Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/bmHNqu63mfD7LNTRp66gV5278E0.roa
File: bmHNqu63mfD7LNTRp66gV5278E0.roa (raw, json)
Hash identifier: 0z56y+UOPSFTVBFdHFNfs6StBrfPpiPBtUxpv7Abhvc=
Subject key identifier: 6E:61:CD:AA:EE:B7:99:F0:FB:2C:D4:D1:A7:AE:A0:57:9D:BB:F0:4D
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 01856F42D47B0153968B6BF75A02CBDBCCC9
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/bmHNqu63mfD7LNTRp66gV5278E0.roa
Signing time: Sun 01 Jan 2023 21:35:28 +0000
ROA not before: Sun 01 Jan 2023 21:35:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44208
IP address blocks: 5.160.150.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d4:7b:01:53:96:8b:6b:f7:5a:02:cb:db:cc:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:35:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e61cdaaeeb799f0fb2cd4d1a7aea0579dbbf04d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b1:b5:e9:b1:e2:83:eb:49:6f:9b:93:4b:08:
5e:d3:23:d6:86:cd:ad:7b:ff:ce:20:0e:6b:45:95:
6e:46:db:57:79:2f:a6:ab:a3:70:76:f2:80:ef:20:
c7:04:63:ca:e7:b1:a3:7a:f5:e8:35:67:8d:d4:be:
bb:36:a0:51:a3:f0:74:24:df:ed:18:ab:2a:ae:47:
0a:e6:8c:a8:b5:98:e0:75:c5:24:f6:a7:69:72:69:
6b:f0:5c:3d:f4:c6:4b:29:6b:f6:84:c4:07:df:51:
67:64:5b:25:9d:c3:79:b1:95:af:f2:04:56:81:74:
b2:20:2e:b4:a0:8c:61:fb:76:03:6e:be:c9:6e:6e:
10:e1:aa:5c:70:f8:bc:ee:c0:f6:17:0e:de:8d:45:
03:ab:13:3c:6c:09:ab:d0:14:25:03:aa:21:c9:37:
ba:a7:54:03:67:61:26:ba:2e:cf:5c:bc:04:83:23:
9d:99:41:55:89:60:c9:4a:b9:8d:df:b3:ee:5c:ef:
d9:7b:6f:3e:10:c1:32:8a:8b:f3:a8:f5:c7:ac:8b:
78:3d:1d:ae:cc:11:9c:4b:0e:1a:81:02:af:4f:11:
64:84:1d:2e:d5:74:29:cc:d0:26:c8:60:62:30:54:
fa:05:74:b7:8e:9b:0b:ca:ce:2c:30:55:b0:ff:8d:
f3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:61:CD:AA:EE:B7:99:F0:FB:2C:D4:D1:A7:AE:A0:57:9D:BB:F0:4D
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/bmHNqu63mfD7LNTRp66gV5278E0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.150.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:9c:0a:97:f9:7e:f4:28:11:00:c1:e7:cf:a4:85:80:a3:39:
fb:e8:d3:99:7c:15:89:14:0b:92:85:11:15:b5:ab:fd:47:1a:
7e:65:00:e4:dd:d1:21:05:0d:d4:c7:c1:4e:41:37:60:22:3d:
fe:35:f3:56:90:ad:6d:e5:7a:29:21:e3:5e:c4:ad:ed:23:90:
aa:54:62:11:36:7c:da:e8:af:22:57:13:22:87:ec:72:69:35:
ee:ee:02:55:e2:4b:23:4a:27:2e:ed:0e:58:ec:cd:37:af:62:
3e:73:4e:74:23:40:94:3a:32:64:6e:f2:e4:65:01:54:0c:ad:
75:02:da:bd:b5:99:07:94:37:ec:89:36:37:02:57:57:cc:7b:
35:a6:5a:1a:34:a1:78:f5:cc:52:66:5e:90:05:e9:6d:70:16:
3a:ba:64:43:47:84:79:39:c3:01:a4:8f:ff:94:1c:2b:d7:ab:
ea:a3:c8:1a:65:a2:53:4d:b3:d5:5e:2a:d5:cc:b2:b6:0f:a3:
7f:dc:31:0d:d3:e1:f8:0b:ba:d0:37:88:dd:30:a6:92:59:e8:
ab:fc:ba:48:f4:ef:2c:01:f7:62:e9:f3:8a:2f:ec:87:66:32:
c8:82:2d:93:cf:d1:7c:eb:be:3c:d0:08:5f:05:bb:dc:ef:19:
54:de:e3:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQtR7AVOWi2v3WgLL28zJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTYxY2RhYWVlYjc5OWYwZmIyY2Q0ZDFhN2FlYTA1NzlkYmJmMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7G16bHig+tJb5uTSwhe0yPWhs2t
e//OIA5rRZVuRttXeS+mq6NwdvKA7yDHBGPK57GjevXoNWeN1L67NqBRo/B0JN/t
GKsqrkcK5oyotZjgdcUk9qdpcmlr8Fw99MZLKWv2hMQH31FnZFslncN5sZWv8gRW
gXSyIC60oIxh+3YDbr7Jbm4Q4apccPi87sD2Fw7ejUUDqxM8bAmr0BQlA6ohyTe6
p1QDZ2Emui7PXLwEgyOdmUFViWDJSrmN37PuXO/Ze28+EMEyiovzqPXHrIt4PR2u
zBGcSw4agQKvTxFkhB0u1XQpzNAmyGBiMFT6BXS3jpsLys4sMFWw/43zlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5hzarut5nw+yzU0aeuoFedu/BNMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvYm1ITnF1NjNtZkQ3TE5UUnA2NmdWNTI3OEUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBaCWMA0G
CSqGSIb3DQEBCwUAA4IBAQBrnAqX+X70KBEAwefPpIWAozn76NOZfBWJFAuShREV
tav9Rxp+ZQDk3dEhBQ3Ux8FOQTdgIj3+NfNWkK1t5XopIeNexK3tI5CqVGIRNnza
6K8iVxMih+xyaTXu7gJV4ksjSicu7Q5Y7M03r2I+c050I0CUOjJkbvLkZQFUDK11
Atq9tZkHlDfsiTY3AldXzHs1ploaNKF49cxSZl6QBeltcBY6umRDR4R5OcMBpI//
lBwr16vqo8gaZaJTTbPVXirVzLK2D6N/3DEN0+H4C7rQN4jdMKaSWeir/LpI9O8s
Afdi6fOKL+yHZjLIgi2Tz9F867480AhfBbvc7xlU3uNP
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:51 2024 by rpki-client on console-ams.rpki-client.org