Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/LcjDVQdi1QJGm8aViPUKr6V_w6w.roa
File: LcjDVQdi1QJGm8aViPUKr6V_w6w.roa (raw, json)
Hash identifier: C9Mvz3y/u3mGhCh4CBUBZx8jM4wbfMl/o3dgCqJD/NE=
Subject key identifier: 2D:C8:C3:55:07:62:D5:02:46:9B:C6:95:88:F5:0A:AF:A5:7F:C3:AC
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 01921EFD1C63684502A45817E09D62947932
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/LcjDVQdi1QJGm8aViPUKr6V_w6w.roa
Signing time: Mon 23 Sep 2024 13:05:57 +0000
ROA not before: Mon 23 Sep 2024 13:05:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198154
IP address blocks: 5.160.144.0/24 maxlen: 24
5.160.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Nov 2024 09:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:fd:1c:63:68:45:02:a4:58:17:e0:9d:62:94:79:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Sep 23 13:05:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dc8c3550762d502469bc69588f50aafa57fc3ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:58:8e:81:fd:da:2e:f1:5c:94:b0:2d:31:fc:
cc:45:d6:6b:ac:28:03:c8:d7:fb:77:d9:66:68:aa:
6d:a2:07:90:9e:a9:1b:bd:ae:c4:7b:59:2b:f7:ac:
63:ab:09:d2:4c:98:27:db:22:28:cd:e1:f4:6c:34:
28:56:00:80:3d:ba:6a:bb:13:60:85:58:d2:aa:c8:
8d:2a:10:5b:f7:e7:b5:c4:c9:f8:81:b1:6e:b7:91:
3d:bf:31:71:70:a6:1f:ca:c7:3c:0a:3a:8a:55:66:
8e:aa:65:5a:4b:2f:52:18:04:ea:e8:60:2a:9f:6f:
b5:c0:04:6c:a7:3b:b1:57:e4:0b:15:ae:02:9f:04:
91:23:35:78:cc:27:7f:56:82:0a:ef:c5:42:ab:5f:
3c:77:81:c7:d0:2f:4e:a2:60:11:10:e4:df:5a:01:
87:10:2d:fd:90:19:8b:0b:65:2a:0f:b9:07:2a:0d:
dc:56:51:a1:24:62:38:7f:61:f8:d4:93:1a:9a:a9:
36:a9:4b:1f:c0:a6:56:29:36:2b:4c:d6:c5:1b:6b:
f9:cd:eb:a4:cd:df:7a:4b:a1:0d:bb:9f:e3:e7:d9:
84:f1:ce:4a:46:40:78:07:ab:21:99:33:46:00:67:
6e:78:06:ea:9d:45:10:0c:77:5c:cf:84:2b:49:3f:
d3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:C8:C3:55:07:62:D5:02:46:9B:C6:95:88:F5:0A:AF:A5:7F:C3:AC
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/LcjDVQdi1QJGm8aViPUKr6V_w6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.144.0/23
Signature Algorithm: sha256WithRSAEncryption
75:2b:9b:01:9d:cc:64:00:32:c0:b6:32:b2:7d:70:0d:b1:73:
d8:96:42:54:d2:52:77:a9:a7:9a:d6:49:b7:34:43:fb:4e:04:
49:3e:8e:4d:d1:dd:5e:3e:62:4b:3e:d2:71:93:c4:15:72:32:
80:60:50:43:5e:1b:50:b0:e9:f0:19:23:ca:bf:d5:bd:2c:f1:
b6:97:8a:7c:0e:a0:40:ae:c8:25:04:f2:3b:a4:4f:5d:27:15:
f4:7e:a1:33:71:9a:d4:3e:be:13:26:c7:67:66:e8:2c:74:87:
72:28:2a:a5:e6:4a:cd:7b:94:a6:8d:29:46:2c:42:ab:30:29:
36:4f:6e:49:9d:96:02:aa:94:db:04:df:59:9f:ac:57:8d:b3:
a4:64:6a:37:68:01:6a:ae:8b:6f:06:cc:ca:92:b2:88:6a:de:
59:e1:a3:ec:7b:a5:5b:5b:06:36:a7:4c:1a:51:c2:1e:8f:b7:
98:21:11:ff:e8:95:34:6f:c7:27:ca:5f:25:50:05:20:ed:c3:
5d:e7:78:3d:6d:cc:f7:a8:ce:d5:fc:e9:54:74:0a:f5:77:40:
d4:12:14:79:0c:17:9c:c6:d7:9d:cd:bb:34:ff:e4:53:37:33:
c2:d4:78:8f:60:a3:5e:99:b0:16:d5:f0:b1:24:7e:35:5e:f5:
b3:b6:e2:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIe/RxjaEUCpFgX4J1ilHkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwOTIzMTMwNTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGM4YzM1NTA3NjJkNTAyNDY5YmM2OTU4OGY1MGFhZmE1N2ZjM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1iOgf3aLvFclLAtMfzMRdZrrCgD
yNf7d9lmaKptogeQnqkbva7Ee1kr96xjqwnSTJgn2yIozeH0bDQoVgCAPbpquxNg
hVjSqsiNKhBb9+e1xMn4gbFut5E9vzFxcKYfysc8CjqKVWaOqmVaSy9SGATq6GAq
n2+1wARspzuxV+QLFa4CnwSRIzV4zCd/VoIK78VCq188d4HH0C9OomAREOTfWgGH
EC39kBmLC2UqD7kHKg3cVlGhJGI4f2H41JMamqk2qUsfwKZWKTYrTNbFG2v5zeuk
zd96S6ENu5/j59mE8c5KRkB4B6shmTNGAGdueAbqnUUQDHdcz4QrST/TBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC3Iw1UHYtUCRpvGlYj1Cq+lf8OsMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvTGNqRFZRZGkxUUpHbThhVmlQVUtyNlZfdzZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBaCQMA0G
CSqGSIb3DQEBCwUAA4IBAQB1K5sBncxkADLAtjKyfXANsXPYlkJU0lJ3qaea1km3
NEP7TgRJPo5N0d1ePmJLPtJxk8QVcjKAYFBDXhtQsOnwGSPKv9W9LPG2l4p8DqBA
rsglBPI7pE9dJxX0fqEzcZrUPr4TJsdnZugsdIdyKCql5krNe5SmjSlGLEKrMCk2
T25JnZYCqpTbBN9Zn6xXjbOkZGo3aAFqrotvBszKkrKIat5Z4aPse6VbWwY2p0wa
UcIej7eYIRH/6JU0b8cnyl8lUAUg7cNd53g9bcz3qM7V/OlUdAr1d0DUEhR5DBec
xtedzbs0/+RTNzPC1HiPYKNembAW1fCxJH41XvWztuJo
-----END CERTIFICATE-----
Generated at Mon Nov 25 12:01:08 2024 by rpki-client on console-ams.rpki-client.org