Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/aa7d87-4dce-44a3-aa54-f85e33dd8946/1/5dtDXlYhsJLQYmCNIokihncL-ik.roa
File: 5dtDXlYhsJLQYmCNIokihncL-ik.roa (raw, json)
Hash identifier: CBgAAXyqKWdMWwfWQMk6cLimqXYYUfZ1NRMhqDySOkM=
Subject key identifier: E5:DB:43:5E:56:21:B0:92:D0:62:60:8D:22:89:22:86:77:0B:FA:29
Certificate issuer: /CN=6896d9c14a8ab5d8b0b408187ece15a0d23cee1c
Certificate serial: 018570428C858CA8EC6398F589941ADD1098
Authority key identifier: 68:96:D9:C1:4A:8A:B5:D8:B0:B4:08:18:7E:CE:15:A0:D2:3C:EE:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aJbZwUqKtdiwtAgYfs4VoNI87hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/aa7d87-4dce-44a3-aa54-f85e33dd8946/1/5dtDXlYhsJLQYmCNIokihncL-ik.roa
Signing time: Mon 02 Jan 2023 02:14:47 +0000
ROA not before: Mon 02 Jan 2023 02:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13045
IP address blocks: 192.109.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Mar 2023 07:16:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:8c:85:8c:a8:ec:63:98:f5:89:94:1a:dd:10:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6896d9c14a8ab5d8b0b408187ece15a0d23cee1c
Validity
Not Before: Jan 2 02:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5db435e5621b092d062608d22892286770bfa29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5c:f2:bb:ea:04:88:cc:8d:67:8e:2c:20:dd:
bb:3f:ef:95:33:45:c7:fe:ae:82:36:73:f5:4f:a9:
35:39:d0:3e:fa:4b:75:fb:2c:c0:a8:53:90:8e:7c:
2a:16:d6:f7:aa:84:a1:38:cb:7c:c3:e5:6a:c5:9c:
5e:a7:09:58:89:99:b2:2c:0f:f2:b3:03:2b:77:88:
98:d4:68:27:9a:a5:bc:e5:f2:85:91:d1:b8:ef:f7:
d1:67:e9:61:e7:5a:ee:9c:66:e9:da:11:5d:8a:5a:
ec:ed:fc:42:7d:80:76:3a:76:31:99:eb:49:9f:8f:
34:61:9c:09:de:3a:28:6f:58:77:5a:b8:c6:75:c0:
61:95:33:99:42:24:59:0f:f2:e6:2a:00:e4:9f:63:
fb:13:a7:19:02:12:43:e3:9e:fc:32:17:13:ee:24:
49:9a:d1:5d:d8:e8:07:95:ea:95:06:05:1e:16:a6:
d3:5e:2a:9a:12:1f:c9:a4:ef:e5:a7:e6:06:ba:6b:
5f:ec:43:42:58:d6:2e:3f:b1:96:96:b9:9a:15:19:
b1:4c:5f:9f:ba:54:b1:eb:23:d6:f6:b4:80:e1:ab:
9d:99:11:fd:a9:1a:67:c7:d6:6e:4f:c3:39:50:33:
48:fe:91:96:74:bd:d9:13:fe:e7:15:49:e9:f6:9e:
09:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:DB:43:5E:56:21:B0:92:D0:62:60:8D:22:89:22:86:77:0B:FA:29
X509v3 Authority Key Identifier:
keyid:68:96:D9:C1:4A:8A:B5:D8:B0:B4:08:18:7E:CE:15:A0:D2:3C:EE:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aJbZwUqKtdiwtAgYfs4VoNI87hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/aa7d87-4dce-44a3-aa54-f85e33dd8946/1/5dtDXlYhsJLQYmCNIokihncL-ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/aa7d87-4dce-44a3-aa54-f85e33dd8946/1/aJbZwUqKtdiwtAgYfs4VoNI87hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.36.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:99:aa:99:8f:0e:d3:90:95:b9:cd:33:8c:19:57:ac:5f:31:
1a:7e:ae:37:28:aa:dd:30:06:2b:71:2e:58:70:47:f9:24:7b:
53:93:95:3e:9e:e3:03:2b:b1:97:f6:f5:4c:c1:36:d3:56:be:
05:ca:91:a6:9f:29:5c:b2:03:c8:cc:96:57:12:9f:98:ea:16:
5b:3b:6d:e3:b1:1e:48:c0:06:fc:8f:a1:bf:d5:4f:19:7d:57:
b4:3b:bb:e4:24:f7:cf:45:c0:42:aa:5b:52:21:be:c5:52:e2:
f1:e3:f5:b8:3d:c2:b5:45:1e:66:d2:11:f8:e8:4e:ad:70:fc:
dd:7d:4b:f4:3a:b8:06:62:f2:71:cc:6f:aa:10:be:ef:b6:82:
e9:b4:06:6f:03:4f:aa:cf:cf:c8:06:f0:77:17:fe:ca:0a:ba:
a6:e7:d8:46:81:02:18:63:e6:71:66:39:62:31:a6:3d:a1:38:
7b:a8:fe:42:2a:8c:fd:22:4c:45:bd:23:47:c9:ee:bb:d0:42:
39:03:b1:21:ef:f9:57:3e:93:04:b7:56:22:62:78:9c:6e:ee:
6f:d1:fe:89:0b:a0:a3:3d:02:87:c0:ad:05:84:bf:01:4f:2c:
55:59:8d:a5:bd:52:43:0d:2b:e1:48:6f:9d:cf:05:c4:70:2d:
69:2b:b1:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQoyFjKjsY5j1iZQa3RCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4OTZkOWMxNGE4YWI1ZDhiMGI0MDgxODdlY2UxNWEwZDIz
Y2VlMWMwHhcNMjMwMTAyMDIxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWRiNDM1ZTU2MjFiMDkyZDA2MjYwOGQyMjg5MjI4Njc3MGJmYTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1zyu+oEiMyNZ44sIN27P++VM0XH
/q6CNnP1T6k1OdA++kt1+yzAqFOQjnwqFtb3qoShOMt8w+VqxZxepwlYiZmyLA/y
swMrd4iY1GgnmqW85fKFkdG47/fRZ+lh51runGbp2hFdilrs7fxCfYB2OnYxmetJ
n480YZwJ3joob1h3WrjGdcBhlTOZQiRZD/LmKgDkn2P7E6cZAhJD4578MhcT7iRJ
mtFd2OgHleqVBgUeFqbTXiqaEh/JpO/lp+YGumtf7ENCWNYuP7GWlrmaFRmxTF+f
ulSx6yPW9rSA4audmRH9qRpnx9ZuT8M5UDNI/pGWdL3ZE/7nFUnp9p4JowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOXbQ15WIbCS0GJgjSKJIoZ3C/opMB8GA1UdIwQY
MBaAFGiW2cFKirXYsLQIGH7OFaDSPO4cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUpiWndVcUt0ZGl3dEFnWWZzNFZvTkk4N2h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9hYTdkODctNGRjZS00NGEzLWFhNTQt
Zjg1ZTMzZGQ4OTQ2LzEvNWR0RFhsWWhzSkxRWW1DTklva2lobmNMLWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9hYTdkODctNGRjZS00NGEzLWFhNTQtZjg1ZTMzZGQ4OTQ2
LzEvYUpiWndVcUt0ZGl3dEFnWWZzNFZvTkk4N2h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG0kMA0G
CSqGSIb3DQEBCwUAA4IBAQAPmaqZjw7TkJW5zTOMGVesXzEafq43KKrdMAYrcS5Y
cEf5JHtTk5U+nuMDK7GX9vVMwTbTVr4FypGmnylcsgPIzJZXEp+Y6hZbO23jsR5I
wAb8j6G/1U8ZfVe0O7vkJPfPRcBCqltSIb7FUuLx4/W4PcK1RR5m0hH46E6tcPzd
fUv0OrgGYvJxzG+qEL7vtoLptAZvA0+qz8/IBvB3F/7KCrqm59hGgQIYY+ZxZjli
MaY9oTh7qP5CKoz9IkxFvSNHye670EI5A7Eh7/lXPpMEt1YiYnicbu5v0f6JC6Cj
PQKHwK0FhL8BTyxVWY2lvVJDDSvhSG+dzwXEcC1pK7EY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:53 2024 by rpki-client on console-ams.rpki-client.org