Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/8TMI14zUywaLNaWnga6PcuZEklk.roa
File: 8TMI14zUywaLNaWnga6PcuZEklk.roa (raw, json)
Hash identifier: EIxyRDbuA3OJGEBNdkYeCJIRpBrA3edk24p08E0PuLI=
Subject key identifier: F1:33:08:D7:8C:D4:CB:06:8B:35:A5:A7:81:AE:8F:72:E6:44:92:59
Certificate issuer: /CN=089bbb09a5fbef6135c2d920bf27bb61f5c2e09d
Certificate serial: 018572CCA0D44DCDFAB1756E55F9F583C9A3
Authority key identifier: 08:9B:BB:09:A5:FB:EF:61:35:C2:D9:20:BF:27:BB:61:F5:C2:E0:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJu7CaX772E1wtkgvye7YfXC4J0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/8TMI14zUywaLNaWnga6PcuZEklk.roa
Signing time: Mon 02 Jan 2023 14:04:51 +0000
ROA not before: Mon 02 Jan 2023 14:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49820
IP address blocks: 5.35.176.0/21 maxlen: 21
2a10:87c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:a0:d4:4d:cd:fa:b1:75:6e:55:f9:f5:83:c9:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=089bbb09a5fbef6135c2d920bf27bb61f5c2e09d
Validity
Not Before: Jan 2 14:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f13308d78cd4cb068b35a5a781ae8f72e6449259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:39:bd:6b:ef:db:d8:5c:c3:bb:ad:b2:11:2c:
93:4b:09:4a:1a:10:b3:85:db:7d:d5:33:a6:1a:9e:
5e:98:17:0c:9d:c0:61:99:7a:6e:0c:7f:3d:dc:bd:
4a:33:89:87:fa:cc:66:37:98:e3:2d:c6:a2:30:d8:
93:ad:60:1a:e9:f8:5e:79:53:c6:1c:ec:ac:16:32:
3c:6e:6d:6f:54:08:b9:40:46:26:c7:ae:31:92:85:
06:8e:3b:41:f4:03:ff:84:6b:ed:28:99:43:27:a0:
13:71:a8:de:bd:9a:2d:44:dc:45:f2:26:c0:3c:01:
b4:da:63:85:80:24:10:5e:0e:3c:1b:00:47:f6:ea:
86:e4:70:f3:74:4b:7b:b4:6a:58:af:57:33:e7:d8:
4c:0f:d6:09:2c:ce:de:c5:f9:c5:cd:76:f4:e8:51:
1b:90:73:9f:20:eb:e3:08:9c:f6:f9:a8:1c:76:49:
d8:b2:41:dc:e9:87:8e:a8:3c:7d:0c:b7:0e:e0:e3:
12:dc:b1:1b:6c:f8:d9:20:9f:4d:c3:1f:1e:21:d5:
72:25:6d:e1:6d:f9:9f:d3:2d:64:07:c0:1a:51:94:
05:cd:27:7f:3f:8a:63:c0:f5:52:60:18:0e:a7:7d:
00:39:58:a0:07:37:ce:77:84:ee:15:e3:af:16:d3:
bf:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:33:08:D7:8C:D4:CB:06:8B:35:A5:A7:81:AE:8F:72:E6:44:92:59
X509v3 Authority Key Identifier:
keyid:08:9B:BB:09:A5:FB:EF:61:35:C2:D9:20:BF:27:BB:61:F5:C2:E0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJu7CaX772E1wtkgvye7YfXC4J0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/8TMI14zUywaLNaWnga6PcuZEklk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/CJu7CaX772E1wtkgvye7YfXC4J0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.176.0/21
IPv6:
2a10:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:26:69:be:75:10:b1:36:f1:4d:d4:4d:ed:0e:f6:e0:60:89:
d3:d1:e6:ea:48:2f:5c:17:44:40:01:e6:3e:46:6b:c3:46:a7:
bb:74:ff:c5:cb:35:5d:59:d2:02:da:ea:21:42:a3:6e:69:3a:
ec:35:f3:60:11:4b:c9:3a:3e:ee:d6:f1:91:18:9f:b1:fe:95:
e2:31:22:d7:09:e2:ad:3e:11:b2:e4:55:c1:2b:c8:37:3c:18:
47:f7:03:30:4f:76:64:eb:89:3f:b3:26:de:c7:a1:24:95:f8:
2f:76:2f:08:c3:3d:93:3b:c0:92:84:e9:97:02:2d:6e:4c:ef:
a4:19:ef:d5:e7:26:70:6c:4d:a5:59:d3:0d:69:3c:89:15:fc:
de:63:a9:c8:3e:71:89:48:e8:f7:a5:d6:91:b9:7e:c4:43:10:
1e:67:b4:0b:82:8a:30:fd:37:f2:5e:ed:ee:0a:59:e0:71:a1:
f4:af:fa:ad:1a:00:57:9b:2c:e0:30:42:9d:df:af:38:f5:33:
ba:ca:e2:9e:9b:a1:9e:98:08:81:06:1d:81:e1:58:9f:04:b4:
a4:e3:32:8c:61:9b:7a:8e:a7:9d:c3:e3:77:7a:06:b4:e6:5f:
c9:ef:b3:62:4c:8a:41:d5:c7:a6:6b:de:ea:5f:e9:7d:a1:1e:
a8:bd:59:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyzKDUTc36sXVuVfn1g8mjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OWJiYjA5YTVmYmVmNjEzNWMyZDkyMGJmMjdiYjYxZjVj
MmUwOWQwHhcNMjMwMTAyMTQwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTMzMDhkNzhjZDRjYjA2OGIzNWE1YTc4MWFlOGY3MmU2NDQ5MjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzm9a+/b2FzDu62yESyTSwlKGhCz
hdt91TOmGp5emBcMncBhmXpuDH893L1KM4mH+sxmN5jjLcaiMNiTrWAa6fheeVPG
HOysFjI8bm1vVAi5QEYmx64xkoUGjjtB9AP/hGvtKJlDJ6ATcajevZotRNxF8ibA
PAG02mOFgCQQXg48GwBH9uqG5HDzdEt7tGpYr1cz59hMD9YJLM7exfnFzXb06FEb
kHOfIOvjCJz2+agcdknYskHc6YeOqDx9DLcO4OMS3LEbbPjZIJ9Nwx8eIdVyJW3h
bfmf0y1kB8AaUZQFzSd/P4pjwPVSYBgOp30AOVigBzfOd4TuFeOvFtO/NwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPEzCNeM1MsGizWlp4Guj3LmRJJZMB8GA1UdIwQY
MBaAFAibuwml++9hNcLZIL8nu2H1wuCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0p1N0NhWDc3MkUxd3RrZ3Z5ZTdZZlhDNEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC81Y2NiOGYtNTE0OC00NzA2LWEwNDAt
MmY5YjAwZmRjNWQzLzEvOFRNSTE0elV5d2FMTmFXbmdhNlBjdVpFa2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC81Y2NiOGYtNTE0OC00NzA2LWEwNDAtMmY5YjAwZmRjNWQz
LzEvQ0p1N0NhWDc3MkUxd3RrZ3Z5ZTdZZlhDNEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBSOwMA0E
AgACMAcDBQMqEIfAMA0GCSqGSIb3DQEBCwUAA4IBAQBtJmm+dRCxNvFN1E3tDvbg
YInT0ebqSC9cF0RAAeY+RmvDRqe7dP/FyzVdWdIC2uohQqNuaTrsNfNgEUvJOj7u
1vGRGJ+x/pXiMSLXCeKtPhGy5FXBK8g3PBhH9wMwT3Zk64k/sybex6Eklfgvdi8I
wz2TO8CShOmXAi1uTO+kGe/V5yZwbE2lWdMNaTyJFfzeY6nIPnGJSOj3pdaRuX7E
QxAeZ7QLgoow/TfyXu3uClngcaH0r/qtGgBXmyzgMEKd36849TO6yuKem6GemAiB
Bh2B4VifBLSk4zKMYZt6jqedw+N3ega05l/J77NiTIpB1cema97qX+l9oR6ovVkP
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:53 2024 by rpki-client on console-ams.rpki-client.org