Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/S3lfjECdFfkLfPbSkVGhHQXJTho.roa
File: S3lfjECdFfkLfPbSkVGhHQXJTho.roa (raw, json)
Hash identifier: wzuzfsgb+ckByLrFQjUNxfJfLCpmFOPGDI0BYjK88y4=
Subject key identifier: 4B:79:5F:8C:40:9D:15:F9:0B:7C:F6:D2:91:51:A1:1D:05:C9:4E:1A
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018572470EBD4604AB4DD67AF29473B9DCF3
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/S3lfjECdFfkLfPbSkVGhHQXJTho.roa
Signing time: Mon 02 Jan 2023 11:38:57 +0000
ROA not before: Mon 02 Jan 2023 11:38:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56541
IP address blocks: 5.8.80.0/23 maxlen: 23
5.8.84.0/23 maxlen: 23
5.8.82.0/23 maxlen: 23
5.8.86.0/23 maxlen: 23
31.44.176.0/23 maxlen: 23
31.44.178.0/23 maxlen: 23
31.44.180.0/23 maxlen: 23
31.44.182.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:47:0e:bd:46:04:ab:4d:d6:7a:f2:94:73:b9:dc:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 11:38:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b795f8c409d15f90b7cf6d29151a11d05c94e1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e4:74:bd:20:da:99:38:b8:c2:a4:a4:7e:4b:
0a:c5:16:b4:d4:ac:a0:6f:46:e8:74:a5:50:bf:2d:
9d:67:5a:77:a1:92:eb:35:f9:22:08:e6:66:bb:d9:
82:c4:35:3a:ab:52:d2:32:c2:02:9c:53:11:2c:0f:
85:4e:ba:33:c3:89:65:1d:d2:76:59:a5:02:89:64:
4d:e9:25:ad:b1:ef:f4:0a:13:f5:77:20:34:2a:4b:
53:c6:ad:67:b9:c6:39:35:34:8c:f4:6a:f9:85:bb:
ac:3a:29:49:45:75:b9:f2:67:e6:da:42:7b:5d:28:
30:14:91:e5:b3:30:32:70:8b:87:18:f8:a8:55:72:
50:f6:17:70:63:e1:ff:04:5a:39:f9:fc:78:f2:5c:
d6:52:4f:a3:27:96:e3:f3:75:50:02:43:8a:b8:50:
1b:7d:f5:5b:5f:33:81:5b:65:9b:e5:b2:db:42:2f:
98:7e:17:68:3e:59:f0:79:80:15:cf:b9:a0:b1:12:
c1:84:39:f7:c5:dd:64:b3:dc:09:e5:e6:39:73:ee:
f2:05:f9:d5:e2:ba:a3:17:69:57:bf:1d:34:f5:5f:
30:e4:73:6f:57:dc:4b:4e:c6:3a:fb:ae:02:02:ed:
8b:d4:ef:a4:82:c0:59:20:77:5d:02:94:e3:6c:fb:
4c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:79:5F:8C:40:9D:15:F9:0B:7C:F6:D2:91:51:A1:1D:05:C9:4E:1A
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/S3lfjECdFfkLfPbSkVGhHQXJTho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.80.0/21
31.44.176.0/21
Signature Algorithm: sha256WithRSAEncryption
c0:f3:3e:be:88:04:aa:5e:e6:8c:5f:ec:c3:f0:5b:79:e1:2b:
45:ac:c8:36:f0:bf:05:a1:ee:18:31:fa:be:0d:66:b1:be:cf:
23:52:67:84:99:d0:c5:f4:1b:34:7e:09:6f:7c:82:73:f5:25:
e4:8d:0d:01:25:e4:c8:a7:e2:a7:9b:c0:27:b7:1c:d7:39:9f:
da:34:d4:7c:22:b9:e3:55:fb:22:5d:c2:28:97:bf:02:fa:ec:
72:48:93:64:25:93:17:eb:17:d9:e6:8a:46:f8:2a:29:b6:91:
50:3a:5d:70:f6:d1:2c:c2:c2:fe:a8:3c:9b:89:ce:1a:91:77:
c2:59:c6:b3:46:7e:0c:39:65:ac:49:77:5d:c7:28:9d:db:23:
9b:8c:91:58:2e:a1:c6:b4:3b:ca:0a:4d:a1:38:44:2e:c6:19:
d3:b4:2e:08:48:67:2b:e5:83:05:57:f0:2c:ce:e7:59:5d:71:
d4:71:20:ed:10:8f:86:68:9f:3e:49:65:b9:ea:d9:1a:a6:83:
50:da:41:9b:fa:ff:ef:55:61:62:07:bd:07:17:be:52:be:c4:
03:cf:41:56:06:41:f2:db:e9:bf:d3:e0:e1:8e:1c:11:da:db:
bb:6a:67:1e:6f:61:00:a0:5a:6c:ee:07:9b:14:ed:ee:ba:5b:
da:26:9d:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyRw69RgSrTdZ68pRzudzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTAyMTEzODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjc5NWY4YzQwOWQxNWY5MGI3Y2Y2ZDI5MTUxYTExZDA1Yzk0ZTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuR0vSDamTi4wqSkfksKxRa01Kyg
b0bodKVQvy2dZ1p3oZLrNfkiCOZmu9mCxDU6q1LSMsICnFMRLA+FTrozw4llHdJ2
WaUCiWRN6SWtse/0ChP1dyA0KktTxq1nucY5NTSM9Gr5hbusOilJRXW58mfm2kJ7
XSgwFJHlszAycIuHGPioVXJQ9hdwY+H/BFo5+fx48lzWUk+jJ5bj83VQAkOKuFAb
ffVbXzOBW2Wb5bLbQi+YfhdoPlnweYAVz7mgsRLBhDn3xd1ks9wJ5eY5c+7yBfnV
4rqjF2lXvx009V8w5HNvV9xLTsY6+64CAu2L1O+kgsBZIHddApTjbPtMgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEt5X4xAnRX5C3z20pFRoR0FyU4aMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvUzNsZmpFQ2RGZmtMZlBiU2tWR2hIUVhKVGhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBQhQAwQD
HyywMA0GCSqGSIb3DQEBCwUAA4IBAQDA8z6+iASqXuaMX+zD8Ft54StFrMg28L8F
oe4YMfq+DWaxvs8jUmeEmdDF9Bs0fglvfIJz9SXkjQ0BJeTIp+Knm8AntxzXOZ/a
NNR8IrnjVfsiXcIol78C+uxySJNkJZMX6xfZ5opG+CoptpFQOl1w9tEswsL+qDyb
ic4akXfCWcazRn4MOWWsSXddxyid2yObjJFYLqHGtDvKCk2hOEQuxhnTtC4ISGcr
5YMFV/AszudZXXHUcSDtEI+GaJ8+SWW56tkapoNQ2kGb+v/vVWFiB70HF75SvsQD
z0FWBkHy2+m/0+DhjhwR2tu7amceb2EAoFps7gebFO3uulvaJp0n
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:25 2024 by rpki-client on console-fra.rpki-client.org