2eps.roa
Signing time: Mon 02 Jan 2023 11:38:59 +0000
ROA not before: Mon 02 Jan 2023 11:38:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205701
IP address blocks: 5.8.58.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:47:18:0c:b0:4c:98:a1:35:b2:e8:f0:b6:a5:07:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 11:38:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d1244b2a03c1a98e2013ab99226babc61b67a9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4d:ea:45:6b:9e:73:c8:5e:40:a0:93:52:cc:
ba:ba:cc:95:33:3a:23:3e:98:79:0a:ca:07:f2:c4:
6d:57:93:f5:88:1c:c0:fd:84:07:87:07:47:2f:9c:
5f:9c:df:35:ff:6c:5a:ce:fb:c6:c4:c6:70:ff:2f:
c0:fb:c8:82:d9:3b:36:b6:48:e1:cd:95:80:53:7d:
7d:ee:ee:e9:ed:c5:4e:5e:d2:d0:7e:f6:d2:96:03:
e7:13:06:6c:ca:5b:36:d0:07:01:2d:2e:4b:e5:30:
2f:75:fd:d6:ec:af:8f:5f:1a:31:ce:48:49:e0:88:
df:3e:57:00:6e:9f:a2:36:e2:4d:47:b7:6d:56:6f:
58:81:65:55:63:3e:a9:a2:0d:30:16:3e:59:cf:56:
f0:84:7f:dd:f1:55:ad:31:06:57:25:06:17:78:f4:
c9:0b:39:5a:4c:e7:18:61:74:2d:c7:4e:0f:69:ea:
ee:cc:68:14:f7:9f:39:77:95:ed:1c:5b:c4:80:c3:
72:ab:51:28:17:3d:ff:1f:7f:e0:6e:9f:a5:2b:a8:
dc:d7:49:14:25:44:aa:22:d1:f5:d9:2c:61:16:56:
ce:6f:81:69:12:53:57:ba:da:34:99:e3:ef:4f:a1:
96:25:4c:1c:91:fd:ad:b0:e7:a1:f4:f1:5d:5e:bb:
65:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:12:44:B2:A0:3C:1A:98:E2:01:3A:B9:92:26:BA:BC:61:B6:7A:9B
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/LRJEsqA8GpjiATq5kia6vGG2eps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.58.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:48:ef:07:9e:fa:e6:68:b8:90:62:dd:e3:6b:09:ae:8b:bb:
a0:20:32:f2:35:b5:7f:e0:49:dc:33:80:77:71:96:8b:6e:2f:
46:20:6f:bb:45:cd:7f:50:3e:52:b2:b9:b5:fe:85:66:be:5e:
25:ea:59:5e:03:c5:92:ad:7a:17:60:44:42:12:59:1d:bc:b0:
99:63:d1:77:26:6b:dd:da:6e:0f:dc:8a:b1:ca:d6:e0:f2:f0:
45:b2:63:7f:c9:5f:f2:20:42:86:78:c6:53:9a:47:0d:7f:e4:
e4:c2:69:c8:28:ee:8d:24:71:4d:da:e0:cb:bd:51:e8:16:fd:
9a:00:64:18:ff:4a:dd:17:dc:9a:75:e0:23:81:b1:ae:5b:30:
e8:66:99:01:8e:91:28:c5:1f:0d:70:65:86:1d:61:43:fb:5d:
65:53:56:c3:92:a1:11:c8:51:ca:32:13:e8:32:eb:3f:db:69:
77:7d:32:00:34:a2:44:d5:09:40:26:30:b9:09:b5:01:c6:78:
0a:73:6c:4a:3d:29:1c:ea:75:5e:52:ec:2e:33:1c:86:ac:ba:
c4:f6:6f:8f:21:33:82:c9:b3:04:12:bb:62:e9:b6:fc:ba:14:
06:e6:b1:72:f4:3b:d0:6f:0c:19:88:a9:ac:56:a9:d4:da:ba:
e1:9c:de:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRxgMsEyYoTWy6PC2pQcRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTAyMTEzODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDEyNDRiMmEwM2MxYTk4ZTIwMTNhYjk5MjI2YmFiYzYxYjY3YTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk3qRWuec8heQKCTUsy6usyVMzoj
Pph5CsoH8sRtV5P1iBzA/YQHhwdHL5xfnN81/2xazvvGxMZw/y/A+8iC2Ts2tkjh
zZWAU3197u7p7cVOXtLQfvbSlgPnEwZsyls20AcBLS5L5TAvdf3W7K+PXxoxzkhJ
4IjfPlcAbp+iNuJNR7dtVm9YgWVVYz6pog0wFj5Zz1bwhH/d8VWtMQZXJQYXePTJ
CzlaTOcYYXQtx04PaeruzGgU9585d5XtHFvEgMNyq1EoFz3/H3/gbp+lK6jc10kU
JUSqItH12SxhFlbOb4FpElNXuto0mePvT6GWJUwckf2tsOeh9PFdXrtl/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0SRLKgPBqY4gE6uZImurxhtnqbMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvTFJKRXNxQThHcGppQVRxNWtpYTZ2R0cyZXBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQg6MA0G
CSqGSIb3DQEBCwUAA4IBAQBdSO8HnvrmaLiQYt3jawmui7ugIDLyNbV/4EncM4B3
cZaLbi9GIG+7Rc1/UD5Ssrm1/oVmvl4l6lleA8WSrXoXYERCElkdvLCZY9F3Jmvd
2m4P3Iqxytbg8vBFsmN/yV/yIEKGeMZTmkcNf+TkwmnIKO6NJHFN2uDLvVHoFv2a
AGQY/0rdF9yadeAjgbGuWzDoZpkBjpEoxR8NcGWGHWFD+11lU1bDkqERyFHKMhPo
Mus/22l3fTIANKJE1QlAJjC5CbUBxngKc2xKPSkc6nVeUuwuMxyGrLrE9m+PITOC
ybMEErti6bb8uhQG5rFy9DvQbwwZiKmsVqnU2rrhnN6H
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:47 2024 by rpki-client on console-ams.rpki-client.org