Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/cEc83VDGOCqOIwS1apm8XIYUsko.roa
File: cEc83VDGOCqOIwS1apm8XIYUsko.roa (raw, json)
Hash identifier: l0QtFiATISgDcAexHem5CvVDzgjYVHxwmb5W/EBcSUY=
Subject key identifier: 70:47:3C:DD:50:C6:38:2A:8E:23:04:B5:6A:99:BC:5C:86:14:B2:4A
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 01856F42E5837C651DB6B352B487E49E49E3
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/cEc83VDGOCqOIwS1apm8XIYUsko.roa
Signing time: Sun 01 Jan 2023 21:35:32 +0000
ROA not before: Sun 01 Jan 2023 21:35:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60811
IP address blocks: 5.160.192.0/24 maxlen: 24
5.160.192.0/23 maxlen: 23
5.160.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:e5:83:7c:65:1d:b6:b3:52:b4:87:e4:9e:49:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:35:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70473cdd50c6382a8e2304b56a99bc5c8614b24a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:12:4e:70:76:37:1b:90:45:e5:21:ee:77:59:
44:df:ea:81:5f:3f:0e:f8:8b:11:bc:d9:ac:5f:fd:
a1:8e:0c:8e:69:3b:62:6a:0d:55:76:4f:06:ad:87:
b4:70:41:6e:b8:83:8c:a5:4b:6b:45:bb:97:72:a0:
d3:dd:e8:6a:bd:55:57:9d:fc:5b:84:05:1a:1c:63:
62:b4:d6:6b:55:2b:a6:b7:bb:c2:3a:a0:57:52:33:
18:4e:d4:99:88:47:3e:2f:a7:94:90:95:18:a2:44:
18:db:60:fb:d3:85:74:82:1f:c7:7a:cf:0a:76:11:
1a:1b:ed:22:5f:37:90:8b:99:29:09:76:ae:de:ac:
c4:5d:3e:0a:f9:c7:87:04:01:ae:5f:11:36:71:05:
e1:76:48:31:29:cc:1d:1f:e6:bd:3f:be:b4:0c:48:
18:9f:76:92:9c:12:d3:57:4a:fd:b7:92:93:9a:40:
06:d4:72:19:a1:29:f9:f6:64:7b:93:36:68:66:25:
52:b7:5f:0a:c1:fa:08:12:c8:07:9d:fa:a9:89:61:
ab:b3:18:36:25:af:14:7f:dc:66:ef:2b:ed:b8:a8:
d9:0d:18:f5:b0:ad:14:d0:c9:3b:12:df:85:6e:9f:
1f:6b:13:03:36:15:44:92:58:51:41:0a:b7:37:f3:
1e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:47:3C:DD:50:C6:38:2A:8E:23:04:B5:6A:99:BC:5C:86:14:B2:4A
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/cEc83VDGOCqOIwS1apm8XIYUsko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.192.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:8e:47:e5:28:32:55:58:5c:76:7c:f9:d4:b6:c6:2b:ac:ce:
ab:c9:0e:db:5b:44:08:28:56:76:5a:1c:0b:a4:61:6c:4a:27:
70:56:cc:31:34:1e:5d:81:96:58:47:55:dd:53:db:ea:d3:42:
b8:39:b9:56:06:d0:34:4e:a5:27:ac:db:c1:45:a7:52:a2:f2:
56:bd:ba:33:4d:35:60:dd:43:ed:86:f8:a3:21:cc:cc:6f:26:
49:85:f4:cd:7c:e4:9f:28:bb:fe:1e:7d:1e:5c:1e:41:3a:2d:
e8:a7:c0:60:46:ed:59:ce:03:e3:28:8a:96:cb:46:6b:b4:9d:
68:df:38:06:11:ba:d9:87:6d:79:0a:1d:56:f6:6f:39:c7:db:
c8:0a:27:12:6f:52:36:b3:7d:01:ad:0b:35:a4:f8:37:64:fe:
f6:4e:e1:e8:b0:a9:e8:b1:a6:d2:73:63:ae:25:44:b2:44:89:
3f:47:3e:b2:19:bc:e6:56:a0:bd:ec:53:53:7c:2c:57:c2:e3:
37:c0:35:e0:e8:6d:41:dc:ba:91:3c:39:ae:db:47:09:76:13:
6c:7f:17:a9:1d:99:52:c6:33:0e:68:bb:33:c3:a7:12:2f:2a:
90:cb:08:a0:73:db:10:38:02:44:6e:94:3c:37:e8:1d:c7:a2:
5a:30:9a:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQuWDfGUdtrNStIfknknjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDQ3M2NkZDUwYzYzODJhOGUyMzA0YjU2YTk5YmM1Yzg2MTRiMjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxJOcHY3G5BF5SHud1lE3+qBXz8O
+IsRvNmsX/2hjgyOaTtiag1Vdk8GrYe0cEFuuIOMpUtrRbuXcqDT3ehqvVVXnfxb
hAUaHGNitNZrVSumt7vCOqBXUjMYTtSZiEc+L6eUkJUYokQY22D704V0gh/Hes8K
dhEaG+0iXzeQi5kpCXau3qzEXT4K+ceHBAGuXxE2cQXhdkgxKcwdH+a9P760DEgY
n3aSnBLTV0r9t5KTmkAG1HIZoSn59mR7kzZoZiVSt18KwfoIEsgHnfqpiWGrsxg2
Ja8Uf9xm7yvtuKjZDRj1sK0U0Mk7Et+Fbp8faxMDNhVEklhRQQq3N/MedwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHBHPN1QxjgqjiMEtWqZvFyGFLJKMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvY0VjODNWREdPQ3FPSXdTMWFwbThYSVlVc2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBaDAMA0G
CSqGSIb3DQEBCwUAA4IBAQA9jkflKDJVWFx2fPnUtsYrrM6ryQ7bW0QIKFZ2WhwL
pGFsSidwVswxNB5dgZZYR1XdU9vq00K4OblWBtA0TqUnrNvBRadSovJWvbozTTVg
3UPthvijIczMbyZJhfTNfOSfKLv+Hn0eXB5BOi3op8BgRu1ZzgPjKIqWy0ZrtJ1o
3zgGEbrZh215Ch1W9m85x9vICicSb1I2s30BrQs1pPg3ZP72TuHosKnosabSc2Ou
JUSyRIk/Rz6yGbzmVqC97FNTfCxXwuM3wDXg6G1B3LqRPDmu20cJdhNsfxepHZlS
xjMOaLszw6cSLyqQywigc9sQOAJEbpQ8N+gdx6JaMJqf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:21 2024 by rpki-client on console-ams.rpki-client.org