Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/T47ZkNXALP8FdjmIG7GIhznW5MQ.roa
File: T47ZkNXALP8FdjmIG7GIhznW5MQ.roa (raw, json)
Hash identifier: C9C8AAdm8xIxpeIyYHM4iZSjPNt3fDF2BwaKZprumT0=
Subject key identifier: 4F:8E:D9:90:D5:C0:2C:FF:05:76:39:88:1B:B1:88:87:39:D6:E4:C4
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018CC56E104F40C37F903ED34B67D091D8B8
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/T47ZkNXALP8FdjmIG7GIhznW5MQ.roa
Signing time: Mon 01 Jan 2024 14:29:33 +0000
ROA not before: Mon 01 Jan 2024 14:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205601
IP address blocks: 5.8.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 11:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:10:4f:40:c3:7f:90:3e:d3:4b:67:d0:91:d8:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 14:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f8ed990d5c02cff057639881bb1888739d6e4c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:da:e4:a2:bf:c2:69:3d:aa:ca:04:ae:77:29:
f6:ef:62:38:d3:a7:3f:c8:6d:4c:d4:99:2d:30:cb:
69:fc:1e:53:75:9f:0d:f7:02:c7:ce:5f:15:62:9f:
f5:72:f1:27:3a:fb:04:d2:8c:2b:21:f7:0c:d7:b4:
1d:8f:23:b6:fd:c2:eb:c7:63:d0:73:9d:c2:0e:9a:
1a:7c:b6:f3:5a:63:ad:8f:9b:49:b9:3b:b2:22:f8:
68:59:3e:15:9e:ec:7a:fe:3a:1b:fc:28:16:e9:f4:
5d:64:2f:f6:65:69:71:25:5a:c1:6c:52:cd:9e:04:
4b:13:34:da:da:66:28:f3:7d:65:c0:83:4f:01:db:
d1:d5:20:20:7c:b4:97:5e:73:90:d7:83:e0:b7:97:
dd:2b:6a:d4:72:04:fe:0a:ba:19:fe:bd:a3:d9:d3:
32:c2:2f:3a:77:70:db:06:88:af:6b:a4:57:6c:82:
64:f2:1a:63:f7:94:aa:4a:43:12:f6:63:2e:18:ea:
45:f4:ec:63:03:c3:a3:73:1a:30:9f:f9:a8:a9:83:
38:00:0c:e1:ea:35:8d:fa:eb:48:7b:55:ee:d2:0f:
72:bf:b6:12:e2:9b:6b:64:1d:63:ac:ab:41:f5:b0:
eb:80:fc:a9:9a:41:91:83:fb:61:52:f4:14:06:5b:
cb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:8E:D9:90:D5:C0:2C:FF:05:76:39:88:1B:B1:88:87:39:D6:E4:C4
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/T47ZkNXALP8FdjmIG7GIhznW5MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.17.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:d4:b3:fb:37:02:50:4c:d9:f7:bc:5e:cb:9b:1d:0f:a6:0c:
e3:1f:a1:5a:2c:2a:8d:a7:7e:51:b4:2c:a0:60:c5:cc:58:b8:
d8:96:87:b2:65:70:bc:19:09:26:d5:10:5c:9e:50:95:5d:c7:
ed:de:70:50:08:74:72:7f:cd:be:ce:3b:26:c0:4a:72:a9:06:
14:7b:2d:95:cb:6d:d0:16:06:22:87:3c:8b:02:b0:6d:f2:b7:
00:09:5e:c0:7f:d9:ab:b8:49:59:24:72:34:34:c3:a4:89:22:
e3:ed:07:e7:f1:3c:32:38:ef:3f:82:1c:b9:2a:27:dc:d4:e7:
ec:a8:85:6e:85:4b:3a:3d:f0:c0:1d:c1:cd:5c:25:37:0f:2c:
ef:ca:56:82:17:df:37:fe:4e:c5:13:9a:87:0e:ca:b5:09:cf:
48:80:30:3e:8c:40:31:c4:ed:ac:67:e2:65:ce:39:4a:19:4b:
62:78:80:b8:1a:92:13:8f:58:e7:7a:24:68:5f:ee:18:c0:5b:
8c:73:d7:3f:64:01:29:ef:ba:b9:3c:a7:61:e6:ae:28:b8:6c:
ef:cc:ee:c7:b6:25:27:d4:90:8d:e5:04:d4:0e:3d:6b:b4:69:
94:4c:33:fe:90:16:fa:e9:bc:8a:4f:b7:29:a9:b6:00:ba:4b:
ec:45:c4:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbhBPQMN/kD7TS2fQkdi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQwMTAxMTQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjhlZDk5MGQ1YzAyY2ZmMDU3NjM5ODgxYmIxODg4NzM5ZDZlNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndrkor/CaT2qygSudyn272I406c/
yG1M1JktMMtp/B5TdZ8N9wLHzl8VYp/1cvEnOvsE0owrIfcM17QdjyO2/cLrx2PQ
c53CDpoafLbzWmOtj5tJuTuyIvhoWT4Vnux6/job/CgW6fRdZC/2ZWlxJVrBbFLN
ngRLEzTa2mYo831lwINPAdvR1SAgfLSXXnOQ14Pgt5fdK2rUcgT+CroZ/r2j2dMy
wi86d3DbBoiva6RXbIJk8hpj95SqSkMS9mMuGOpF9OxjA8Ojcxown/moqYM4AAzh
6jWN+utIe1Xu0g9yv7YS4ptrZB1jrKtB9bDrgPypmkGRg/thUvQUBlvLSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+O2ZDVwCz/BXY5iBuxiIc51uTEMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvVDQ3WmtOWEFMUDhGZGptSUc3R0loem5XNU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQgRMA0G
CSqGSIb3DQEBCwUAA4IBAQC51LP7NwJQTNn3vF7Lmx0PpgzjH6FaLCqNp35RtCyg
YMXMWLjYloeyZXC8GQkm1RBcnlCVXcft3nBQCHRyf82+zjsmwEpyqQYUey2Vy23Q
FgYihzyLArBt8rcACV7Af9mruElZJHI0NMOkiSLj7Qfn8TwyOO8/ghy5Kifc1Ofs
qIVuhUs6PfDAHcHNXCU3DyzvylaCF983/k7FE5qHDsq1Cc9IgDA+jEAxxO2sZ+Jl
zjlKGUtieIC4GpITj1jneiRoX+4YwFuMc9c/ZAEp77q5PKdh5q4ouGzvzO7HtiUn
1JCN5QTUDj1rtGmUTDP+kBb66byKT7cpqbYAukvsRcTn
-----END CERTIFICATE-----
Generated at Mon Aug 26 14:36:53 2024 by rpki-client on console-fra.rpki-client.org