Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/0T4bFiqKKriVtl3gdSgyRythlIE.roa
File: 0T4bFiqKKriVtl3gdSgyRythlIE.roa (raw, json)
Hash identifier: yfzJY8gZDJm3kMIeZe7M5tlUDkSwaUW/ckwytrc86+8=
Subject key identifier: D1:3E:1B:16:2A:8A:2A:B8:95:B6:5D:E0:75:28:32:47:2B:61:94:81
Certificate issuer: /CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Certificate serial: 0186FEF9F14FCD0FB6A90B90F219A878CF70
Authority key identifier: 0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/0T4bFiqKKriVtl3gdSgyRythlIE.roa
Signing time: Mon 20 Mar 2023 12:23:58 +0000
ROA not before: Mon 20 Mar 2023 12:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59508
IP address blocks: 5.159.96.0/22 maxlen: 22
5.159.104.0/21 maxlen: 21
2a09:4140::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fe:f9:f1:4f:cd:0f:b6:a9:0b:90:f2:19:a8:78:cf:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Validity
Not Before: Mar 20 12:23:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d13e1b162a8a2ab895b65de0752832472b619481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:03:a8:46:dc:cc:cc:f1:3d:9e:83:1d:4b:ef:
5d:1b:c6:cd:37:46:bc:c6:ec:62:b3:00:65:2f:3b:
f1:42:12:29:a2:5c:25:29:74:8c:87:95:b3:dd:34:
10:e1:7a:dc:61:7d:e9:14:a9:5e:23:97:65:65:e7:
5a:d5:77:7f:3e:fe:36:09:fc:ec:f2:4c:d9:56:56:
de:61:8b:ac:ff:c3:af:e2:17:0a:d6:cc:6b:5a:56:
65:37:ee:06:0f:76:d8:51:a6:28:99:a4:ec:86:d4:
32:34:62:aa:bf:cd:84:e1:1e:57:e5:6f:26:bc:13:
58:f7:c4:58:57:b1:4a:b2:41:29:9c:54:a4:4c:ac:
d8:35:d5:4f:b7:01:e5:6a:77:a2:e2:ee:fb:09:f3:
5e:99:a6:dc:8f:55:ba:3f:da:d4:c4:d4:04:5e:51:
fe:34:84:99:2e:df:91:24:a2:59:98:4d:2d:8d:75:
60:2f:b8:b9:19:b0:f1:42:1f:00:e6:b1:61:22:47:
95:de:70:17:2d:b5:bb:4e:53:ca:cd:51:81:be:ad:
2e:14:43:d1:a9:8f:86:c5:0c:dd:bb:5e:e7:6e:9d:
10:3a:e5:07:92:06:13:e4:90:11:86:09:a5:53:be:
5b:0a:27:03:bb:52:af:5c:8e:48:b0:5b:5e:2a:73:
2c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:3E:1B:16:2A:8A:2A:B8:95:B6:5D:E0:75:28:32:47:2B:61:94:81
X509v3 Authority Key Identifier:
keyid:0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/0T4bFiqKKriVtl3gdSgyRythlIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.96.0/22
5.159.104.0/21
IPv6:
2a09:4140::/29
Signature Algorithm: sha256WithRSAEncryption
52:4a:e7:68:04:03:c8:08:05:ba:da:a3:f4:a4:ac:06:03:e2:
3b:b9:42:60:a9:6d:2c:ae:8d:65:fc:3f:a2:15:81:a7:54:d8:
8f:f5:b6:02:5c:ac:74:52:75:07:c7:37:80:77:78:a3:1d:9e:
e1:ab:c4:87:8b:1a:20:1d:b1:30:01:26:49:70:b2:a4:6f:0d:
00:b4:80:a6:64:48:78:bf:e0:3e:16:74:60:dd:d3:4d:24:d6:
f6:bb:ef:9a:d7:7f:fb:43:5c:c3:be:94:f8:06:c0:91:e0:08:
73:cc:b8:6a:07:8b:bc:43:3c:f3:3f:7e:4d:99:cb:3d:fc:a8:
dc:dc:13:6e:b8:52:55:8e:13:6c:73:13:cd:43:d9:46:95:18:
e3:ae:9c:92:60:28:fe:ad:45:ac:f7:49:23:5d:f4:92:ee:79:
e0:6a:92:a0:36:b8:b1:05:d5:ea:29:d5:12:1c:6e:3c:3b:1a:
eb:70:e4:dd:e4:30:c8:6f:77:24:bf:09:4a:fc:b2:28:d8:01:
d4:d2:71:a9:4a:f5:75:cd:fe:47:8e:0d:26:b7:70:48:61:73:
e8:72:4e:cc:74:b8:b5:b8:25:9f:1e:87:c7:c1:bc:c0:10:56:
3c:4d:a9:7b:fc:8d:75:66:4f:bf:ed:ab:18:9f:40:10:83:67:
1c:f8:03:b5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYb++fFPzQ+2qQuQ8hmoeM9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2ViYTY4NzNjNWI1MDc1YjNjNDM5ZjdmZWViNTRhZjFm
MTBkYTkwHhcNMjMwMzIwMTIyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTNlMWIxNjJhOGEyYWI4OTViNjVkZTA3NTI4MzI0NzJiNjE5NDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQOoRtzMzPE9noMdS+9dG8bNN0a8
xuxiswBlLzvxQhIpolwlKXSMh5Wz3TQQ4XrcYX3pFKleI5dlZeda1Xd/Pv42Cfzs
8kzZVlbeYYus/8Ov4hcK1sxrWlZlN+4GD3bYUaYomaTshtQyNGKqv82E4R5X5W8m
vBNY98RYV7FKskEpnFSkTKzYNdVPtwHlanei4u77CfNemabcj1W6P9rUxNQEXlH+
NISZLt+RJKJZmE0tjXVgL7i5GbDxQh8A5rFhIkeV3nAXLbW7TlPKzVGBvq0uFEPR
qY+GxQzdu17nbp0QOuUHkgYT5JARhgmlU75bCicDu1KvXI5IsFteKnMsxwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNE+GxYqiiq4lbZd4HUoMkcrYZSBMB8GA1UdIwQY
MBaAFA0+umhzxbUHWzxDn3/utUrx8Q2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUt
Mjc5OThiZjE3NDY1LzEvMFQ0YkZpcUtLcmlWdGwzZ2RTZ3lSeXRobElFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUtMjc5OThiZjE3NDY1
LzEvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBZ9gAwQD
BZ9oMA0EAgACMAcDBQMqCUFAMA0GCSqGSIb3DQEBCwUAA4IBAQBSSudoBAPICAW6
2qP0pKwGA+I7uUJgqW0sro1l/D+iFYGnVNiP9bYCXKx0UnUHxzeAd3ijHZ7hq8SH
ixogHbEwASZJcLKkbw0AtICmZEh4v+A+FnRg3dNNJNb2u++a13/7Q1zDvpT4BsCR
4AhzzLhqB4u8QzzzP35Nmcs9/Kjc3BNuuFJVjhNscxPNQ9lGlRjjrpySYCj+rUWs
90kjXfSS7nngapKgNrixBdXqKdUSHG48OxrrcOTd5DDIb3ckvwlK/LIo2AHU0nGp
SvV1zf5Hjg0mt3BIYXPock7MdLi1uCWfHofHwbzAEFY8Tal7/I11Zk+/7asYn0AQ
g2cc+AO1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:10 2024 by rpki-client on console-fra.rpki-client.org