Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/788fcf-60f3-426f-9858-82f476b5cfdb/1/rqBdwTLXbZ25nhQGN9zM9BTx26s.roa
File: rqBdwTLXbZ25nhQGN9zM9BTx26s.roa (raw, json)
Hash identifier: ydfIBFnmiUkURyAcwm4nEwd+C3eUQ4PQ3zuVKzkWyjc=
Subject key identifier: AE:A0:5D:C1:32:D7:6D:9D:B9:9E:14:06:37:DC:CC:F4:14:F1:DB:AB
Certificate issuer: /CN=9dc366af6ce0b1a9f60173b14b5fddd7e0b96306
Certificate serial: 01856D8AB99A12194F5EE3F41E7A2B42BAE2
Authority key identifier: 9D:C3:66:AF:6C:E0:B1:A9:F6:01:73:B1:4B:5F:DD:D7:E0:B9:63:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ncNmr2zgsan2AXOxS1_d1-C5YwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/788fcf-60f3-426f-9858-82f476b5cfdb/1/rqBdwTLXbZ25nhQGN9zM9BTx26s.roa
Signing time: Sun 01 Jan 2023 13:34:46 +0000
ROA not before: Sun 01 Jan 2023 13:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51487
IP address blocks: 5.253.4.0/24 maxlen: 24
5.253.6.0/24 maxlen: 24
5.253.5.0/24 maxlen: 24
5.253.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:b9:9a:12:19:4f:5e:e3:f4:1e:7a:2b:42:ba:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc366af6ce0b1a9f60173b14b5fddd7e0b96306
Validity
Not Before: Jan 1 13:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aea05dc132d76d9db99e140637dcccf414f1dbab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e6:2d:9b:7e:fa:da:7d:9d:87:57:31:3f:e0:
8e:11:2f:68:b6:4c:db:12:57:b1:3e:b0:a8:83:e6:
97:b2:a2:97:1e:b5:01:a4:07:00:2d:41:68:0d:77:
9b:76:22:c5:f9:dd:0e:09:6f:d3:62:08:56:8c:34:
3f:fb:8c:87:44:c7:7e:a2:87:ff:8e:d6:96:82:60:
42:1b:b1:c2:04:9d:09:5e:ec:71:82:d8:a7:1d:de:
f4:30:f1:9a:68:a5:1d:a5:fe:1a:44:36:f7:ba:76:
64:98:9d:87:e4:76:de:a0:f4:73:5e:f3:9e:01:d5:
f1:21:b8:fb:4a:e8:85:60:74:6d:3f:28:3d:15:5f:
40:b9:13:24:9d:38:cc:3b:65:aa:1d:d5:9b:17:78:
f1:d2:e1:ff:4a:82:13:74:ce:e2:0d:1f:8b:c5:2e:
9e:59:54:4c:4e:08:27:d0:28:d6:33:ac:9c:ef:fb:
bf:18:7f:d7:5e:36:1c:9f:f1:63:8b:58:c6:a2:c5:
8d:ac:4a:c1:14:5c:15:72:1e:79:de:ad:87:a1:8c:
18:1e:60:0c:09:9b:30:55:2c:f9:65:e4:e0:85:ca:
a8:92:22:26:42:35:b1:52:af:80:d7:1f:7e:7e:11:
5c:80:1d:b7:c6:80:e7:75:37:6e:ac:bc:a4:a9:95:
aa:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A0:5D:C1:32:D7:6D:9D:B9:9E:14:06:37:DC:CC:F4:14:F1:DB:AB
X509v3 Authority Key Identifier:
keyid:9D:C3:66:AF:6C:E0:B1:A9:F6:01:73:B1:4B:5F:DD:D7:E0:B9:63:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ncNmr2zgsan2AXOxS1_d1-C5YwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/788fcf-60f3-426f-9858-82f476b5cfdb/1/rqBdwTLXbZ25nhQGN9zM9BTx26s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/788fcf-60f3-426f-9858-82f476b5cfdb/1/ncNmr2zgsan2AXOxS1_d1-C5YwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.4.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:29:ad:53:b7:a1:fe:b1:52:60:85:2d:d1:03:27:3b:09:c2:
b8:af:9c:4c:2a:10:76:27:63:ac:fa:df:f5:5c:e2:b3:6a:61:
9e:1b:74:bd:fb:68:7e:0d:e7:9a:91:eb:44:75:ac:66:a1:e7:
87:c5:12:8d:29:7b:ff:96:17:9e:ad:4f:4e:18:88:73:e9:2b:
14:6a:13:1f:52:f4:37:ed:cc:1c:41:17:77:f0:14:bb:bc:32:
e6:ba:f6:cd:34:1f:b1:bc:ef:e9:af:ce:17:53:45:e8:37:f6:
16:66:ac:56:cf:0e:41:df:71:89:a9:40:e4:2d:f4:70:a5:7e:
45:ea:fd:a7:85:36:87:a2:5b:3a:cd:59:ed:79:f5:77:45:d5:
e0:bc:02:8e:c6:bc:de:94:af:b4:08:f8:52:69:66:14:67:3a:
8c:fe:a2:27:3d:73:9a:16:66:14:4f:d3:b9:42:16:64:11:37:
88:a3:dd:2c:88:53:a7:fa:06:cc:01:eb:fb:55:eb:20:4a:8f:
f3:94:3c:0d:34:2f:92:ea:5e:11:91:66:2e:ca:b6:04:71:a6:
b9:eb:85:49:14:04:f5:49:76:9f:a4:bd:56:db:40:3e:33:5f:
d2:e6:a9:6a:ee:e5:17:12:3d:32:92:61:fb:98:e5:15:04:2f:
df:2c:89:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtirmaEhlPXuP0HnorQrriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzM2NmFmNmNlMGIxYTlmNjAxNzNiMTRiNWZkZGQ3ZTBi
OTYzMDYwHhcNMjMwMTAxMTMzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWEwNWRjMTMyZDc2ZDlkYjk5ZTE0MDYzN2RjY2NmNDE0ZjFkYmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+Ytm3762n2dh1cxP+COES9otkzb
ElexPrCog+aXsqKXHrUBpAcALUFoDXebdiLF+d0OCW/TYghWjDQ/+4yHRMd+oof/
jtaWgmBCG7HCBJ0JXuxxgtinHd70MPGaaKUdpf4aRDb3unZkmJ2H5HbeoPRzXvOe
AdXxIbj7SuiFYHRtPyg9FV9AuRMknTjMO2WqHdWbF3jx0uH/SoITdM7iDR+LxS6e
WVRMTggn0CjWM6yc7/u/GH/XXjYcn/Fji1jGosWNrErBFFwVch553q2HoYwYHmAM
CZswVSz5ZeTghcqokiImQjWxUq+A1x9+fhFcgB23xoDndTdurLykqZWq7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK6gXcEy122duZ4UBjfczPQU8durMB8GA1UdIwQY
MBaAFJ3DZq9s4LGp9gFzsUtf3dfguWMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNObXIyemdzYW4yQVhPeFMxX2QxLUM1WXdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC83ODhmY2YtNjBmMy00MjZmLTk4NTgt
ODJmNDc2YjVjZmRiLzEvcnFCZHdUTFhiWjI1bmhRR045ek05QlR4MjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC83ODhmY2YtNjBmMy00MjZmLTk4NTgtODJmNDc2YjVjZmRi
LzEvbmNObXIyemdzYW4yQVhPeFMxX2QxLUM1WXdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf0EMA0G
CSqGSIb3DQEBCwUAA4IBAQAeKa1Tt6H+sVJghS3RAyc7CcK4r5xMKhB2J2Os+t/1
XOKzamGeG3S9+2h+DeeaketEdaxmoeeHxRKNKXv/lheerU9OGIhz6SsUahMfUvQ3
7cwcQRd38BS7vDLmuvbNNB+xvO/pr84XU0XoN/YWZqxWzw5B33GJqUDkLfRwpX5F
6v2nhTaHols6zVntefV3RdXgvAKOxrzelK+0CPhSaWYUZzqM/qInPXOaFmYUT9O5
QhZkETeIo90siFOn+gbMAev7VesgSo/zlDwNNC+S6l4RkWYuyrYEcaa564VJFAT1
SXafpL1W20A+M1/S5qlq7uUXEj0ykmH7mOUVBC/fLIn6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:42 2024 by rpki-client on console-ams.rpki-client.org