Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/5vxOo49tBAIbcBFVak2RCJH08Os.roa
File: 5vxOo49tBAIbcBFVak2RCJH08Os.roa (raw, json)
Hash identifier: sVQAnhFdZ+fvPihap5Kd4Wq1yeG4/Q1ppjdv4RpQWSw=
Subject key identifier: E6:FC:4E:A3:8F:6D:04:02:1B:70:11:55:6A:4D:91:08:91:F4:F0:EB
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 01856F42E7887FC46E70AB53D1B9D5CE3B99
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/5vxOo49tBAIbcBFVak2RCJH08Os.roa
Signing time: Sun 01 Jan 2023 21:35:33 +0000
ROA not before: Sun 01 Jan 2023 21:35:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62039
IP address blocks: 5.160.204.0/23 maxlen: 24
5.160.206.0/23 maxlen: 24
5.160.205.0/24 maxlen: 24
5.160.204.0/22 maxlen: 24
5.160.204.0/24 maxlen: 24
5.160.206.0/24 maxlen: 24
5.160.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:e7:88:7f:c4:6e:70:ab:53:d1:b9:d5:ce:3b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:35:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6fc4ea38f6d04021b7011556a4d910891f4f0eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:41:3b:1d:f8:85:96:a7:b5:65:12:f4:6d:8a:
8f:8a:17:3a:d1:6f:cf:af:5d:61:80:46:4f:0a:e9:
0f:ef:54:ae:5c:d5:d5:c3:10:a6:7f:10:f6:e1:f6:
2a:33:57:83:bb:59:73:4c:c5:8d:73:52:3e:9f:a1:
45:ff:89:cd:ed:bb:59:8b:28:84:90:cd:47:e4:f8:
e2:75:d6:48:39:2e:ad:13:8c:54:60:16:9f:e5:f5:
84:2b:d9:ef:db:6c:65:27:0e:30:02:47:27:bb:0d:
f3:49:6f:46:f9:d8:8e:8d:91:10:c0:96:e3:21:6d:
4e:09:fc:d6:62:ec:54:3a:98:fc:f3:48:64:d9:41:
0b:c0:e8:32:25:67:07:d3:95:17:81:a3:99:47:ff:
f8:64:76:ea:14:d0:79:fa:74:d7:0b:84:60:88:93:
f4:0c:60:3d:7a:db:89:59:79:9a:6a:89:50:af:6d:
87:4d:fa:b7:a9:18:c3:e9:95:d3:9f:7a:1c:c7:64:
12:41:a3:e2:c1:e3:cb:07:ef:3d:88:67:3c:94:46:
3e:b1:46:05:df:a9:87:78:40:47:eb:52:56:5b:5d:
8d:47:bf:4c:e7:51:b3:ce:4c:13:80:6f:b1:7d:46:
27:ed:82:19:f4:33:14:b7:2a:fd:ac:26:19:f0:b3:
fe:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:FC:4E:A3:8F:6D:04:02:1B:70:11:55:6A:4D:91:08:91:F4:F0:EB
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/5vxOo49tBAIbcBFVak2RCJH08Os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.204.0/22
Signature Algorithm: sha256WithRSAEncryption
34:44:89:0e:2d:2e:78:6e:ec:3d:97:58:ae:eb:0e:0f:ae:79:
b0:01:4f:6e:b5:66:59:3c:a3:05:1c:59:fc:39:11:86:52:96:
d6:1b:ae:7c:6d:d3:41:c3:8c:e4:6f:e1:4c:09:47:9f:d8:c0:
63:70:1d:c5:45:c2:4b:14:68:ce:bb:74:4c:91:6a:08:53:63:
89:52:c3:d4:20:21:10:d1:4c:cc:88:ac:97:13:41:8f:25:56:
73:41:53:a4:83:86:a5:d6:7d:50:70:12:fb:30:78:2f:71:bc:
1b:3f:b2:49:3c:b8:3c:62:f1:fb:09:60:30:ab:0b:02:6c:74:
a1:3c:ac:84:45:56:55:a0:86:71:ec:a1:03:46:85:f4:13:72:
61:6f:cf:3a:69:7b:e2:55:1b:02:3b:2e:c0:da:75:28:70:1e:
b4:25:a6:89:b6:e6:23:7b:ed:1c:e6:9e:63:cc:eb:e1:8d:0d:
1f:15:b9:50:4b:8e:9f:3f:7f:d6:97:35:0b:5f:6d:95:05:9f:
a0:24:28:db:e6:1c:29:64:39:aa:d3:7a:98:fb:94:de:cb:12:
a6:0e:b0:e8:24:e1:1d:29:5e:df:aa:ee:83:29:49:7a:a5:c8:
f0:17:87:c2:ac:f1:ce:e3:6d:07:73:98:50:ed:65:d6:90:fb:
3b:af:06:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQueIf8RucKtT0bnVzjuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmZjNGVhMzhmNmQwNDAyMWI3MDExNTU2YTRkOTEwODkxZjRmMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEE7HfiFlqe1ZRL0bYqPihc60W/P
r11hgEZPCukP71SuXNXVwxCmfxD24fYqM1eDu1lzTMWNc1I+n6FF/4nN7btZiyiE
kM1H5PjiddZIOS6tE4xUYBaf5fWEK9nv22xlJw4wAkcnuw3zSW9G+diOjZEQwJbj
IW1OCfzWYuxUOpj880hk2UELwOgyJWcH05UXgaOZR//4ZHbqFNB5+nTXC4RgiJP0
DGA9etuJWXmaaolQr22HTfq3qRjD6ZXTn3ocx2QSQaPiwePLB+89iGc8lEY+sUYF
36mHeEBH61JWW12NR79M51GzzkwTgG+xfUYn7YIZ9DMUtyr9rCYZ8LP+bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOb8TqOPbQQCG3ARVWpNkQiR9PDrMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvNXZ4T280OXRCQUliY0JGVmFrMlJDSkgwOE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBaDMMA0G
CSqGSIb3DQEBCwUAA4IBAQA0RIkOLS54buw9l1iu6w4PrnmwAU9utWZZPKMFHFn8
ORGGUpbWG658bdNBw4zkb+FMCUef2MBjcB3FRcJLFGjOu3RMkWoIU2OJUsPUICEQ
0UzMiKyXE0GPJVZzQVOkg4al1n1QcBL7MHgvcbwbP7JJPLg8YvH7CWAwqwsCbHSh
PKyERVZVoIZx7KEDRoX0E3Jhb886aXviVRsCOy7A2nUocB60JaaJtuYje+0c5p5j
zOvhjQ0fFblQS46fP3/WlzULX22VBZ+gJCjb5hwpZDmq03qY+5TeyxKmDrDoJOEd
KV7fqu6DKUl6pcjwF4fCrPHO420Hc5hQ7WXWkPs7rwYL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org