Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/5LmmOkqRsAmJUM7MD4iOicpk2hY.roa
File: 5LmmOkqRsAmJUM7MD4iOicpk2hY.roa (raw, json)
Hash identifier: fqllbTHwYQSF8P42OEWwT0Ed8EKzptsM2nIdMFrNiT4=
Subject key identifier: E4:B9:A6:3A:4A:91:B0:09:89:50:CE:CC:0F:88:8E:89:CA:64:DA:16
Certificate issuer: /CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a
Certificate serial: 01857295E535BA45D92FE1049549B4C945F3
Authority key identifier: 05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/5LmmOkqRsAmJUM7MD4iOicpk2hY.roa
Signing time: Mon 02 Jan 2023 13:05:04 +0000
ROA not before: Mon 02 Jan 2023 13:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197912
IP address blocks: 128.127.170.0/24 maxlen: 24
128.127.169.0/24 maxlen: 24
128.127.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:e5:35:ba:45:d9:2f:e1:04:95:49:b4:c9:45:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a
Validity
Not Before: Jan 2 13:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4b9a63a4a91b0098950cecc0f888e89ca64da16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1a:68:1e:48:41:a4:05:63:d9:f4:9d:ef:05:
ee:8d:db:32:48:21:16:2d:9d:32:b7:5a:b1:b3:48:
06:16:63:27:68:c7:0d:e7:e7:85:38:2a:9a:5d:03:
58:f7:9e:20:54:e7:bd:f2:61:8a:d0:20:4d:9d:7e:
d6:da:30:96:0b:db:34:13:be:34:42:d3:ff:81:b1:
58:76:3d:b8:ad:cf:5a:59:7a:7c:40:a5:75:ee:12:
4b:32:ed:ff:e4:9f:27:68:b8:96:3a:15:5a:88:14:
7a:1c:40:2b:21:6d:f5:f5:02:61:6e:87:dc:f4:df:
1d:c9:16:ee:9c:c1:4f:5b:9a:cb:83:ed:46:c8:d6:
09:ff:cf:76:dd:6b:15:3a:4d:cc:43:c0:06:72:64:
8d:fa:f0:7d:20:f2:a9:f9:2d:13:1b:29:04:52:0e:
27:c9:05:38:d7:78:99:f0:ce:e5:92:80:1b:6b:65:
23:ec:56:96:fd:54:98:fd:34:69:69:05:b4:6c:36:
64:25:37:3b:0a:be:71:cc:dd:90:5f:d1:d7:33:6a:
af:f2:d1:6e:23:f8:ef:d2:9c:6c:ea:02:c6:27:2f:
ac:a9:05:1d:dd:23:52:36:46:49:d5:16:aa:8c:41:
3c:b6:57:e1:2e:d0:55:d5:26:62:f7:55:00:3a:c3:
b6:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B9:A6:3A:4A:91:B0:09:89:50:CE:CC:0F:88:8E:89:CA:64:DA:16
X509v3 Authority Key Identifier:
keyid:05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/5LmmOkqRsAmJUM7MD4iOicpk2hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.168.0-128.127.170.255
Signature Algorithm: sha256WithRSAEncryption
75:18:87:6c:b5:a4:b5:cc:a3:e8:51:5b:30:0f:6b:2c:80:8e:
0f:e6:d0:1b:c8:01:ed:5b:10:dd:e7:3a:6b:c9:8c:56:db:a7:
7b:db:e1:6b:e2:e5:51:30:f0:13:f8:f1:24:06:ef:c3:fd:0f:
9d:1e:b9:73:aa:65:f0:c1:aa:ad:b1:5e:f9:c4:b7:55:e4:fd:
e0:8b:8d:51:34:16:64:f1:2c:b7:72:77:a0:c4:77:3f:58:45:
36:65:af:25:d5:7b:86:d8:c4:ea:69:9a:0a:ad:7f:9e:05:f1:
da:68:fb:3c:3c:93:ce:9f:de:85:f9:cd:b8:52:f0:93:57:98:
c4:ed:db:7a:c0:8c:35:0e:80:b8:cf:4e:f4:35:25:7b:59:11:
b7:0d:1d:d5:77:ae:1a:bf:9a:ab:b9:98:56:fe:f5:db:3e:cc:
c0:86:bb:2b:e1:ce:f6:ef:1a:12:bd:9b:a9:0e:0c:07:6a:68:
52:df:fd:5d:7b:42:a9:f4:27:ee:6f:4c:c7:e6:16:0b:43:e0:
53:7c:fe:4f:7f:ec:8e:08:f6:22:97:b9:f4:a5:f6:d8:ce:06:
09:a2:8b:c9:fc:1d:53:b4:03:54:8c:85:18:37:4b:46:45:e2:
61:02:a1:63:be:d7:5c:b6:ce:8d:29:97:63:b0:97:4a:d5:e0:
d2:0b:27:e6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVyleU1ukXZL+EElUm0yUXzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MGIxZTM4YzcwNGJkMDhlM2I5ZDE3ZjU5MDM2N2IxZDFm
MDNjNGEwHhcNMjMwMTAyMTMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGI5YTYzYTRhOTFiMDA5ODk1MGNlY2MwZjg4OGU4OWNhNjRkYTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxpoHkhBpAVj2fSd7wXujdsySCEW
LZ0yt1qxs0gGFmMnaMcN5+eFOCqaXQNY954gVOe98mGK0CBNnX7W2jCWC9s0E740
QtP/gbFYdj24rc9aWXp8QKV17hJLMu3/5J8naLiWOhVaiBR6HEArIW319QJhbofc
9N8dyRbunMFPW5rLg+1GyNYJ/8923WsVOk3MQ8AGcmSN+vB9IPKp+S0TGykEUg4n
yQU413iZ8M7lkoAba2Uj7FaW/VSY/TRpaQW0bDZkJTc7Cr5xzN2QX9HXM2qv8tFu
I/jv0pxs6gLGJy+sqQUd3SNSNkZJ1RaqjEE8tlfhLtBV1SZi91UAOsO2TQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOS5pjpKkbAJiVDOzA+IjonKZNoWMB8GA1UdIwQY
MBaAFAULHjjHBL0I47nRf1kDZ7HR8DxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFzZU9NY0V2UWpqdWRGX1dRTm5zZEh3UEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8zY2M5YjQtMWVmZi00OGM5LWIyZjYt
YTAxZTllNmRjYmYyLzEvNUxtbU9rcVJzQW1KVU03TUQ0aU9pY3BrMmhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8zY2M5YjQtMWVmZi00OGM5LWIyZjYtYTAxZTllNmRjYmYy
LzEvQlFzZU9NY0V2UWpqdWRGX1dRTm5zZEh3UEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOAf6gD
BACAf6owDQYJKoZIhvcNAQELBQADggEBAHUYh2y1pLXMo+hRWzAPayyAjg/m0BvI
Ae1bEN3nOmvJjFbbp3vb4Wvi5VEw8BP48SQG78P9D50euXOqZfDBqq2xXvnEt1Xk
/eCLjVE0FmTxLLdyd6DEdz9YRTZlryXVe4bYxOppmgqtf54F8dpo+zw8k86f3oX5
zbhS8JNXmMTt23rAjDUOgLjPTvQ1JXtZEbcNHdV3rhq/mqu5mFb+9ds+zMCGuyvh
zvbvGhK9m6kODAdqaFLf/V17Qqn0J+5vTMfmFgtD4FN8/k9/7I4I9iKXufSl9tjO
Bgmii8n8HVO0A1SMhRg3S0ZF4mECoWO+11y2zo0pl2Owl0rV4NILJ+Y=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:53 2024 by rpki-client on console-fra.rpki-client.org