Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/PKq9dIOJkcNwHEbRslnZCUpSqtY.roa
File: PKq9dIOJkcNwHEbRslnZCUpSqtY.roa (raw, json)
Hash identifier: VyaqHMv2lbaLqLGU1waCoZmeNwplLCeJuwqqADK2jRk=
Subject key identifier: 3C:AA:BD:74:83:89:91:C3:70:1C:46:D1:B2:59:D9:09:4A:52:AA:D6
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 0191416FB1C933FF71EAF8D85C422B57AAB4
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/PKq9dIOJkcNwHEbRslnZCUpSqtY.roa
Signing time: Sun 11 Aug 2024 12:35:24 +0000
ROA not before: Sun 11 Aug 2024 12:35:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51431
IP address blocks: 5.160.47.0/24 maxlen: 24
5.160.197.0/24 maxlen: 24
77.237.66.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 18 Aug 2024 09:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:41:6f:b1:c9:33:ff:71:ea:f8:d8:5c:42:2b:57:aa:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Aug 11 12:35:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3caabd74838991c3701c46d1b259d9094a52aad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:96:79:13:35:5b:8c:ed:fa:ef:59:92:59:b7:
db:c5:7f:f3:1b:e1:7e:35:c6:e2:57:8f:3b:ad:22:
5e:fd:7a:cf:10:52:6e:ac:51:a7:0c:1d:62:e3:28:
28:b2:43:e0:b2:33:e8:18:ca:8b:89:4b:2c:de:0c:
27:11:d6:2d:41:e6:16:37:62:1b:20:38:0a:d0:3e:
55:be:d9:ad:fc:b7:1e:4d:47:46:ba:46:8b:65:0c:
1e:82:35:2a:c7:3c:b3:ed:ef:59:fd:f0:74:22:d1:
de:2e:1c:4f:15:54:a8:e4:b9:af:08:8e:8c:00:e1:
63:eb:4b:41:d8:18:62:f6:68:68:47:d6:ab:b0:80:
31:d3:ce:f8:29:8e:49:b7:98:af:85:06:e6:64:1b:
60:7b:d4:68:84:b6:74:6b:62:a1:41:8c:67:65:3b:
96:11:34:cb:58:28:a3:45:0d:74:6b:f0:f1:c0:fa:
4a:e5:14:35:06:80:6e:53:dc:a4:b3:60:64:b0:69:
d3:c2:65:8b:2f:39:34:33:88:41:00:39:bc:15:59:
d3:51:79:58:28:a5:04:88:53:a5:46:d2:c9:a5:fd:
8b:4f:2f:45:d6:79:c4:3b:5d:1e:ba:07:b7:4f:77:
41:0a:9d:54:3a:44:b8:69:76:35:c2:4b:43:af:87:
0b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:AA:BD:74:83:89:91:C3:70:1C:46:D1:B2:59:D9:09:4A:52:AA:D6
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/PKq9dIOJkcNwHEbRslnZCUpSqtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.47.0/24
5.160.197.0/24
77.237.66.0/23
Signature Algorithm: sha256WithRSAEncryption
69:12:14:85:08:a3:ed:4e:bb:94:db:b9:68:76:c2:fa:e7:a8:
f7:9d:64:86:bf:27:70:4d:ed:7c:bc:ad:fc:c1:20:ff:2b:bc:
d1:8a:84:16:97:17:70:01:c5:c6:76:22:30:de:62:8a:3e:dd:
b2:5b:ef:bb:3a:1e:b0:ce:7f:dd:05:63:3d:fe:df:56:8b:08:
8f:b4:93:37:8a:37:c1:6d:87:3d:b2:5b:e0:09:b0:eb:76:36:
3d:e5:9c:7d:18:bd:62:80:80:d3:2a:16:59:d4:5f:95:88:a5:
24:76:b3:f6:be:79:9e:21:e3:d4:37:97:7c:81:16:52:e0:eb:
5a:a0:7d:dd:54:e0:51:b5:c2:29:48:de:45:93:b2:07:be:5a:
b9:3c:a5:14:5a:ec:88:f6:6d:31:24:2f:33:1d:86:dd:68:7f:
51:91:bd:7e:5f:79:45:40:1e:3c:e0:b0:7a:33:1e:ae:fe:a9:
1c:a1:57:72:c4:37:e4:df:5f:bc:3b:cb:d0:be:c7:5a:5c:7b:
7b:52:2d:1f:0d:81:78:d3:26:ed:0c:10:d8:00:ca:61:1e:0a:
12:1e:41:cd:04:1c:37:7d:fb:5c:17:f9:ad:49:ff:08:bf:50:
79:18:3e:07:4d:2e:51:7a:69:9c:bc:81:bf:2b:08:98:a9:b4:
b9:51:15:79
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFBb7HJM/9x6vjYXEIrV6q0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwODExMTIzNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2FhYmQ3NDgzODk5MWMzNzAxYzQ2ZDFiMjU5ZDkwOTRhNTJhYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5Z5EzVbjO3671mSWbfbxX/zG+F+
NcbiV487rSJe/XrPEFJurFGnDB1i4ygoskPgsjPoGMqLiUss3gwnEdYtQeYWN2Ib
IDgK0D5Vvtmt/LceTUdGukaLZQwegjUqxzyz7e9Z/fB0ItHeLhxPFVSo5LmvCI6M
AOFj60tB2Bhi9mhoR9arsIAx0874KY5Jt5ivhQbmZBtge9RohLZ0a2KhQYxnZTuW
ETTLWCijRQ10a/DxwPpK5RQ1BoBuU9yks2BksGnTwmWLLzk0M4hBADm8FVnTUXlY
KKUEiFOlRtLJpf2LTy9F1nnEO10euge3T3dBCp1UOkS4aXY1wktDr4cLiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDyqvXSDiZHDcBxG0bJZ2QlKUqrWMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvUEtxOWRJT0prY053SEViUnNsblpDVXBTcXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABaAvAwQA
BaDFAwQBTe1CMA0GCSqGSIb3DQEBCwUAA4IBAQBpEhSFCKPtTruU27lodsL656j3
nWSGvydwTe18vK38wSD/K7zRioQWlxdwAcXGdiIw3mKKPt2yW++7Oh6wzn/dBWM9
/t9WiwiPtJM3ijfBbYc9slvgCbDrdjY95Zx9GL1igIDTKhZZ1F+ViKUkdrP2vnme
IePUN5d8gRZS4OtaoH3dVOBRtcIpSN5Fk7IHvlq5PKUUWuyI9m0xJC8zHYbdaH9R
kb1+X3lFQB484LB6Mx6u/qkcoVdyxDfk31+8O8vQvsdaXHt7Ui0fDYF40ybtDBDY
AMphHgoSHkHNBBw3fftcF/mtSf8Iv1B5GD4HTS5RemmcvIG/KwiYqbS5URV5
-----END CERTIFICATE-----
Generated at Sun Aug 18 12:32:00 2024 by rpki-client on console-ams.rpki-client.org