Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/r21P7iXonF6ZHJgLhHk9LROw-2Y.roa
File: r21P7iXonF6ZHJgLhHk9LROw-2Y.roa (raw, json)
Hash identifier: kbZ+KO06oG+jiA9VUaMl4+f5qttEYVzWiYJK5titg9s=
Subject key identifier: AF:6D:4F:EE:25:E8:9C:5E:99:1C:98:0B:84:79:3D:2D:13:B0:FB:66
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018572470A830598D1B8E983A9FC66A5B0BA
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/r21P7iXonF6ZHJgLhHk9LROw-2Y.roa
Signing time: Mon 02 Jan 2023 11:38:56 +0000
ROA not before: Mon 02 Jan 2023 11:38:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 5.188.232.0/24 maxlen: 24
5.188.51.0/24 maxlen: 24
5.188.203.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:47:0a:83:05:98:d1:b8:e9:83:a9:fc:66:a5:b0:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 11:38:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af6d4fee25e89c5e991c980b84793d2d13b0fb66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:28:ad:29:93:9c:15:29:6d:db:e9:a7:18:8e:
cd:6e:86:a3:21:d4:b1:29:e8:32:9e:28:de:65:99:
85:5e:95:81:56:04:c5:e6:3b:87:a5:06:ef:2c:ce:
c0:4f:8d:e1:a1:c3:3c:aa:1e:aa:d8:32:82:b4:4f:
b7:06:61:e3:94:27:6d:4b:9e:e3:e8:ae:02:47:e0:
c9:37:53:ff:d1:31:82:ff:b1:a0:73:23:19:93:73:
f1:a3:f3:77:84:cb:1a:54:39:d6:cc:3d:4d:54:46:
1c:6f:be:94:17:d3:b2:3e:90:3f:29:2f:06:b4:61:
a8:3c:6a:de:ca:51:cc:b8:93:68:5f:37:b9:e3:7d:
ef:07:66:63:7e:af:1b:8d:6f:6c:b1:52:ef:e9:b1:
cb:7f:a2:c5:61:c5:14:ca:ca:d0:02:48:b8:2e:9c:
df:56:ca:f9:1b:eb:23:ee:e2:b1:37:ae:71:f7:ad:
81:b0:d3:92:f4:29:18:e8:89:8c:2a:5a:da:57:c6:
b7:2a:98:53:25:44:74:4b:46:80:93:5a:e1:8e:7d:
da:32:b6:26:e6:83:03:ed:7a:36:38:0d:99:a0:f4:
48:27:f3:0b:7e:94:00:82:1f:e2:18:38:c6:65:34:
d6:81:7e:06:ec:08:b0:96:e8:3d:05:4f:ee:c4:2e:
33:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:6D:4F:EE:25:E8:9C:5E:99:1C:98:0B:84:79:3D:2D:13:B0:FB:66
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/r21P7iXonF6ZHJgLhHk9LROw-2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.51.0/24
5.188.203.0/24
5.188.232.0/24
Signature Algorithm: sha256WithRSAEncryption
63:e6:f4:38:d1:44:73:3f:ee:ca:91:95:f7:28:22:a3:85:ff:
6f:eb:85:e4:4d:2c:56:cd:4e:99:44:88:8d:bc:7e:79:65:a8:
ae:f1:63:0a:3f:69:ae:e8:c2:ef:8a:5d:0a:df:61:35:19:6d:
82:da:f9:88:29:fa:70:cd:1b:5e:3d:e5:0c:9a:0d:12:60:f4:
59:89:17:dc:7d:cd:93:31:5b:53:91:82:65:93:a4:b2:ff:f2:
70:44:42:7a:a5:fc:ea:9e:74:ee:f9:81:71:a7:7c:f5:73:cc:
23:00:0a:48:22:d1:97:25:7c:fa:1e:15:e0:34:a3:30:c5:6d:
38:00:3d:c1:77:34:a8:66:65:ed:21:92:be:c7:dd:b2:59:22:
ad:23:7b:e6:63:e2:ff:25:46:83:21:4f:10:81:81:da:c4:1e:
a8:3f:9c:f0:fe:cf:78:4d:3b:e9:4d:9d:9e:70:ef:c3:37:d3:
da:c4:e9:cc:d2:3f:e6:17:1a:03:9a:28:84:9b:db:bd:4f:69:
ea:5c:7c:82:e1:7c:11:a8:d0:09:2e:db:6c:48:23:5f:01:ed:
5b:25:9b:f9:2a:f0:f7:e9:a7:f4:2e:bd:94:fe:f1:e4:e8:63:
b8:d2:27:ce:54:35:1b:c7:a2:45:3a:9d:7d:c5:ff:b0:06:08:
aa:52:27:76
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyRwqDBZjRuOmDqfxmpbC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTAyMTEzODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjZkNGZlZTI1ZTg5YzVlOTkxYzk4MGI4NDc5M2QyZDEzYjBmYjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CitKZOcFSlt2+mnGI7NboajIdSx
KegynijeZZmFXpWBVgTF5juHpQbvLM7AT43hocM8qh6q2DKCtE+3BmHjlCdtS57j
6K4CR+DJN1P/0TGC/7GgcyMZk3Pxo/N3hMsaVDnWzD1NVEYcb76UF9OyPpA/KS8G
tGGoPGreylHMuJNoXze5433vB2Zjfq8bjW9ssVLv6bHLf6LFYcUUysrQAki4Lpzf
Vsr5G+sj7uKxN65x962BsNOS9CkY6ImMKlraV8a3KphTJUR0S0aAk1rhjn3aMrYm
5oMD7Xo2OA2ZoPRIJ/MLfpQAgh/iGDjGZTTWgX4G7Aiwlug9BU/uxC4zlwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK9tT+4l6JxemRyYC4R5PS0TsPtmMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvcjIxUDdpWG9uRjZaSEpnTGhIazlMUk93LTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbwzAwQA
BbzLAwQABbzoMA0GCSqGSIb3DQEBCwUAA4IBAQBj5vQ40URzP+7KkZX3KCKjhf9v
64XkTSxWzU6ZRIiNvH55Zaiu8WMKP2mu6MLvil0K32E1GW2C2vmIKfpwzRtePeUM
mg0SYPRZiRfcfc2TMVtTkYJlk6Sy//JwREJ6pfzqnnTu+YFxp3z1c8wjAApIItGX
JXz6HhXgNKMwxW04AD3BdzSoZmXtIZK+x92yWSKtI3vmY+L/JUaDIU8QgYHaxB6o
P5zw/s94TTvpTZ2ecO/DN9PaxOnM0j/mFxoDmiiEm9u9T2nqXHyC4XwRqNAJLtts
SCNfAe1bJZv5KvD36af0Lr2U/vHk6GO40ifOVDUbx6JFOp19xf+wBgiqUid2
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:25 2024 by rpki-client on console-fra.rpki-client.org